Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp424894pxm; Fri, 25 Feb 2022 10:38:33 -0800 (PST) X-Google-Smtp-Source: ABdhPJxBm2J3ZqExZz9I7++XlFz3QrcPAhvBTexyAZZKc4G1yvn5prsfAMH8STcVsgVkiXjm6ZBE X-Received: by 2002:a17:90a:c901:b0:1bc:bc42:5ea4 with SMTP id v1-20020a17090ac90100b001bcbc425ea4mr4450743pjt.115.1645814313180; Fri, 25 Feb 2022 10:38:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645814313; cv=none; d=google.com; s=arc-20160816; b=jOx7ezCVgtmMZef+UtxYC7aItFkpvM9TG8WUNXuxOnYpEKQ7A+ZzuxTq8HL3VLOY9m cKm1DRE0uOO8k5Sgo1hCopntzXcR5B1DObsImSimzTVDHH+C/cveKKm33yOKSWYLByaO HEcjK9Gx42m9kaFKmI6zpmyt9bDqDBJ1L3jpCDBLS7nxLPy5K/37kEyO5EfVFuiFPntM 1Rm5/S8OZZ+l08ha88159+457bDNwGduYisphN12WO/fsQlOOCyqW86CVu3RUXVIdjNM Af5ccRYe9d1gmGfvU/TZsIqgfUt3z8JYTcmzX6JchOOLTqwnM1YShhUeCXOlcxMV+zC6 UIvg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=t5OTJjVGSzfVZo0LlaA0N3es7e6jixcsuOulO2sU+rA=; b=xCIeHf+ThAZf8UzPzoDty9tu9tMRvgyFYGWccAD2CNr+JQ0thHw3KdmfDFFQnoEyod 43zBhDIFF3yWdMM72Lkw6tV8pD2RO3Fpq5WBX3a78WDGi7IqsB1BEMbkQC3rezebfv3c MdOUZfUPFfJ/Y+lxmF8gKn4Qwbg+pjwjnfXbhs1X3ktnJ69OGcABIEtGs+bkVcW9mPda 2v99/JJnFHWjfmqiM93qhiwwZQCyN+ajRtcdx9rf04L1aOtM5j41O/IoMVvpbcRITbkT wYImthW8ivoU7Yj1Xiyf/gqNqH4+4dMjDyJduplgGtl/y5uyvFa/zSNifrTAdzfZC3Ez SMFA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=AQYVR86r; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e3-20020a170903240300b0014d13a87534si2436215plo.515.2022.02.25.10.38.16; Fri, 25 Feb 2022 10:38:33 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=AQYVR86r; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240229AbiBYLzZ (ORCPT + 99 others); Fri, 25 Feb 2022 06:55:25 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52902 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230063AbiBYLzX (ORCPT ); Fri, 25 Feb 2022 06:55:23 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id CF58F21D0A8 for ; Fri, 25 Feb 2022 03:54:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1645790089; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=t5OTJjVGSzfVZo0LlaA0N3es7e6jixcsuOulO2sU+rA=; b=AQYVR86r6//rqVZtF99QZ0E+dohZ9iT2Lk5bM2yX3YVceXuSmaireyrq7PLIQvUNOoOZ3a 2jVxyrG69cfxuORQcH3A+sGMQ5mr3RP9D9vVtSXaFnvzjZB67vplFXbuSItNngLp583s32 CIiPF++G/27CWNFSXCrf1R+PwWg/apM= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-591-cWjq1xbdOhKqBdJ7N7TZqw-1; Fri, 25 Feb 2022 06:54:48 -0500 X-MC-Unique: cWjq1xbdOhKqBdJ7N7TZqw-1 Received: by mail-wm1-f70.google.com with SMTP id r8-20020a05600c35c800b0038118108e71so1226697wmq.7 for ; Fri, 25 Feb 2022 03:54:48 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=t5OTJjVGSzfVZo0LlaA0N3es7e6jixcsuOulO2sU+rA=; b=uy8v+aAJepjKTbzqop1ZcuN8kMXEqq3KST7gXX8HUBI9N5/Sk11BcDRMzrhyUDfqY2 h6AZWTh+f7JqlvATzTYwPP9yzgBj6P+3uo6PEgyKRuNMB7UbNCOsj853dRsUsPiaNkOc 96GTKdmzuQcPpIi6nKdWF10T28LV0+roJe+8Vjw20XfYy1WqQIPvYvkU11BXKD8aoO+b DxJC6gVgKdTppyto1SCsOgZa0ho4r8SLb6RS3TOREjpXp0F+e95t4sUkH6wX5jkVIkuQ 5JT7e2bqdjLiyKhosawR+zDKtl1mrWbooUm2liQbzzqhXh/Uzph7VlPlsMu7kjhJz1ho 08cQ== X-Gm-Message-State: AOAM5331JXIFhAOh3YWDHpWuAmJpu1Ohx+UD9LgdRcCxiZYhtBNU0rTO f5rCRVQ+7yKh8ENkEAlvovOED0M02qV0iOkkLTzFmjKMEn5FtShcwRSwk3okb47o3fryv8RJdML RvSo2DWAfY+MsBqWfDCXgZR7i X-Received: by 2002:adf:f583:0:b0:1ed:b63a:819a with SMTP id f3-20020adff583000000b001edb63a819amr5604887wro.104.1645790087505; Fri, 25 Feb 2022 03:54:47 -0800 (PST) X-Received: by 2002:adf:f583:0:b0:1ed:b63a:819a with SMTP id f3-20020adff583000000b001edb63a819amr5604867wro.104.1645790087246; Fri, 25 Feb 2022 03:54:47 -0800 (PST) Received: from ?IPV6:2001:b07:6468:f312:c8dd:75d4:99ab:290a? ([2001:b07:6468:f312:c8dd:75d4:99ab:290a]) by smtp.googlemail.com with ESMTPSA id i15-20020a05600011cf00b001edc2966dd4sm2017169wrx.47.2022.02.25.03.54.46 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 25 Feb 2022 03:54:46 -0800 (PST) Message-ID: Date: Fri, 25 Feb 2022 12:54:45 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Subject: Re: [PATCH v3] KVM: VMX: Enable Notify VM exit Content-Language: en-US To: Chenyi Qiang , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Xiaoyao Li Cc: Tao Xu , kvm@vger.kernel.org, linux-kernel@vger.kernel.org References: <20220223062412.22334-1-chenyi.qiang@intel.com> From: Paolo Bonzini In-Reply-To: <20220223062412.22334-1-chenyi.qiang@intel.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2/23/22 07:24, Chenyi Qiang wrote: > Nested handling > - Nested notify VM exits are not supported yet. Keep the same notify > window control in vmcs02 as vmcs01, so that L1 can't escape the > restriction of notify VM exits through launching L2 VM. > - When L2 VM is context invalid, synthesize a nested > EXIT_REASON_TRIPLE_FAULT to L1 so that L1 won't be killed due to L2's > VM_CONTEXT_INVALID happens. > > Notify VM exit is defined in latest Intel Architecture Instruction Set > Extensions Programming Reference, chapter 9.2. > > TODO: Allow to change the window size (to enable the feature) at runtime, > which can make it more flexible to do management. I only have a couple questions, any changes in response to the question I can do myself. > diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c > index 1dfe23963a9e..f306b642c3e1 100644 > --- a/arch/x86/kvm/vmx/nested.c > +++ b/arch/x86/kvm/vmx/nested.c > @@ -2177,6 +2177,9 @@ static void prepare_vmcs02_constant_state(struct vcpu_vmx *vmx) > if (cpu_has_vmx_encls_vmexit()) > vmcs_write64(ENCLS_EXITING_BITMAP, INVALID_GPA); > > + if (notify_window >= 0) > + vmcs_write32(NOTIFY_WINDOW, notify_window); Is a value of 0 valid? Should it be changed to the recommended value of 128000 in hardware_setup()? > + case EXIT_REASON_NOTIFY: > + return nested_cpu_has2(vmcs12, > + SECONDARY_EXEC_NOTIFY_VM_EXITING); This should be "return false" since you don't expose the secondary control to L1 (meaning, it will never be set). > + * L0 will synthensize a nested TRIPLE_FAULT to kill L2 when > + * notify VM exit occurred in L2 and NOTIFY_VM_CONTEXT_INVALID is > + * set in exit qualification. In this case, if notify VM exit > + * occurred incident to delivery of a vectored event, the IDT > + * vectoring info are recorded in VMCS. Drop the pending event > + * in vmcs12, otherwise L1 VMM will exit to userspace with > + * internal error due to delivery event. > */ > - vmcs12_save_pending_event(vcpu, vmcs12); > + if (to_vmx(vcpu)->exit_reason.basic != EXIT_REASON_NOTIFY) > + vmcs12_save_pending_event(vcpu, vmcs12); I would prefer to call out the triple fault here: /* * Transfer the event that L0 or L1 may have wanted to inject into * L2 to IDT_VECTORING_INFO_FIELD. * * Skip this if the exit is due to a NOTIFY_VM_CONTEXT_INVALID * exit; in that case, L0 will synthesize a nested TRIPLE_FAULT * vmexit to kill L2. No IDT vectoring info is recorded for * triple faults, and __vmx_handle_exit does not expect it. */ if (!(to_vmx(vcpu)->exit_reason.basic == EXIT_REASON_NOTIFY) && kvm_test_request(KVM_REQ_TRIPLE_FAULT, vcpu)) vmcs12_save_pending_event(vcpu, vmcs12); What do you think? Paolo