Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp88167pxb; Mon, 2 Nov 2020 14:55:55 -0800 (PST) X-Google-Smtp-Source: ABdhPJyq7DXBYmpSt/cHkRc9zapyHKiVU1gOODgDEGI+FrOCJthANgc4tN3Np4aKQcLD/MI8jkBN X-Received: by 2002:a17:906:2895:: with SMTP id o21mr18291617ejd.332.1604357755033; Mon, 02 Nov 2020 14:55:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1604357755; cv=none; d=google.com; s=arc-20160816; b=FwewOQSlRdjsNXuUoMn/qfcoaqp9KcHIh2ZgwayyU9e0veoryhkIpsuWWC5msXA+W0 RSF4zGYHzNuc40fGHVcHQF+H3gHSaUGkgbjj2noaeuNfKTdUPZMXL1Nc5G0aTt3HzF+J ZMpcyYDNNnYP7/9tGqFjvQGNoidY+8U/8DTEe9Jj7d8wgdNds5FHSVn5MJ6v+DETYDn5 iCGxvE0+qkgWsdtZp892gZ8RnRNBHowIgUlkRFouAzYrhfyl3f4K7pP4QTNSi+EmT4ms zGy76pRTlgDi1FlL5+V6IqwYV1LGJ/wXKG6aWGyhFF68jO6JaVIWA3ddNWkX0Uylaa+H rxoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=gxMXOaWOcX7RWi2XohG/kNHvSy7AhpsjgRQW4jBaDgc=; b=WHe/LxUF4mVTgfVTiIBmkrkFJs2aG86/KYT7FG3zyCII201wnh1QZIBpwmpb6JbAC3 vDJU1aXokofDbaa5UJaQOhy88RSaj8T20mEhpK/l7LmDJ9YpP/e984r8A1uxI+ZT8g1h XpBSvT7OWueU0Ex8C8j4vR0+6AA9IeHFSRczHF9/iqTG//9vg4LCI203qrFw2F9lGBb+ obFxqt/E+4QVpAaSQySC75nVUfFsciVSK8G9ipmXV+GAaqvV+XPRwPov8rDutJQ7K3c6 62ubX37stlyvplymRx0UpDzg7c4kO5D6e0XO+6cUdlVXlYKQSutHxeHi4fFl6RGEcb8Z tVGg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=P6ng53Ed; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q18si12711637eji.143.2020.11.02.14.55.30; Mon, 02 Nov 2020 14:55:55 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=P6ng53Ed; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725906AbgKBWyA (ORCPT + 99 others); Mon, 2 Nov 2020 17:54:00 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43294 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725785AbgKBWyA (ORCPT ); Mon, 2 Nov 2020 17:54:00 -0500 Received: from mail-oi1-x243.google.com (mail-oi1-x243.google.com [IPv6:2607:f8b0:4864:20::243]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 82663C0617A6 for ; Mon, 2 Nov 2020 14:54:00 -0800 (PST) Received: by mail-oi1-x243.google.com with SMTP id c80so4894270oib.2 for ; Mon, 02 Nov 2020 14:54:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=gxMXOaWOcX7RWi2XohG/kNHvSy7AhpsjgRQW4jBaDgc=; b=P6ng53EdpuHBLplB221LcjZTmll1OcBSb7Gf0ID8ii2ONguufw8ilLp97H3Cgzxq+s WaeE7NEBHU8CEqXAQeVIjCGxqBgw+EzNDwnpEiloncZJrkHQ3V/gPqRvyMcVLJXtaFqN cEGBZGuow+HoX77Q/NJTmWor7xIJJIy0mTpLHUmGWDCuCxd8mHge6SGZJIbEmtTntV0Z tJaFzQrCJ9su2MsqE66AIkQb37McPrsPDjMjpU9Nez+liy0XYHmuvEc7drt3ilOsDTG5 2neXrfP+P9zYpBmkjez3Es+JgesMX93j8fo8GgKfRIDm3WTI9ziNayKZbsFuap5FOVlH ovCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gxMXOaWOcX7RWi2XohG/kNHvSy7AhpsjgRQW4jBaDgc=; b=WFxp0t945kNCDvxkReWpxRxGYDuCA6/9XWbvz8sNUN1ZrUlYvsAoURMNNCfHbN3eCC 3pb/EGi8wcFst1rQYRQ1EwvxvvtGkvSR5nKkqGm7XHJk1spVwrJbaKTLaqcWg+rmwiMw 2zWMGfalTVeea3oUPiVjr5+y09AhJEAbfTA9p7wx9W0kqAJQR6w/3YqyyvauTzp4MDbF TbXtHxuq0TkEQ8MYuJ+1TkDS6diFoF9uLjeNCDCEBFChhXmbzsZZNrP2Ivb8aM82No4n Rt4mhP9ofxIW3cEIljs1tYd9v90QAl2GEsPWGJbhugw4u5044hhnzQJQA5EbA6hk9zFa ttwg== X-Gm-Message-State: AOAM533hFynt5LsPzlCN0146D3eHAsKVgb642mLeeITmoEMk4N8taL6H wv19HzlXl1KXuY6vZ2EbtsrItj8dTFZ3M6r27jh4jg== X-Received: by 2002:a54:4016:: with SMTP id x22mr283781oie.28.1604357639327; Mon, 02 Nov 2020 14:53:59 -0800 (PST) MIME-Version: 1.0 References: <20201102061445.191638-1-tao3.xu@intel.com> In-Reply-To: <20201102061445.191638-1-tao3.xu@intel.com> From: Jim Mattson Date: Mon, 2 Nov 2020 14:53:48 -0800 Message-ID: Subject: Re: [PATCH] KVM: VMX: Enable Notify VM exit To: Tao Xu Cc: Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" , "the arch/x86 maintainers" , kvm list , LKML , Xiaoyao Li Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Nov 1, 2020 at 10:14 PM Tao Xu wrote: > > There are some cases that malicious virtual machines can cause CPU stuck > (event windows don't open up), e.g., infinite loop in microcode when > nested #AC (CVE-2015-5307). No event window obviously means no events, > e.g. NMIs, SMIs, and IRQs will all be blocked, may cause the related > hardware CPU can't be used by host or other VM. > > To resolve those cases, it can enable a notify VM exit if no > event window occur in VMX non-root mode for a specified amount of > time (notify window). > > Expose a module param for setting notify window, default setting it to > the time as 1/10 of periodic tick, and user can set it to 0 to disable > this feature. > > TODO: > 1. The appropriate value of notify window. > 2. Another patch to disable interception of #DB and #AC when notify > VM-Exiting is enabled. > > Co-developed-by: Xiaoyao Li > Signed-off-by: Tao Xu > Signed-off-by: Xiaoyao Li Do you have test cases?