Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DBA93C433EF for ; Wed, 15 Dec 2021 18:53:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344038AbhLOSxV (ORCPT ); Wed, 15 Dec 2021 13:53:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56574 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239065AbhLOSxU (ORCPT ); Wed, 15 Dec 2021 13:53:20 -0500 Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 769DAC06173E for ; Wed, 15 Dec 2021 10:53:20 -0800 (PST) Received: by mail-pl1-x62c.google.com with SMTP id p18so2401573pld.13 for ; Wed, 15 Dec 2021 10:53:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=ofLlu4vI5oc9F8yAJdCo2OL049xmEG3qVfEzoCZNq3s=; b=MMJevBACLSGNrI/y7YuIZH+V5RiQOSjeHU/mv8xomCH7Ptt3x6NoWOf12uOpSaepTL oz43yH4EfiYWtioiIgG9ttyi0MQaKOdZVf8oGHQxW6xZCLKdWdagO+MSKK0bF7u0XjdR CiMVoL4aAsV4+CB8dGJGAIsXrivRu5wTzLdMmJqBJj8W3wbOPc74y/2+0tygeu9jMSmg TspE2ykXZam7FhK4ugTgnmh91SvE2qS9tMUSuMGEn3jAzNP2Xwmwu4ebE6jfBz9vO9eX tBNwPhqJxXByXbKYNymRMoNwo1LHIm2ARkG7iCQIHeqEbdp50AkCFUIt/nrBNp/hdbYQ 0tXg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=ofLlu4vI5oc9F8yAJdCo2OL049xmEG3qVfEzoCZNq3s=; b=MHbrE00bbBiPOKH7X0ulIYgXf8CD/QJ9Vs/+1wtI5uDDsidNnrOq5c1LqyzsemzDvp plx6d/JK6bYiqvPLizUxzQ8CcZO0v4GzuhCZyfWbxiLIagLXIzjQwoMa5mVn8hBiIu2Z 5ErvOS/1WYGRY4LxU9jiZlwSiDCvTCK3ttoR2yRExYbiaiFHLtju+f0/zpmNMoyK9G0L BY5wYVZN06Ebh4c5wpyxt4XONjOT4Vf/1Igjq8f5gvwMXC8tNzpFa8IzEAJI7vS/2AOV Rogi6cfI8GAxOo2Y1+79ITEn7TeUspKc1x1QpbWgZuFKsm80tbL/dglSdDlsuD/tQPOn /W9g== X-Gm-Message-State: AOAM531PASeMmn4xaXcN//6ApaJmJnDK/k0Ygg2xjo3M7+VRB/abn3hu zPtGe1ksFo/a1L4h8AFSJN41zw== X-Google-Smtp-Source: ABdhPJzjhnHaeY3OeD8Fy2oSut8c+bZMl2MgbvLYlH0uRFnNZ4HEAlsbNgGVabQMuhkGW18U/fNsAg== X-Received: by 2002:a17:902:b615:b0:143:bbf0:aad0 with SMTP id b21-20020a170902b61500b00143bbf0aad0mr12280273pls.12.1639594399798; Wed, 15 Dec 2021 10:53:19 -0800 (PST) Received: from google.com (157.214.185.35.bc.googleusercontent.com. [35.185.214.157]) by smtp.gmail.com with ESMTPSA id g18sm3672838pfj.142.2021.12.15.10.53.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Dec 2021 10:53:19 -0800 (PST) Date: Wed, 15 Dec 2021 18:53:16 +0000 From: Sean Christopherson To: Paolo Bonzini Cc: Christian Borntraeger , Janosch Frank , David Hildenbrand , Claudio Imbrenda , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Maxim Levitsky , Ben Gardon , Lai Jiangshan Subject: Re: [PATCH 1/7] KVM: x86: Retry page fault if MMU reload is pending and root has no sp Message-ID: References: <20211209060552.2956723-1-seanjc@google.com> <20211209060552.2956723-2-seanjc@google.com> <8ab8833f-2a89-71ff-98da-2cfbb251736f@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Dec 10, 2021, Sean Christopherson wrote: > On Fri, Dec 10, 2021, Paolo Bonzini wrote: > > On 12/10/21 17:01, Sean Christopherson wrote: > > > > KVM_REQ_MMU_RELOAD is raised after kvm->arch.mmu_valid_gen is fixed (of > > > > course, otherwise the other CPU might just not see any obsoleted page > > > > from the legacy MMU), therefore any check on KVM_REQ_MMU_RELOAD is just > > > > advisory. > > > > > > I disagree. IMO, KVM should not be installing SPTEs into obsolete shadow pages, > > > which is what continuing on allows. I don't _think_ it's problematic, but I do > > > think it's wrong. > > > > > > [...] Eh, for all intents and purposes, KVM_REQ_MMU_RELOAD very much says > > > special roots are obsolete. The root will be unloaded, i.e. will no > > > longer be used, i.e. is obsolete. > > > > I understand that---but it takes some unspoken details to understand that. > > Eh, it takes just as many unspoken details to understand why it's safe-ish to > install SPTEs into an obsolete shadow page. > > > In particular that both kvm_reload_remote_mmus and is_page_fault_stale are > > called under mmu_lock write-lock, and that there's no unlock between > > updating mmu_valid_gen and calling kvm_reload_remote_mmus. > > > > (This also suggests, for the other six patches, keeping > > kvm_reload_remote_mmus and just moving it to arch/x86/kvm/mmu/mmu.c, with an > > assertion that the MMU lock is held for write). > > > > But since we have a way forward for having no special roots to worry about, > > it seems an unnecessary overload for 1) a patch that will last one or two > > releasees at most > > Yeah, I don't disagree, which is why I'm not totally opposed to punting this and > naturally fixing it by allocating shadow pages for the special roots. But this > code needs to be modified by Jiangshan's series either way, so it's not like we're > saving anything meaningful. > > > 2) a case that has been handled in the inefficient way forever. > > I don't care about inefficiency, I'm worried about correctness. It's extremely > unlikely this fixes a true bug in the legacy MMU, but there's also no real > downside to adding the check. > > Anyways, either way is fine. Ping, in case this dropped off your radar. Regardless of how we fix this goof, it needs to get fixed in 5.16.