Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp1100820ybe; Fri, 6 Sep 2019 11:52:15 -0700 (PDT) X-Google-Smtp-Source: APXvYqxlo8kZ4dUm+NMLz7af0JFUe26n5/6eZmD44obx4ZoSB5XQ2nX6VX1zAuc8MmOfegeXJbRd X-Received: by 2002:a62:55c1:: with SMTP id j184mr12541867pfb.104.1567795935753; Fri, 06 Sep 2019 11:52:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1567795935; cv=none; d=google.com; s=arc-20160816; b=FtkFclEOE2lvU3btpjjHWgIk8UWUh/cb78RjY2T0Gro/gOgYLPKE4Pv83Yl8CHYQGM OXk/iMv3NDeXm2lNiRTHkPeL9V7/8L6xRLMw2R+fiA3D94lEQXRF1/BkJAbx9vA21yrR OoqSBPAa45UgAeWweSuZZ7lVQ8ToyDH/KlKT0LIjpFXx5B7GZkFf8VSkqBQtLTngR8b+ eEVtkMHTTtnb4DMhJT8V+h0nBsoLI7bQtL+sa70cWlYF+px/C/OT5UkQpp82VNZIcy+r kV7zV8vKlyV9Zb2+DX+m0Jxl5MGpZedTgOebkavbU9dXUsQZrpA4+kdxSs6uzAkbqS7r swyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=YZW2XfH6YrtJPb9C8ojsj6hi8H7hSguvocnteDOvX7k=; b=F++DkQAH9q0LVEVtimMKwYfNOMJ5ky5nvnU6sdmkqg8KJCATwJ5cFmUaJL0SPconY7 sumPC52LVu47if9cgva2Weyz7bcr2H/R8Z9wpyhc1wBEQDFHtCuPP+VCp/1MzL/xJynb xoAUSU0e0FmW3Mg74olqMbrLdWYAeGzJUI14aC6sTYkPOa3uzPkJDV8UBxOMZGcbiIcV LrWk39DE8mpNupjrczUe1Mzcuc0g6CYqH5VQc31j39az+KfTY8tnBmy+Eb5lTvGF2Ahg wwkVQjQY8Uu1w99tPb8SE+tHj6YXPpUE1z4yKUpRct+g4hte4CnieGVIjs+NvBY5zG/T mxog== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f26si5103552pga.117.2019.09.06.11.52.00; Fri, 06 Sep 2019 11:52:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2393386AbfIFNom (ORCPT + 99 others); Fri, 6 Sep 2019 09:44:42 -0400 Received: from foss.arm.com ([217.140.110.172]:56358 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2393347AbfIFNom (ORCPT ); Fri, 6 Sep 2019 09:44:42 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C0D5028; Fri, 6 Sep 2019 06:44:41 -0700 (PDT) Received: from localhost (e113682-lin.copenhagen.arm.com [10.32.144.41]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 54DB43F718; Fri, 6 Sep 2019 06:44:41 -0700 (PDT) Date: Fri, 6 Sep 2019 15:44:40 +0200 From: Christoffer Dall To: Peter Maydell Cc: Alexander Graf , Daniel =?utf-8?B?UC4gQmVycmFuZ8Op?= , Marc Zyngier , lkml - Kernel Mailing List , Stefan Hajnoczi , Heinrich Schuchardt , kvmarm@lists.cs.columbia.edu, arm-mail-list Subject: Re: [PATCH 1/1] KVM: inject data abort if instruction cannot be decoded Message-ID: <20190906134440.GH4320@e113682-lin.lund.arm.com> References: <86r24vrwyh.wl-maz@kernel.org> <86mufjrup7.wl-maz@kernel.org> <20190905092223.GC4320@e113682-lin.lund.arm.com> <4b6662bd-56e4-3c10-3b65-7c90828a22f9@kernel.org> <20190906080033.GF4320@e113682-lin.lund.arm.com> <20190906131252.GG4320@e113682-lin.lund.arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Sep 06, 2019 at 02:31:42PM +0100, Peter Maydell wrote: > On Fri, 6 Sep 2019 at 14:13, Christoffer Dall wrote: > > I'd prefer leaving it to userspace to worry about, but I thought Peter > > said that had been problematic historically, which I took at face value, > > but I could have misunderstood. > > > > If QEMU, kvmtool, and whatever the crazy^H cool kids are using in > > userspace these days are happy emulating the exception, then that's a > > viable approach. The main concern I have with that is whether they'll > > all get it right, and since we already have the code in the kernel to do > > this, it might make sense to re-use the kernel logic for it. > > Well, for QEMU we've had code that in theory might do this but > in practice it's never been tested. Essentially the problem is > that nobody ever wants to inject an exception from userspace > except in incredibly rare cases like "trying to use h/w breakpoints > simultaneously inside the VM and also to debug the VM from outside" > or "we're running on RAS hardware that just told us that the VM's > RAM was faulty". There's no even vaguely commonly-used usecase > for it today; and this ABI suggestion adds another "this is in > practice almost never going to happen" case to the pile. The > codepath is unreliable in QEMU because (a) it requires getting > syncing of sysreg values to and from the kernel right -- this is > about the only situation where userspace wants to modify sysregs > during execution of the VM, as opposed to just reading them -- and > (b) we try to reuse the code we already have that does TCG exception > injection, which might or might not be a design mistake, and > (c) as noted above it's a never-actually-used untested codepath... > > So I think if I were you I wouldn't commit to the kernel ABI until > somebody had at least written some RFC-quality patches for QEMU and > tested that they work and the ABI is OK in that sense. (For the > avoidance of doubt, I'm not volunteering to do that myself.) > I don't object to the idea in principle, though. > > PS: the other "injecting exceptions to the guest" oddity is that > if the kernel *does* find the ISV information and returns to userspace > for it to handle the MMIO, there's no way for userspace to say > "actually that address is supposed to generate a data abort". > That's a good point. A synchronous interface with a separate mechanism to ask the kernel to inject an exception might be a good solution, if there's an elegant way to do the latter. I'll have a look at that. Thanks, Christoffer