Received: by 10.223.176.5 with SMTP id f5csp1587046wra;
        Wed, 7 Feb 2018 23:36:44 -0800 (PST)
X-Google-Smtp-Source: AH8x227FagGa5PHxSw2ydu77tdJbDVmLxe+BPIv75YAKNAFe7n0d7BTPZWM4o0y6Kohx3zMwhbPj
X-Received: by 10.101.88.141 with SMTP id d13mr7044438pgu.438.1518075404558;
        Wed, 07 Feb 2018 23:36:44 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1518075404; cv=none;
        d=google.com; s=arc-20160816;
        b=EYxKHPbfJ3aJFSYZ5IGvpz2+vPpnG1E/eA7HxnLoq/3tLZTXJxL1hRPX7+fSUvUfEd
         P8l2RFYoqEP2ubSf/08oOh31gnsWk8CdMp4Y16TEQkkE7AEBSR1t5vU+7eASsB2XLx8q
         EyLWoK/InXDpwT3DFhuC+Py1IZYXcJEW612PGKiQAlDq97dCmbNbtowcS2YW7mgeoAhE
         UX+IvyvUjS4wUdGwr0ZCa9n5zHdcYBWd9I2iajuVKwaqyO3wfnRyXJgOmD48+ECbQoDJ
         AKRScXVCiNWkyFh1tBfY8gDcfHK2GOJM7p7hNr5RU6MyJfm0x6m4kuvtouqRHdKyzq85
         KRtg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=ild9bsKILwRTHWrCdeDX275FneDRVs3+F+Mj6c9Roqc=;
        b=uUlCpJiyhanHGS6JJmAzSWF+gl2YPocXud1CeyOvbwGmkiiSEFG1fM9PpswURL+7VD
         B3XxSzg8kiKhVlASdZ7ZxJryah9rnMD5L3Uht2+zE1L9ICK370e0FX9F+Ab3iTsQCoGc
         5W2ntPoLQ+bydrxIrcGmGNkBkfp5NACEGohWDnrXTt47mwxBnjoqL1iV25P7SEaA0Kh6
         toI3apYqU5YD8nb3T+bPyAWvh9SVvDaw4xRL4qbj1ZKamF4psfHzWaTfzTb0lMkgYIpZ
         JNwD6EcfhT4gwKpz5yHJ5GyeCvYKHumtqiQrMdhnLclEATCTov7F9WzjUpxf/Bsr1g+x
         t5SA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=M1yCcKaT;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m7si874746pgs.489.2018.02.07.23.36.30;
        Wed, 07 Feb 2018 23:36:44 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=M1yCcKaT;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751075AbeBHHfe (ORCPT <rfc822;luizmacielfranco@gmail.com>
        + 99 others); Thu, 8 Feb 2018 02:35:34 -0500
Received: from mail-ot0-f179.google.com ([74.125.82.179]:39752 "EHLO
        mail-ot0-f179.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750793AbeBHHfd (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 8 Feb 2018 02:35:33 -0500
Received: by mail-ot0-f179.google.com with SMTP id f18so3387479otf.6;
        Wed, 07 Feb 2018 23:35:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=ild9bsKILwRTHWrCdeDX275FneDRVs3+F+Mj6c9Roqc=;
        b=M1yCcKaTiDmgHNvVxwPIjRkHdfx56AdeWh/cL/Ud2hShCuDtRIto24d7oXJoxHNkK2
         mgvWfSH6LWD4Py7lVF4uMoxCcMZx/tb3PFYC4NLm285GAyQb0tGpEms5Q7VpHRLNQi7y
         aEWWteX15M7a8AXYJQhKpEzOVKGNNFCi+IUJYa2mSUKGD0b+2ctBj9NAqWHIvCZyb0Fv
         u86m5gNsQmIE6w42FC//H0fiYJwp/DVSM1E1tYqjMY/9fmI7wBBpqpXybnvK34vystvl
         yEkzOkhUVlrriD80PzPEoXOTTtw18yxmR7F7aj5et7jT1TPrEsD2X93+JTZrnKZU2k8Z
         2HxQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=ild9bsKILwRTHWrCdeDX275FneDRVs3+F+Mj6c9Roqc=;
        b=ES0JxZCqt1DnMKl6BwvCwbbrfWPXqlPj0D2PRCzMKvFZz09F46MAeTjezghjrR5f4r
         kiJKW4kNqdMAqpznp0UBlUe3xK8roCOGrPOwUIUNXIsjn6hAf6kC3t8pEtMFN80PFIGw
         aDTtwmwo6161YGrwKTAYZa5zyX9RLfk0Fz47Vc42SLKk7kH+7j2IZYF0ziBAbpyaLC2a
         IxBVo3aEPLHAvsN7reWuEHIsnNgNoyFcLI6TpN1cT9eR/XOnTyqz+n3VtNYJPOuZ/XzT
         eeH8Vom/5tREpDEYw48NfUieLdBkrCyP2W1cUQ0CJ3adsMOKbGqZQ2Z3PBbxKWJqLDly
         qa3A==
X-Gm-Message-State: APf1xPD+8Rfx0yZyQPLGu1jJZfQC13VVF3kau4lPJ0kmtOkVscb8xL3i
        pQs+K5DPcdzv1cWHbDn9MVlkV2u05g3rV+R3Nhs=
X-Received: by 10.157.31.34 with SMTP id x31mr6708030otd.125.1518075332762;
 Wed, 07 Feb 2018 23:35:32 -0800 (PST)
MIME-Version: 1.0
Received: by 10.74.10.129 with HTTP; Wed, 7 Feb 2018 23:35:32 -0800 (PST)
In-Reply-To: <233cfca3-971e-c3c2-f0fe-b50dd69d2546@redhat.com>
References: <1517984706-47244-1-git-send-email-wanpengli@tencent.com> <233cfca3-971e-c3c2-f0fe-b50dd69d2546@redhat.com>
From:   Wanpeng Li <kernellwp@gmail.com>
Date:   Thu, 8 Feb 2018 15:35:32 +0800
Message-ID: <CANRm+Czz5_Tuys1J7c_Mq5Spb+1Y0vbzaXuZ3suijzmxDR-tUg@mail.gmail.com>
Subject: Re: [PATCH] KVM: X86: Fix SMRAM accessing even if VM is shutdown
To:     Paolo Bonzini <pbonzini@redhat.com>
Cc:     LKML <linux-kernel@vger.kernel.org>, kvm <kvm@vger.kernel.org>,
        =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Dmitry Vyukov <dvyukov@google.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

2018-02-07 22:16 GMT+08:00 Paolo Bonzini <pbonzini@redhat.com>:
> On 07/02/2018 07:25, Wanpeng Li wrote:
>> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
>> index 786cd00..445e702 100644
>> --- a/arch/x86/kvm/x86.c
>> +++ b/arch/x86/kvm/x86.c
>> @@ -7458,6 +7458,11 @@ int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
>>               goto out;
>>       }
>>
>> +     if (unlikely(vcpu->run->exit_reason == KVM_EXIT_SHUTDOWN)) {
>> +             r = -EINVAL;
>> +             goto out;
>> +     }
>> +
>>       if (vcpu->run->kvm_dirty_regs) {
>>               r = sync_regs(vcpu);
>>               if (r != 0)
>>
>
> This most likely breaks triple faults in the usual case where they
> should result in resetting the system; the KVM API doesn't say that you
> should clear vcpu->run->exit_reason before entering.
>
> What exactly causes the EPT misconfig to reach the WARN?  That is, how
> does kvm_mmu_page_fault end up returning a negative errno value?  If I
> read the code correctly only tdp_page_fault can do so, so my guess would
> be kvm_handle_bad_page:
>
>         if (pfn == KVM_PFN_ERR_RO_FAULT)
>                 return RET_PF_EMULATE;
>
>         if (pfn == KVM_PFN_ERR_HWPOISON) {
>                 kvm_send_hwpoison_signal(kvm_vcpu_gfn_to_hva(vcpu, gfn),
> current);
>                 return RET_PF_RETRY;
>         }
>
>         /* KVM_PFN_ERR_FAULT */
>         return -EFAULT;
>
> Maybe it should return RET_PF_EMULATE, which would cause an emulation
> failure and then an exit with KVM_EXIT_INTERNAL_ERROR.

Agreed, just do it in v2. In addition, I didn't remove the
RET_PFN_ERR_PO_FAULT check since I think otherwise we will miss the
comments above it.

Regards,
Wanpeng Li