Received: by 10.213.65.68 with SMTP id h4csp3693135imn;
        Tue, 10 Apr 2018 03:13:18 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4+vmC+KhB4AmfL3h+KiAGRLVDZJ59ceV+msl14uEFr6cUKYXK80eQiqoK5MrUluAMEBmmaO
X-Received: by 10.101.98.153 with SMTP id f25mr27263719pgv.6.1523355198506;
        Tue, 10 Apr 2018 03:13:18 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1523355198; cv=none;
        d=google.com; s=arc-20160816;
        b=uJ46EgNBcXFmD44kcUK59cfCl/BGTkRHD1g2rXCc5W/jv7kqdbFahq6ps1g0viIORa
         +KFmnGCl4ox11JITcJD97NyTHntP17lRtGcWoIAf2HBDEYxUKgkGPQDqB2LyoN9sKCio
         EQAqUUVz6tRvkNBgk+6/FPDfq9gKi6QQga3oCi9CC2fYg2E6T2ynqbAUBPHxW6QfYayd
         dgOcVbyeqjfBGxu0pNEoed45jQEFxzKpVRCxjqCg8hTRujojx5nVxGMmiu+a1jyla3bA
         UkgM7ZyyqjgP+sW8lG88mlX01LuXg33WuPPl4pdnMHrAdZhNyDBLwEt0mkun4oUR55oU
         SC0Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature
         :arc-authentication-results;
        bh=0qpPZbnHM2d/U68Er+gQQw5n72SGEzW1lMN/NcYyFUo=;
        b=k07oPOUDBbee/RsgH5rPh1bXD91ZbXI2pflOSlV+2lOMCMPcb7gdCuwOGbFixlg1zQ
         FEs0KvEWShBMuainTBSLmVW91x+D5pHC42w8Wur19khMexZXm29O9rechur011H37XLk
         w9uKXqrRFP9vc80tWYkB6LVcKxjxE0mjq+AmhOW1FM6qrJZ09UyGcngo3sp0wYyzC+jH
         hJ+vN3SHhoMFaBh69uUSl2Dh0uyqkdjXnoIttuWVddtzoqMvtJiNg76A4dUj2WbTmA9f
         XxAEijrZZccQyY9uKL3kMunHqeDrxnDpZf0/39wJm5UJJkPG1OldY1IJuIWCJsiPPkLj
         m2ag==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=lGtew+ai;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id l91-v6si2347222plb.301.2018.04.10.03.12.41;
        Tue, 10 Apr 2018 03:13:18 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=lGtew+ai;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752391AbeDJKJH (ORCPT <rfc822;0330sisy@gmail.com> + 99 others);
        Tue, 10 Apr 2018 06:09:07 -0400
Received: from smtp-fw-9102.amazon.com ([207.171.184.29]:48742 "EHLO
        smtp-fw-9102.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751862AbeDJKJF (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 10 Apr 2018 06:09:05 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209;
  t=1523354945; x=1554890945;
  h=from:to:cc:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=0qpPZbnHM2d/U68Er+gQQw5n72SGEzW1lMN/NcYyFUo=;
  b=lGtew+aiSOepJt/LDfkpUha6X6ghFYkGVQbLvc5sDjM6s66Ut+L0bfPl
   ocj921MJqX/zny3M54Bq3ziznNgvyLOQB7BCMOouUw2wvtC4tNPFn4XYT
   GV1ElN2PUYVBefq3rwVCyWavTyOUC4hrf1r5U7jKd0oRk63lJNoRk1LIH
   Q=;
X-IronPort-AV: E=Sophos;i="5.48,431,1517875200"; 
   d="scan'208";a="606137449"
Received: from sea3-co-svc-lb6-vlan3.sea.amazon.com (HELO email-inbound-relay-1e-a70de69e.us-east-1.amazon.com) ([10.47.22.38])
  by smtp-border-fw-out-9102.sea19.amazon.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 10 Apr 2018 10:09:02 +0000
Received: from u54e1ad5160425a4b64ea.ant.amazon.com (iad1-ws-svc-lb91-vlan2.amazon.com [10.0.103.146])
        by email-inbound-relay-1e-a70de69e.us-east-1.amazon.com (8.14.7/8.14.7) with ESMTP id w3AA8tTd066960
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
        Tue, 10 Apr 2018 10:08:58 GMT
Received: from u54e1ad5160425a4b64ea.ant.amazon.com (localhost [127.0.0.1])
        by u54e1ad5160425a4b64ea.ant.amazon.com (8.15.2/8.15.2/Debian-3) with ESMTP id w3AA8stW018020;
        Tue, 10 Apr 2018 12:08:54 +0200
Received: (from karahmed@localhost)
        by u54e1ad5160425a4b64ea.ant.amazon.com (8.15.2/8.15.2/Submit) id w3AA8r03018015;
        Tue, 10 Apr 2018 12:08:53 +0200
From:   KarimAllah Ahmed <karahmed@amazon.de>
To:     kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc:     KarimAllah Ahmed <karahmed@amazon.de>,
        Paolo Bonzini <pbonzini@redhat.com>,
        =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>,
        "H . Peter Anvin" <hpa@zytor.com>, x86@kernel.org
Subject: [PATCH v2] X86/VMX: Disable VMX preemption timer if MWAIT is not intercepted
Date:   Tue, 10 Apr 2018 12:08:42 +0200
Message-Id: <1523354922-17955-1-git-send-email-karahmed@amazon.de>
X-Mailer: git-send-email 2.7.4
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

The VMX-preemption timer is used by KVM as a way to set deadlines for the
guest (i.e. timer emulation). That was safe till very recently when
capability KVM_X86_DISABLE_EXITS_MWAIT to disable intercepting MWAIT was
introduced. According to Intel SDM 25.5.1:

"""
The VMX-preemption timer operates in the C-states C0, C1, and C2; it also
operates in the shutdown and wait-for-SIPI states. If the timer counts down
to zero in any state other than the wait-for SIPI state, the logical
processor transitions to the C0 C-state and causes a VM exit; the timer
does not cause a VM exit if it counts down to zero in the wait-for-SIPI
state. The timer is not decremented in C-states deeper than C2.
"""

Now once the guest issues the MWAIT with a c-state deeper than
C2 the preemption timer will never wake it up again since it stopped
ticking! Usually this is compensated by other activities in the system that
would wake the core from the deep C-state (and cause a VMExit). For
example, if the host itself is ticking or it received interrupts, etc!

So disable the VMX-preemption timer is MWAIT is exposed to the guest!

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: x86@kernel.org
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: KarimAllah Ahmed <karahmed@amazon.de>
---
v1 -> v2:
- Drop everything .. just return -EOPNOTSUPP (pbonzini@) :D
---
 arch/x86/kvm/vmx.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index d2e54e7..d99008b 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -11908,6 +11908,9 @@ static int vmx_set_hv_timer(struct kvm_vcpu *vcpu, u64 guest_deadline_tsc)
 	u64 guest_tscl = kvm_read_l1_tsc(vcpu, tscl);
 	u64 delta_tsc = max(guest_deadline_tsc, guest_tscl) - guest_tscl;
 
+	if (kvm_pause_in_guest(vcpu->kvm))
+		return -EOPNOTSUPP;
+
 	/* Convert to host delta tsc if tsc scaling is enabled */
 	if (vcpu->arch.tsc_scaling_ratio != kvm_default_tsc_scaling_ratio &&
 			u64_shl_div_u64(delta_tsc,
-- 
2.7.4