Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp740617pxf; Thu, 18 Mar 2021 10:25:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy0JzQnC/dlRO7MuD+ilNOFG2W9OzZCY0MbpYYP+HcucmRx6qjbD8orBBO2O1RezavhAVQh X-Received: by 2002:a17:907:9709:: with SMTP id jg9mr41081514ejc.276.1616088315868; Thu, 18 Mar 2021 10:25:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616088315; cv=none; d=google.com; s=arc-20160816; b=wTfwrBsyucLhRHvaXVfkghSSdHQ0fuYZwvEGUEb0sbaTL2eQcDzmIEmTYT5NtBMZa1 zOzgDhPCvjx6j9T2uCSgKemx2QTHIlZl+Sn2r4jFp1zdjlE8hm0PkVSn1nE4XCGX3y4q ujehPF2mWXrWbm3VmrfMJSsDSN8VQ3VKsdRfN5CvIow8rX3sHW3tC7vynQ99BD0UPEcM GGSL5jgu2mde9sL2mXXygzgWezfvHtoqWNPd0Op+Lr61TpAP3KbDQfwCpCLOvaH0h5ZH 3s+gEfyuZzybXUf6lcGdP+CjirE5xT3N0YeqdscT0yNIb1uJAP1IJ6aiS27nlaK3l5gY DLyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=+zrC/2pN/qc0ZP+joKAbaps/MruXf28Rv4f5cOXi7Dc=; b=kn8fIMsbGeEnr93kL0iUe+IvwPj9KSEgqrhnEo5Gevu7NKRgUhifbLr6UO8FmAqu0a H3+trabx2wg5+sGTC6R1LggUqJQ/uo7FMdwsdilYJjH4BrnZZ1EvzbjLZxlvhr9DQfPU 2O7TmGk/mGrq4AxGUiKaviEHAipdSujdEsx/54KF4MeFD/iA8qzf5TjTAn4+U5KJ7xFM pWSDYKjXwaF5H24kUoA9LLPlPpPGi5Ylp/RK0lDMzCyrhPXZx26Cjy80QW+MmynRccf3 vaVH4tB8FG8QFfpvYlHwuAslGtP25KELsQ3qGK+sfc/oxdokenwjUyFLG0LJaFIR+9yI rcAw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Lr4w7CS0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o22si2034736edr.219.2021.03.18.10.24.51; Thu, 18 Mar 2021 10:25:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Lr4w7CS0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232308AbhCRRWT (ORCPT + 99 others); Thu, 18 Mar 2021 13:22:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35634 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232280AbhCRRWG (ORCPT ); Thu, 18 Mar 2021 13:22:06 -0400 Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 19065C06174A for ; Thu, 18 Mar 2021 10:22:06 -0700 (PDT) Received: by mail-pf1-x432.google.com with SMTP id q5so3957993pfh.10 for ; Thu, 18 Mar 2021 10:22:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=+zrC/2pN/qc0ZP+joKAbaps/MruXf28Rv4f5cOXi7Dc=; b=Lr4w7CS01/YiT8pPA94i4qxdH8NUb6mRWSa4tgsgw/pQLsKrWkot9A236IjKLqRztU tBLCqbeY1r6/MfWsMYTKmClPPqPyduDADnujqPm033KQlvthHF06knyLlG1ru9jXz1t0 ZChrV8zTKJCppm+dKwJeTA5LpaSMBMxlSw2CODlKGZieWpu47bw6/3qrYRh6QBr2VwEx GT0xUCR57aCN97aA6LtkNpXOjJ4E78DgJqcPiIvcg4oEc5iy+egr87JYLvGjTInd4fpg gaUZATkxr8TRlstns+fcJhcX/mXFEbqBRyWGvRLUX8WuSZTo7usP0tGXNXYAYYTal4Lz TA1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=+zrC/2pN/qc0ZP+joKAbaps/MruXf28Rv4f5cOXi7Dc=; b=sFvDib+Tfm8Mf786fFrqm49z7jmwMaghA8fq8BzwcRZP8wORGANIa4CR5tgFNPLQat WnVdqy5CyV/yu3JjUCyFOQw98J2V/SuVnC3L8bPtJEOSUtyvYJLC1zLhMQ8MfSQoj9sl C7Np3PRl5aXdhFXf5nOBylaspufLWcQ6tbtYEanrXAbsUCWfxCfHsPFbABXtrxjcd0hs qc4aVE1Q0rFzVJ5qkymhzIp8Qkp5KEeiN7PsrlFZgmZnj/9lPFCAZtczpHziP9BMl128 y4dHmhF2DYH8IvLMzCfbAmomzDvWZkjpgqWzOYJ18sQF0LY/JT6B0K0m0lijh1MOGalE k6nw== X-Gm-Message-State: AOAM533Es3iV5bZdqIil3/artFoh50gLGYmF/Kb9/tVgiXnx7nstOAEW IIrO5YXgnhvyxaTDgfErVr9gFA== X-Received: by 2002:a63:2582:: with SMTP id l124mr7893687pgl.338.1616088125511; Thu, 18 Mar 2021 10:22:05 -0700 (PDT) Received: from google.com (240.111.247.35.bc.googleusercontent.com. [35.247.111.240]) by smtp.gmail.com with ESMTPSA id z4sm2713747pgv.73.2021.03.18.10.22.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Mar 2021 10:22:04 -0700 (PDT) Date: Thu, 18 Mar 2021 17:22:01 +0000 From: Sean Christopherson To: Maxim Levitsky Cc: Joerg Roedel , kvm@vger.kernel.org, Vitaly Kuznetsov , linux-kernel@vger.kernel.org, Thomas Gleixner , Wanpeng Li , Kieran Bingham , Jessica Yu , Jan Kiszka , Andrew Morton , "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" , Jim Mattson , Borislav Petkov , Stefano Garzarella , "H. Peter Anvin" , Paolo Bonzini , Ingo Molnar , Borislav Petkov Subject: Re: [PATCH 3/3] KVM: SVM: allow to intercept all exceptions for debug Message-ID: References: <20210315221020.661693-1-mlevitsk@redhat.com> <20210315221020.661693-4-mlevitsk@redhat.com> <4116d6ce75a85faccfe7a2b3967528f0561974ae.camel@redhat.com> <8ba6676471dc8c8219e35d6a1695febaea20bb0b.camel@redhat.com> <7169229dde171c8e10fb276ff8e1a869af99b39d.camel@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <7169229dde171c8e10fb276ff8e1a869af99b39d.camel@redhat.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Mar 18, 2021, Maxim Levitsky wrote: > On Thu, 2021-03-18 at 16:35 +0000, Sean Christopherson wrote: > > Skipping SEV-ES guests should not be difficult; KVM could probably even > > print a message stating that the debug hook is being ignored. One thought would > > be to snapshot debug_intercept_exceptions at VM creation, and simply zero it out > > for incompatible guests. That would also allow changing debug_intercept_exceptions > > without reloading KVM, which IMO would be very convenient. > > > So all right I'll disable this for SEV-ES. Belated thought. KVM doesn't know a guest will be an SEV-ES guest until sev_es_guest_init(), and KVM currently doesn't prevent creating vCPUs before KVM_SEV_ES_INIT. But, I'm 99% confident that's a KVM bug. For your purposes, I think you can assume kvm->arch.debug_intercept_exceptions will _not_ change after vCPU creation. > The idea to change the debug_intercept_exceptions on the fly is also a good idea, > I will implement it in next version of the patches. Can you also move the module param to x86? It doesn't need to be wired up for VMX right away, but it makes sense to do it at some point, and ideally folks won't have to update their scripts when that happens.