Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp161986pxm; Fri, 25 Feb 2022 05:51:52 -0800 (PST) X-Google-Smtp-Source: ABdhPJxgrihSguOr9I6kT00O0nK5rJgxxGsPXos/KplU+Z5T3fHx7ra8FsQraUp+/PDfw1792fs/ X-Received: by 2002:a05:6402:3492:b0:412:e174:856d with SMTP id v18-20020a056402349200b00412e174856dmr7063604edc.355.1645797111790; Fri, 25 Feb 2022 05:51:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645797111; cv=none; d=google.com; s=arc-20160816; b=KsfEgyWqDm9cjNJ0MwQ2Td1VDGkw2NBzjFe0ZYskdvpXwYQ8lONwcvFWhrpGkHGqbh PWPVtvsltBk3ALwO49epJwvEWvm2oWOqjz3V+YLPo+44zLdOSb3hGgFGaeusOmE8Ezst TWuPaQQ6//LK0lDiVPveemHaBuFO2kxQBSFroBQd4KCoCXKJ7S7hBxH4eKB8kTn/qvnG F42YdidHh0auCo62Q+/nHstHxiVLhFvOxjjRYu840Gd/djG3C9KdnJfpzIxaW64ZG2t2 FdyW6udJ55qqHC9g/mmsm7xWYwXmn/CL5eL3GEuGoxmksEezfkfr/ng3XXrHK9Eva1Ui dtQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=lUNVJXD1lz8UG2j9TwfXnUiNWI5WtClpcdiSs6wBp3w=; b=bb/y2sndwS9TMhaWiRqS+X7Rzzmn9xNwOqh45uSc8gCoUcP6Pebfp7fU1JxgOy2ZUf lQyk1hWf9XEuLEhbaI6cY9ENJvN178BClR440TLzty7IsFZ/J0yvWwSUJwZwPvv86msL s6tSR1pnQ02v76IQKASyw7nyDyEiphsO677Undzavm+BrAdfTP27xm0tEGlKM81+3h9k nB8mlUVvfRAvJtebPYxrBKssQ1j8kz4ebWOeJILCprbzOKi4vcw9uFQOBYWM/6OZyR1A doL6BoXXY84NGNCAiQJkie9tAGh++nd9DrpEid75NaTNcGUVb4iZ8/L/k56QxniNZAeo xLLQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=MCCnrQGF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t20-20020a50ab54000000b00412d224e013si1547438edc.196.2022.02.25.05.51.21; Fri, 25 Feb 2022 05:51:51 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=MCCnrQGF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240296AbiBYLzo (ORCPT + 99 others); Fri, 25 Feb 2022 06:55:44 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53290 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240298AbiBYLzl (ORCPT ); Fri, 25 Feb 2022 06:55:41 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 03A2824776A for ; Fri, 25 Feb 2022 03:55:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1645790107; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lUNVJXD1lz8UG2j9TwfXnUiNWI5WtClpcdiSs6wBp3w=; b=MCCnrQGFQWlIb1w5NkmHmrTMDC8ABc0rg2em7QiARCJllq8Tkml0PcPHS0rO7J7G2absVT E0r/jcZVhr2HbVE3jE7a7X+rNtYC5ZAJb4878kTp9MpZbTHgujhD0xga5PTiMAtTJigxb2 6/JmybgBuOQzpxnuvb0G2Gwsc8ag2sI= Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-538-oC4k3BBANcSys3aT_B-UzA-1; Fri, 25 Feb 2022 06:55:05 -0500 X-MC-Unique: oC4k3BBANcSys3aT_B-UzA-1 Received: by mail-wr1-f72.google.com with SMTP id g15-20020adfbc8f000000b001e9506e27ddso792757wrh.22 for ; Fri, 25 Feb 2022 03:55:05 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=lUNVJXD1lz8UG2j9TwfXnUiNWI5WtClpcdiSs6wBp3w=; b=ItjnyXtZsZkD3jeXnPPVaKRKtIHm9bolcpYN26bhvS7qXIruL1AfU1BYqjT8I1VZuL FfImnQEUHUwC4QzunmgAdG2dVfcQEQL+/jNL/zdeC9sfwokv1Evyi2Oly41kO1fCFEOu wGMTpXabUH6J3hBN+mY+qYZ6kmljyAddUlxpyiGUagkcMnFsf+Rb3JVhOmnsSXS1UDpp hYxW3IxNbhnOTjgIcYKXFbvP2MoO/k6j35Iii2zgo7El19CcvMFevrHyUQ/QNC5NIXyn 76y97G9ZpOV4R0phV40jaIs3zuMrhEIzI0i6mN2fTSyXCIBaWkGFrDFlZFVj6NLZ0Olu qzGg== X-Gm-Message-State: AOAM530QqROAU3T2OHCGi/nkfdJhvTWIIy9N9NEOOwPjRDVegVz/sZEc sEBXlo7ocZ6gL64rV8MB2EHrQwvBLylAse3r/lQWD9Ze23DHpHZd9Rnd78iJ5xuhwfn0HTShv8l 2eHafKiwJuH4ivhxWkGoNsg23 X-Received: by 2002:adf:e0ce:0:b0:1ef:706d:d6b9 with SMTP id m14-20020adfe0ce000000b001ef706dd6b9mr1582727wri.71.1645790104564; Fri, 25 Feb 2022 03:55:04 -0800 (PST) X-Received: by 2002:adf:e0ce:0:b0:1ef:706d:d6b9 with SMTP id m14-20020adfe0ce000000b001ef706dd6b9mr1582710wri.71.1645790104274; Fri, 25 Feb 2022 03:55:04 -0800 (PST) Received: from ?IPV6:2001:b07:6468:f312:c8dd:75d4:99ab:290a? ([2001:b07:6468:f312:c8dd:75d4:99ab:290a]) by smtp.googlemail.com with ESMTPSA id h5-20020adffd45000000b001b36cba20adsm2038473wrs.42.2022.02.25.03.55.03 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 25 Feb 2022 03:55:03 -0800 (PST) Message-ID: Date: Fri, 25 Feb 2022 12:55:02 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Subject: Re: [PATCH 0/4] KVM: x86: hyper-v: XMM fast hypercalls fixes Content-Language: en-US To: Vitaly Kuznetsov , kvm@vger.kernel.org Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Siddharth Chandrasekaran , linux-kernel@vger.kernel.org References: <20220222154642.684285-1-vkuznets@redhat.com> From: Paolo Bonzini In-Reply-To: <20220222154642.684285-1-vkuznets@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2/22/22 16:46, Vitaly Kuznetsov wrote: > While working on some Hyper-V TLB flush improvements and Direct TLB flush > feature for Hyper-V on KVM I experienced Windows Server 2019 crashes on > boot when XMM fast hypercall input feature is advertised. Turns out, > HVCALL_SEND_IPI_EX is also an XMM fast hypercall and returning an error > kills the guest. This is fixed in PATCH4. PATCH3 fixes erroneous capping > of sparse CPU banks for XMM fast TLB flush hypercalls. The problem should > be reproducible with >360 vCPUs. > > Vitaly Kuznetsov (4): > KVM: x86: hyper-v: Drop redundant 'ex' parameter from > kvm_hv_send_ipi() > KVM: x86: hyper-v: Drop redundant 'ex' parameter from > kvm_hv_flush_tlb() > KVM: x86: hyper-v: Fix the maximum number of sparse banks for XMM fast > TLB flush hypercalls > KVM: x86: hyper-v: HVCALL_SEND_IPI_EX is an XMM fast hypercall > > arch/x86/kvm/hyperv.c | 84 +++++++++++++++++++++++-------------------- > 1 file changed, 45 insertions(+), 39 deletions(-) > Merging this in 5.18 is a bit messy. Please check that the below patch against kvm/next makes sense: diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c index 653e08c993c4..98fb998c31ce 100644 --- a/arch/x86/kvm/hyperv.c +++ b/arch/x86/kvm/hyperv.c @@ -1770,9 +1770,11 @@ struct kvm_hv_hcall { }; static u64 kvm_get_sparse_vp_set(struct kvm *kvm, struct kvm_hv_hcall *hc, + int consumed_xmm_halves, u64 *sparse_banks, gpa_t offset) { u16 var_cnt; + int i; if (hc->var_cnt > 64) return -EINVAL; @@ -1780,13 +1782,29 @@ static u64 kvm_get_sparse_vp_set(struct kvm *kvm, struct kvm_hv_hcall *hc, /* Ignore banks that cannot possibly contain a legal VP index. */ var_cnt = min_t(u16, hc->var_cnt, KVM_HV_MAX_SPARSE_VCPU_SET_BITS); + if (hc->fast) { + /* + * Each XMM holds two sparse banks, but do not count halves that + * have already been consumed for hypercall parameters. + */ + if (hc->var_cnt > 2 * HV_HYPERCALL_MAX_XMM_REGISTERS - consumed_xmm_halves) + return HV_STATUS_INVALID_HYPERCALL_INPUT; + for (i = 0; i < var_cnt; i++) { + int j = i + consumed_xmm_halves; + if (j % 2) + sparse_banks[i] = sse128_lo(hc->xmm[j / 2]); + else + sparse_banks[i] = sse128_hi(hc->xmm[j / 2]); + } + return 0; + } + return kvm_read_guest(kvm, hc->ingpa + offset, sparse_banks, var_cnt * sizeof(*sparse_banks)); } -static u64 kvm_hv_flush_tlb(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc, bool ex) +static u64 kvm_hv_flush_tlb(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc) { - int i; struct kvm *kvm = vcpu->kvm; struct hv_tlb_flush_ex flush_ex; struct hv_tlb_flush flush; @@ -1803,7 +1821,8 @@ static u64 kvm_hv_flush_tlb(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc, bool */ BUILD_BUG_ON(KVM_HV_MAX_SPARSE_VCPU_SET_BITS > 64); - if (!ex) { + if (hc->code == HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST || + hc->code == HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE) { if (hc->fast) { flush.address_space = hc->ingpa; flush.flags = hc->outgpa; @@ -1859,17 +1878,7 @@ static u64 kvm_hv_flush_tlb(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc, bool if (!hc->var_cnt) goto ret_success; - if (hc->fast) { - if (hc->var_cnt > HV_HYPERCALL_MAX_XMM_REGISTERS - 1) - return HV_STATUS_INVALID_HYPERCALL_INPUT; - for (i = 0; i < hc->var_cnt; i += 2) { - sparse_banks[i] = sse128_lo(hc->xmm[i / 2 + 1]); - sparse_banks[i + 1] = sse128_hi(hc->xmm[i / 2 + 1]); - } - goto do_flush; - } - - if (kvm_get_sparse_vp_set(kvm, hc, sparse_banks, + if (kvm_get_sparse_vp_set(kvm, hc, 2, sparse_banks, offsetof(struct hv_tlb_flush_ex, hv_vp_set.bank_contents))) return HV_STATUS_INVALID_HYPERCALL_INPUT; @@ -1913,7 +1922,7 @@ static void kvm_send_ipi_to_many(struct kvm *kvm, u32 vector, } } -static u64 kvm_hv_send_ipi(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc, bool ex) +static u64 kvm_hv_send_ipi(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc) { struct kvm *kvm = vcpu->kvm; struct hv_send_ipi_ex send_ipi_ex; @@ -1924,7 +1933,7 @@ static u64 kvm_hv_send_ipi(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc, bool u32 vector; bool all_cpus; - if (!ex) { + if (hc->code == HVCALL_SEND_IPI) { if (!hc->fast) { if (unlikely(kvm_read_guest(kvm, hc->ingpa, &send_ipi, sizeof(send_ipi)))) @@ -1943,9 +1952,15 @@ static u64 kvm_hv_send_ipi(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc, bool trace_kvm_hv_send_ipi(vector, sparse_banks[0]); } else { - if (unlikely(kvm_read_guest(kvm, hc->ingpa, &send_ipi_ex, - sizeof(send_ipi_ex)))) - return HV_STATUS_INVALID_HYPERCALL_INPUT; + if (!hc->fast) { + if (unlikely(kvm_read_guest(kvm, hc->ingpa, &send_ipi_ex, + sizeof(send_ipi_ex)))) + return HV_STATUS_INVALID_HYPERCALL_INPUT; + } else { + send_ipi_ex.vector = (u32)hc->ingpa; + send_ipi_ex.vp_set.format = hc->outgpa; + send_ipi_ex.vp_set.valid_bank_mask = sse128_lo(hc->xmm[0]); + } trace_kvm_hv_send_ipi_ex(send_ipi_ex.vector, send_ipi_ex.vp_set.format, @@ -1964,7 +1979,7 @@ static u64 kvm_hv_send_ipi(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc, bool if (!hc->var_cnt) goto ret_success; - if (kvm_get_sparse_vp_set(kvm, hc, sparse_banks, + if (kvm_get_sparse_vp_set(kvm, hc, 1, sparse_banks, offsetof(struct hv_send_ipi_ex, vp_set.bank_contents))) return HV_STATUS_INVALID_HYPERCALL_INPUT; @@ -2126,6 +2141,7 @@ static bool is_xmm_fast_hypercall(struct kvm_hv_hcall *hc) case HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE: case HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX: case HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE_EX: + case HVCALL_SEND_IPI_EX: return true; } @@ -2283,46 +2299,43 @@ int kvm_hv_hypercall(struct kvm_vcpu *vcpu) kvm_hv_hypercall_complete_userspace; return 0; case HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST: - if (unlikely(!hc.rep_cnt || hc.rep_idx || hc.var_cnt)) { + if (unlikely(hc.var_cnt)) { ret = HV_STATUS_INVALID_HYPERCALL_INPUT; break; } - ret = kvm_hv_flush_tlb(vcpu, &hc, false); - break; - case HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE: - if (unlikely(hc.rep || hc.var_cnt)) { - ret = HV_STATUS_INVALID_HYPERCALL_INPUT; - break; - } - ret = kvm_hv_flush_tlb(vcpu, &hc, false); - break; + fallthrough; case HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX: if (unlikely(!hc.rep_cnt || hc.rep_idx)) { ret = HV_STATUS_INVALID_HYPERCALL_INPUT; break; } - ret = kvm_hv_flush_tlb(vcpu, &hc, true); + ret = kvm_hv_flush_tlb(vcpu, &hc); break; + case HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE: + if (unlikely(hc.var_cnt)) { + ret = HV_STATUS_INVALID_HYPERCALL_INPUT; + break; + } + fallthrough; case HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE_EX: if (unlikely(hc.rep)) { ret = HV_STATUS_INVALID_HYPERCALL_INPUT; break; } - ret = kvm_hv_flush_tlb(vcpu, &hc, true); + ret = kvm_hv_flush_tlb(vcpu, &hc); break; case HVCALL_SEND_IPI: - if (unlikely(hc.rep || hc.var_cnt)) { + if (unlikely(hc.var_cnt)) { ret = HV_STATUS_INVALID_HYPERCALL_INPUT; break; } - ret = kvm_hv_send_ipi(vcpu, &hc, false); - break; + fallthrough; case HVCALL_SEND_IPI_EX: - if (unlikely(hc.fast || hc.rep)) { + if (unlikely(hc.rep)) { ret = HV_STATUS_INVALID_HYPERCALL_INPUT; break; } - ret = kvm_hv_send_ipi(vcpu, &hc, true); + ret = kvm_hv_send_ipi(vcpu, &hc); break; case HVCALL_POST_DEBUG_DATA: case HVCALL_RETRIEVE_DEBUG_DATA: The resulting merge commit is already in kvm/queue shortly (which should become the next kvm/next as soon as tests complete). Paolo