Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp390586ybg; Tue, 9 Jun 2020 03:21:46 -0700 (PDT) X-Google-Smtp-Source: ABdhPJydnTRLC+tpfK3YAQKFOerx4toyiwryIcj509cVA5zGxxx1ovtUuhgazwc8qjXrywQY5KQ6 X-Received: by 2002:a17:906:f6d6:: with SMTP id jo22mr24017994ejb.310.1591698106600; Tue, 09 Jun 2020 03:21:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591698106; cv=none; d=google.com; s=arc-20160816; b=g8pEsnqBWpGHLViGUL0e9Re/Cj5sve0G7MV3XCmYXPkQzRVjUpAYK65uh70I1p3PPv NBARquxa9HXL5j1JqePXAX47ybEGFtVR4GPwDlV+sVVpKrVFgMo2KlT0W+j73ywaGMXJ JIf2gVt1asxytRcOQI7GSzcEpRddwxWq3qDxqYsYfAiP2ZRt0iilA/JW1uJLH4SIKfUD NOExqUDGM6GTsoNCx6D1YSqaYY9s1iu19qzxBnksVKe6jjCmItDKuvaIL8SBc8UGOofq +Ez78WQn2b+zzLncTgOb82KcHDfEFiXPblyyy2ICP3LuHBv0h63bTyb5AWI33tDzcT0h XxBg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=3sdqb6g4ihbLhkBEfIP/iQpvtsvP33bVeevH+3u62Oc=; b=eNc6S+C7J8ycELXkjzzcZCso7ncYJITR2VkQdphVw01BMDvHC4nf7ydy4x/J4IUT0E oMqhOccyPFqfj0f4J9H/9dqUwGP9T44wW9DvyUtQeBFaXMoIBiOZ3AUTweJY2itDOECo NEMS5jfgcfYh9vF4sdWZrt/NuzjZE4yiq/c3eV4I5yqV5J8a5yNauWrIrhQ6zhEUyWRy bLhP29TwlGEozFQ+hqGGe9CJFo6wUDLh3Bz9N7PXONhQFiH+WQy3g2NfP8ZG+lihNmIT b5eGOujqsJj2zQOI1d5D3cfN2c5GD35za1DhYT6dxuBJ9TQ9veUICCFq0dot6wUB2oph 0HcQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Z6eqwoj0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u20si10624714edq.15.2020.06.09.03.21.23; Tue, 09 Jun 2020 03:21:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Z6eqwoj0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728746AbgFIKSy (ORCPT + 99 others); Tue, 9 Jun 2020 06:18:54 -0400 Received: from us-smtp-1.mimecast.com ([207.211.31.81]:31457 "EHLO us-smtp-delivery-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1728743AbgFIKSf (ORCPT ); Tue, 9 Jun 2020 06:18:35 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1591697914; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3sdqb6g4ihbLhkBEfIP/iQpvtsvP33bVeevH+3u62Oc=; b=Z6eqwoj0COLg1FcufXkHswB9CBPmL5puxLkRbLcBMdh0V3FVsq9JKHV6SkQmyUx4BDFm0l NO6jgyFFqkSOmSCWm9LbgJuuJTRbHNITJUkddx7y+es/EvLhrPVaO/4B53LC2su8qCAER1 VmSNCPJhAlSVwYjswuJbDZUOPhJHreo= Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-423-xVWACGCuN1qlO0EXLlEtWw-1; Tue, 09 Jun 2020 06:18:32 -0400 X-MC-Unique: xVWACGCuN1qlO0EXLlEtWw-1 Received: by mail-wr1-f69.google.com with SMTP id c14so8369631wrw.11 for ; Tue, 09 Jun 2020 03:18:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=3sdqb6g4ihbLhkBEfIP/iQpvtsvP33bVeevH+3u62Oc=; b=jYncyfXcih7i3jp75wmv30FA3Gkd5qXaHTQdIfeiW8tuw4zVT8AkEe0g4SBhFCKDGt VqPEYo17efq9aps5ETs15OW6T2SwHlAWZaRgfVvKDIIHS/zHGdLHrlbYxZTPAfgC/saO cTdBqnqD3Tx7WbMvbLdk7qeUkaHP48jqdrvUj9gFNz+nu7JJIiYNhXyarfUdgSPSwqV7 yx4PJbHepUivhR+xBMADLfDIrYG86M+kHHy7bleB8V/pdKlN+Q6mRPAEazPOB5sS+7aJ yWaM/mSwohcARMzrNk38qQz+0BhaTXji4/AkKAZ3PdLjXbsl0u50adrt7j7TKP0mF2fZ oSwA== X-Gm-Message-State: AOAM531R5jdI/5dFJ/8u/zbh/F2s112ZQz8wjpgoNshGdc59GP/78J7K mcHezVo76Kw05AK2iZI7a5qakNNIBdSKPqRgyRwE+s1shsYtMGPsh4wefSYSbVAV4D48HvbvVKl ObAL2ncZY+pNMFkVU2ch5DS8y X-Received: by 2002:a1c:a74f:: with SMTP id q76mr3438091wme.65.1591697910892; Tue, 09 Jun 2020 03:18:30 -0700 (PDT) X-Received: by 2002:a1c:a74f:: with SMTP id q76mr3438060wme.65.1591697910629; Tue, 09 Jun 2020 03:18:30 -0700 (PDT) Received: from [192.168.178.58] ([151.21.172.168]) by smtp.gmail.com with ESMTPSA id g82sm2452249wmf.1.2020.06.09.03.18.29 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 09 Jun 2020 03:18:30 -0700 (PDT) Subject: Re: [PATCH v2] KVM: nVMX: Consult only the "basic" exit reason when routing nested exit To: Sean Christopherson Cc: Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Xiaoyao Li , Oliver Upton , Krish Sadhukhan , Miaohe Lin References: <20200608191857.30319-1-sean.j.christopherson@intel.com> From: Paolo Bonzini Message-ID: <6153e63a-b68e-3537-8fab-d92163c329f0@redhat.com> Date: Tue, 9 Jun 2020 12:18:28 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.6.0 MIME-Version: 1.0 In-Reply-To: <20200608191857.30319-1-sean.j.christopherson@intel.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 08/06/20 21:18, Sean Christopherson wrote: > Consult only the basic exit reason, i.e. bits 15:0 of vmcs.EXIT_REASON, > when determining whether a nested VM-Exit should be reflected into L1 or > handled by KVM in L0. > > For better or worse, the switch statements nested_vmx_l0_wants_exit() > and nested_vmx_l1_wants_exit() default to reflecting the VM-Exit into L1 > for any nested VM-Exit without dedicated logic. Because the case > statements only contain the basic exit reason, any VM-Exit with modifier > bits set will be reflected to L1, even if KVM intended to handle it in > L0. > > Practically speaking, this only affects EXIT_REASON_MCE_DURING_VMENTRY, > i.e. a #MC that occurs on nested VM-Enter would be incorrectly routed to > L1, as "failed VM-Entry" is the only modifier that KVM can currently > encounter. The SMM modifiers will never be generated as KVM doesn't > support/employ a SMI Transfer Monitor. Ditto for "exit from enclave", > as KVM doesn't yet support virtualizing SGX, i.e. it's impossible to > enter an enclave in a KVM guest (L1 or L2). > > Note, the original version of this fix[*] is functionally equivalent and > far more suited to backporting as the affected code was refactored since > the original patch was posted. > > [*] https://lkml.kernel.org/r/20200227174430.26371-1-sean.j.christopherson@intel.com > > Fixes: 644d711aa0e1 ("KVM: nVMX: Deciding if L0 or L1 should handle an L2 exit") > Cc: Jim Mattson > Cc: Xiaoyao Li > Cc: stable@vger.kernel.org > Cc: Oliver Upton > Cc: Krish Sadhukhan > Cc: Miaohe Lin > Signed-off-by: Sean Christopherson > --- > > Another wounded soldier. > > Oliver, Krish, and Miaohe all provided reviews for v1, but I didn't feel > comfortable adding the tags to v2 because this is far from a straight > rebase. > > v2: Rebased to kvm/queue, commit fb7333dfd812 ("KVM: SVM: fix calls ..."). > > arch/x86/kvm/vmx/nested.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c > index bcb50724be38..adb11b504d5c 100644 > --- a/arch/x86/kvm/vmx/nested.c > +++ b/arch/x86/kvm/vmx/nested.c > @@ -5672,7 +5672,7 @@ static bool nested_vmx_l0_wants_exit(struct kvm_vcpu *vcpu, u32 exit_reason) > { > u32 intr_info; > > - switch (exit_reason) { > + switch ((u16)exit_reason) { > case EXIT_REASON_EXCEPTION_NMI: > intr_info = vmx_get_intr_info(vcpu); > if (is_nmi(intr_info)) > @@ -5733,7 +5733,7 @@ static bool nested_vmx_l1_wants_exit(struct kvm_vcpu *vcpu, u32 exit_reason) > struct vmcs12 *vmcs12 = get_vmcs12(vcpu); > u32 intr_info; > > - switch (exit_reason) { > + switch ((u16)exit_reason) { > case EXIT_REASON_EXCEPTION_NMI: > intr_info = vmx_get_intr_info(vcpu); > if (is_nmi(intr_info)) > Thanks, queued with git magic (committed v1 based on v5.7, merged into kvm/queue, added the delta to v2 in the merge commit) so that stable branches can cherry-pick cleanly. Paolo