Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp284846pxb; Mon, 2 Nov 2020 22:26:27 -0800 (PST) X-Google-Smtp-Source: ABdhPJzUIuhvcsDUpxFPESNE9jkkY35NTA/KB4L06VNXpkJubSDfQvx5zzhMC8WfLPLtWi2v1Bds X-Received: by 2002:aa7:c90a:: with SMTP id b10mr249135edt.266.1604384787553; Mon, 02 Nov 2020 22:26:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1604384787; cv=none; d=google.com; s=arc-20160816; b=0fVGXA3ISVU1HtAjO0NDhtalJ2pDOkfQD/VmPBl9izzsMHHyBcejK8520BAuB9VT4A yLmZlqHH5kFuKDaOhVuPy8WRTJi2CSjiTMAtHV2oJcwpw8ZY8A+oXgMGgQnEVq3aZSZe 4E+rlrIGGWyvuG31vQVNHe+jlpAofICJEJVETx7qjRjm8bWfxzG/VQbIwvesfmsID7Mf 8DdwNpw8+uq4gGeSvMyL4pKHPD5CRTH15vCvKJV77x1wZkQ0Lf3fmkAMjOul3EUP3uZ2 hb/7K3rBPyAZlbadxiRFlrU9oGGaLddS92EQqvXokSSTioNGE3RtfKVtZOPhQW92TjTr djuA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:ironport-sdr:ironport-sdr; bh=GVGhpuAOAUhh+c5dGlaBkiwbOw2UImzFdE97zXAlRas=; b=N3M4h0BKJCU+y4+ZoyX/0V+uQaiQR4fYBq3vxMz+Np10ObYNIuzfm7pV52PPllsPm2 4mO2bHr6c0TO47je9nP69xsEk6ps5zroJI/obf7vx3ogd4s0mYJFERc1L3W52QBcFuUq q7XY7DnsdJ2VFL6QRcVtOQIjWy7W7hI/CjYqXCEJR7YJ5th+GWgjQKz4kr8NjaQlV+qz 3jj4bfyUHrROjxJY8fshMW7xHkb1pNCXc40RyctVRJCcBx52ZXwIum5EhQN7j51C7YQi RTLTOGFl+gHDziXHtYMhmnptbPHiN104B+FY81ShesQ2pz6jIz042ngK6xjjVX0W3L+I mhgA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id d19si11795414ejp.485.2020.11.02.22.26.04; Mon, 02 Nov 2020 22:26:27 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727239AbgKCGYc (ORCPT + 99 others); Tue, 3 Nov 2020 01:24:32 -0500 Received: from mga02.intel.com ([134.134.136.20]:53522 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725968AbgKCGYc (ORCPT ); Tue, 3 Nov 2020 01:24:32 -0500 IronPort-SDR: 1Dtmk1tdDVAsU3gXt1g5PBq0UtUO/BDorc2kugtHxJHKYKLQskwToHO+Myl3Dhpcf85hFSjRnG wQa0JfwziHXg== X-IronPort-AV: E=McAfee;i="6000,8403,9793"; a="155993800" X-IronPort-AV: E=Sophos;i="5.77,447,1596524400"; d="scan'208";a="155993800" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Nov 2020 22:24:28 -0800 IronPort-SDR: /kmhGLNnzYaQ+04Ndb6V/0sv8KG0lxtDXF442YpiDYyGOG2j7kXZDb4r4LxT/J67mXqjqZ5ZDl JhcIs6IvIypQ== X-IronPort-AV: E=Sophos;i="5.77,447,1596524400"; d="scan'208";a="470669617" Received: from xiaoyaol-mobl.ccr.corp.intel.com (HELO [10.239.13.118]) ([10.239.13.118]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Nov 2020 22:24:24 -0800 Subject: Re: [PATCH] KVM: VMX: Enable Notify VM exit To: Tao Xu , Jim Mattson Cc: Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" , the arch/x86 maintainers , kvm list , LKML References: <20201102061445.191638-1-tao3.xu@intel.com> From: Xiaoyao Li Message-ID: <24fd6383-2360-8a1a-3c4c-1a3ee1b1db1c@intel.com> Date: Tue, 3 Nov 2020 14:24:22 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 11/3/2020 2:12 PM, Tao Xu wrote: > > > On 11/3/20 6:53 AM, Jim Mattson wrote: >> On Sun, Nov 1, 2020 at 10:14 PM Tao Xu wrote: >>> >>> There are some cases that malicious virtual machines can cause CPU stuck >>> (event windows don't open up), e.g., infinite loop in microcode when >>> nested #AC (CVE-2015-5307). No event window obviously means no events, >>> e.g. NMIs, SMIs, and IRQs will all be blocked, may cause the related >>> hardware CPU can't be used by host or other VM. >>> >>> To resolve those cases, it can enable a notify VM exit if no >>> event window occur in VMX non-root mode for a specified amount of >>> time (notify window). >>> >>> Expose a module param for setting notify window, default setting it to >>> the time as 1/10 of periodic tick, and user can set it to 0 to disable >>> this feature. >>> >>> TODO: >>> 1. The appropriate value of notify window. >>> 2. Another patch to disable interception of #DB and #AC when notify >>> VM-Exiting is enabled. >>> >>> Co-developed-by: Xiaoyao Li >>> Signed-off-by: Tao Xu >>> Signed-off-by: Xiaoyao Li >> >> Do you have test cases? >> yes we have. The nested #AC (CVE-2015-5307) is a known test case, though we need to tweak KVM to disable interception #AC for it. > Not yet, because we are waiting real silicon to do some test. I should > add RFC next time before I test it in hardware.