Received: by 10.213.65.68 with SMTP id h4csp3821439imn;
        Tue, 10 Apr 2018 05:19:58 -0700 (PDT)
X-Google-Smtp-Source: AIpwx49lrHdbItQYAbT7BqCen8xona/4nJHTfs18W54TwMhAN50TD18LNVpxnLUznhrOwygXop5q
X-Received: by 10.101.97.130 with SMTP id c2mr115232pgv.219.1523362798573;
        Tue, 10 Apr 2018 05:19:58 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1523362798; cv=none;
        d=google.com; s=arc-20160816;
        b=ngmAZjB8vKAn5PlRQjBjaHUGOJU9GgrH7KWoAM+XWTA+Lp2bvymwo1pRrHjcQgmFHZ
         H2LkoAxvMgP5RooBl/RFROWswek7/KqDs1Wo7X6s2onRGoA6qTuD+bSKXxiSJCZvb9a5
         QNxHTFJrtv6hCIS3J1j38BVIyqxk3hxUlBTSq6YDLSzdlCwYUsm1UyA0EpWHqtJdMQuz
         LENVQwLAWWZ6kAKyu1DNJeNfKrWJCp04CfY3IuSjLi+A2B+WKWjq43s49JH6s6nkWScI
         11JwRjMqAgCqsCbxuyaVj/8dCRgmanzJZT785PWeRZ8woG3CVCIklN7Ayw32EDplSDwV
         zQ8g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature
         :arc-authentication-results;
        bh=mPsgwAnXBQL0obWEbSI5RCkiRyaZp7wCuh9nhyVT3Ec=;
        b=Q+MI96BxakXnHvEHPv4MmhxrLIuYe+hy/aLOj/nGeAOK32hcCV+vDxr4Lzf7stLcrb
         pApkuaqDf9I/xX58ZzfGiWSA3uq05fswg9464m132KWo7m9aDdRsr0dPq9DNh0Hhc5bQ
         2IafFvoyaZDTyw2Bv4n+IOx6YSAWOS84mqErxK+kryq69seoKOhAbys9PrmkjWDFqLUu
         hQ8F4mkZ35rlxB0GE58yF1nS/58J3eHEZhcF0sgBCHHuar9H2wFp8bTqcYB0GvCxDedc
         B5GBxt+YDOOGXd2U/9RmOHxQKSNIY0gBQjgGMN8FXS/eMfV3PlBD4rVH2kjOkX6U4K3M
         amAg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=DbwkrnFF;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 9-v6si2607956plf.283.2018.04.10.05.19.21;
        Tue, 10 Apr 2018 05:19:58 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=DbwkrnFF;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752763AbeDJMQT (ORCPT <rfc822;0330sisy@gmail.com> + 99 others);
        Tue, 10 Apr 2018 08:16:19 -0400
Received: from smtp-fw-6002.amazon.com ([52.95.49.90]:52096 "EHLO
        smtp-fw-6002.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752408AbeDJMQS (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 10 Apr 2018 08:16:18 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209;
  t=1523362577; x=1554898577;
  h=from:to:cc:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=mPsgwAnXBQL0obWEbSI5RCkiRyaZp7wCuh9nhyVT3Ec=;
  b=DbwkrnFFKVKd91M4Ya2iuSaiNQ4DNuPfa869fi/qjpFrR3EC6nroOlgF
   ylvtCFpr31CAABIzC01uuIOKkDuj86tZQKxieISoMe9DKcO3mLa19R6Xo
   irpMvnphMPaYNwnRNR4SX7X+CeRw2KGMryF5lxQnLvrClfH4WGRQvAJRX
   c=;
X-IronPort-AV: E=Sophos;i="5.48,431,1517875200"; 
   d="scan'208";a="339309309"
Received: from iad6-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-2a-69849ee2.us-west-2.amazon.com) ([10.124.125.6])
  by smtp-border-fw-out-6002.iad6.amazon.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 10 Apr 2018 12:16:07 +0000
Received: from u54e1ad5160425a4b64ea.ant.amazon.com (pdx2-ws-svc-lb17-vlan3.amazon.com [10.247.140.70])
        by email-inbound-relay-2a-69849ee2.us-west-2.amazon.com (8.14.7/8.14.7) with ESMTP id w3ACFxAx028254
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
        Tue, 10 Apr 2018 12:16:01 GMT
Received: from u54e1ad5160425a4b64ea.ant.amazon.com (localhost [127.0.0.1])
        by u54e1ad5160425a4b64ea.ant.amazon.com (8.15.2/8.15.2/Debian-3) with ESMTP id w3ACFwFH024772;
        Tue, 10 Apr 2018 14:15:58 +0200
Received: (from karahmed@localhost)
        by u54e1ad5160425a4b64ea.ant.amazon.com (8.15.2/8.15.2/Submit) id w3ACFvU1024769;
        Tue, 10 Apr 2018 14:15:57 +0200
From:   KarimAllah Ahmed <karahmed@amazon.de>
To:     kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc:     KarimAllah Ahmed <karahmed@amazon.de>,
        Paolo Bonzini <pbonzini@redhat.com>,
        =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>,
        "H . Peter Anvin" <hpa@zytor.com>, x86@kernel.org
Subject: [PATCH v3] X86/VMX: Disable VMX preemption timer if MWAIT is not intercepted
Date:   Tue, 10 Apr 2018 14:15:46 +0200
Message-Id: <1523362546-20909-1-git-send-email-karahmed@amazon.de>
X-Mailer: git-send-email 2.7.4
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

The VMX-preemption timer is used by KVM as a way to set deadlines for the
guest (i.e. timer emulation). That was safe till very recently when
capability KVM_X86_DISABLE_EXITS_MWAIT to disable intercepting MWAIT was
introduced. According to Intel SDM 25.5.1:

"""
The VMX-preemption timer operates in the C-states C0, C1, and C2; it also
operates in the shutdown and wait-for-SIPI states. If the timer counts down
to zero in any state other than the wait-for SIPI state, the logical
processor transitions to the C0 C-state and causes a VM exit; the timer
does not cause a VM exit if it counts down to zero in the wait-for-SIPI
state. The timer is not decremented in C-states deeper than C2.
"""

Now once the guest issues the MWAIT with a c-state deeper than
C2 the preemption timer will never wake it up again since it stopped
ticking! Usually this is compensated by other activities in the system that
would wake the core from the deep C-state (and cause a VMExit). For
example, if the host itself is ticking or it received interrupts, etc!

So disable the VMX-preemption timer if MWAIT is exposed to the guest!

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: x86@kernel.org
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: KarimAllah Ahmed <karahmed@amazon.de>
---
v2 -> v3:
- return -EOPNOTSUPP before any other operation in vmx_set_hv_timer

v1 -> v2:
- Drop everything .. just return -EOPNOTSUPP (pbonzini@) :D
---
 arch/x86/kvm/vmx.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index d2e54e7..31a4204 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -11903,10 +11903,16 @@ static inline int u64_shl_div_u64(u64 a, unsigned int shift,
 
 static int vmx_set_hv_timer(struct kvm_vcpu *vcpu, u64 guest_deadline_tsc)
 {
-	struct vcpu_vmx *vmx = to_vmx(vcpu);
-	u64 tscl = rdtsc();
-	u64 guest_tscl = kvm_read_l1_tsc(vcpu, tscl);
-	u64 delta_tsc = max(guest_deadline_tsc, guest_tscl) - guest_tscl;
+	struct vcpu_vmx *vmx;
+	u64 tscl, guest_tscl, delta_tsc;
+
+	if (kvm_pause_in_guest(vcpu->kvm))
+		return -EOPNOTSUPP;
+
+	vmx = to_vmx(vcpu);
+	tscl = rdtsc();
+	guest_tscl = kvm_read_l1_tsc(vcpu, tscl);
+	delta_tsc = max(guest_deadline_tsc, guest_tscl) - guest_tscl;
 
 	/* Convert to host delta tsc if tsc scaling is enabled */
 	if (vcpu->arch.tsc_scaling_ratio != kvm_default_tsc_scaling_ratio &&
-- 
2.7.4