Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp729520pxm; Fri, 25 Feb 2022 18:32:06 -0800 (PST) X-Google-Smtp-Source: ABdhPJwELw3qP6OU63pysfgPmOTqFeHmpCSg8OifNlHiTLd95AHuUIfxN/c9S99VC6ksrWlQr2FP X-Received: by 2002:a65:6e89:0:b0:375:89f4:b545 with SMTP id bm9-20020a656e89000000b0037589f4b545mr7790185pgb.456.1645842726427; Fri, 25 Feb 2022 18:32:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645842726; cv=none; d=google.com; s=arc-20160816; b=xRwebtyfVj904OZk3QvPmzVAAlO55DMOk2UiquaNF+BG2XI4o//TVWGtSkJCwuWAfO qWRiyIN98ZrJnpNmVNEA+8upv1z+qi+6O4bFSzwT1L5Yt9Avarnh2T2CDOl6FMDXeAr9 uul6bslXUZ6ConGOqx3QsGXjSC7del0gghBRiq6ZyUKFQ9gu0rxrKWiJAnaCLu9ZqjDx kqwoqxY88LtU6By9noE6rcSgxtmCFbDucvifLVFOiyE1DHSw3QoYGUnzCdg1xFVeJuSH 0pcfrE/nVdfaSVkSWVK39BTWwuPaSSZHR1bFYd0rzqmFkYiFY5C+54t3FPzFjYieWSm4 jSzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=yHENS+Ovpeo1eaUhBdH1C0+VesNPCtOkEQBYOIU9JA0=; b=S9xGxa1RMtpnFSaMpPr2cWHyfSJ6b/bbhkf3eWTQ1ZFKu+nZQp9XwmXdtg+FkMqmxp U+/ecbi+YVoC6mKVsOcBSH58tDZQCk9z5VAEEXcuDSabfVZjkA1CAkdsfGO023TPUeP1 TaUewOrABK7eBJiA7EasRUXrLv6mdR+RRWZpPUy4G1qFmpL9fHfzIsQYGxSfUIYhlO53 Q0xsWtM0S0zFD8GKciDIA859xTJWgGEOrfuldMXgCy+x+pkctGFCxFwHEu1ajUhP5Mwx feF7tG+y9bvD20GGXRpGrCNJzATiRFH5+6/zySveCw7NU53mby+T3gvfsgcLO6GMXkSd Bf3g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=VEyJOE71; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id a23-20020a63d217000000b003784b7351a4si2112128pgg.762.2022.02.25.18.32.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 25 Feb 2022 18:32:06 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=VEyJOE71; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 5F71810E06B; Fri, 25 Feb 2022 17:58:43 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234449AbiBYTP7 (ORCPT + 99 others); Fri, 25 Feb 2022 14:15:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42650 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232149AbiBYTP5 (ORCPT ); Fri, 25 Feb 2022 14:15:57 -0500 Received: from mail-ot1-x336.google.com (mail-ot1-x336.google.com [IPv6:2607:f8b0:4864:20::336]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9329821CD21 for ; Fri, 25 Feb 2022 11:15:25 -0800 (PST) Received: by mail-ot1-x336.google.com with SMTP id l21-20020a056830239500b005afd2a7eaa2so1440329ots.9 for ; Fri, 25 Feb 2022 11:15:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=yHENS+Ovpeo1eaUhBdH1C0+VesNPCtOkEQBYOIU9JA0=; b=VEyJOE71f22U9Xy7lZCJfgCL//TQQSz0k5aUfPh4NzPFURCzua+2n6snOJAHMsPx1O WR6Wk9PleJXpJRob72UJulypveBh4fo1qE12aEpltMBREwQo5ctmt8RJLQVS4KOTFX52 TrqpEUmzL9TFg/dNp1Xo9vKj9eYIt0gmim4oXfUmksOfvFGYN4dBBCLywaTKC0AJCNLC HfE8RVxC/BMlGHO/WvXPeyB7uCzbKDfNsT9GvthDUiq6pDXfW3vxMu1QWVJUURpM7bo5 McLGIydsNONSnavoAyr5P76b9+MMaO7rT0mvvTt/8ELJvzaqxDSVseXMlQinbd8lPZUI PHBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=yHENS+Ovpeo1eaUhBdH1C0+VesNPCtOkEQBYOIU9JA0=; b=HY8X4Xk9KJF/5u9NqEo/xlgTAMFk4K57aPqdKW5l+WQAKupGl23YXcZjFHZu2NC9X4 MeU1TortU60jiyOqgJqGymkTc8f4rvgnpa2yYO7NNhV6LqHbEqtBcQm5KwJLOj7ccVDB tMQrZZ3XYaqv+M0WvmeLeLy0EyUMy+JG2SV9M0SwahJWVdtTvlPv9j31CYwMdFW8NXyA 9fG3FdHLsgw1LAHU/aeTUPb8d7sF055YuE0QYkWpnt9ElM9J31H5N3GsFyo+47NhA4wm Oa9sG4cBgtC/U8KUEgAItX/zwueoxDsfl4/HeJ6lG8qhYkLs4Ajf0nVmiSwK8H3DsMwL z1aw== X-Gm-Message-State: AOAM533+MLFZtxA4P7brZvex/SYXU4p/nwxp9v+D5xR8/NElwnfXfO+m CN7UBFUyxyMdgqbpgUgOWB1jHuTAdcRnsEBO3Pq3eA== X-Received: by 2002:a9d:6e04:0:b0:5af:6426:6d39 with SMTP id e4-20020a9d6e04000000b005af64266d39mr3467118otr.75.1645816524707; Fri, 25 Feb 2022 11:15:24 -0800 (PST) MIME-Version: 1.0 References: <20220223062412.22334-1-chenyi.qiang@intel.com> <88eb9a9a-fbe3-8e2c-02bd-4bdfc855b67f@intel.com> <6a839b88-392d-886d-836d-ca04cf700dce@intel.com> <7859e03f-10fa-dbc2-ed3c-5c09e62f9016@redhat.com> In-Reply-To: From: Jim Mattson Date: Fri, 25 Feb 2022 11:15:13 -0800 Message-ID: Subject: Re: [PATCH v3] KVM: VMX: Enable Notify VM exit To: Sean Christopherson Cc: Paolo Bonzini , Xiaoyao Li , Chenyi Qiang , Vitaly Kuznetsov , Wanpeng Li , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.5 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 25, 2022 at 10:29 AM Sean Christopherson wrote: > > On Fri, Feb 25, 2022, Jim Mattson wrote: > > On Fri, Feb 25, 2022 at 7:13 AM Paolo Bonzini wrote: > > > > > > On 2/25/22 16:12, Xiaoyao Li wrote: > > > >>>> > > > >>> > > > >>> I don't like the idea of making things up without notifying userspace > > > >>> that this is fictional. How is my customer running nested VMs supposed > > > >>> to know that L2 didn't actually shutdown, but L0 killed it because the > > > >>> notify window was exceeded? If this information isn't reported to > > > >>> userspace, I have no way of getting the information to the customer. > > > >> > > > >> Then, maybe a dedicated software define VM exit for it instead of > > > >> reusing triple fault? > > > >> > > > > > > > > Second thought, we can even just return Notify VM exit to L1 to tell L2 > > > > causes Notify VM exit, even thought Notify VM exit is not exposed to L1. > > > > > > That might cause NULL pointer dereferences or other nasty occurrences. > > > > Could we synthesize a machine check? I haven't looked in detail at the > > MCE MSRs, but surely there must be room in there for Intel to reserve > > some encodings for synthesized machine checks. > > I don't think we have any choice but to synthesize SHUTDOWN until we get more > details on the exact semantics of VM_CONTEXT_INVALID. E.g. if GUEST_EFER or any > other critical guest field is corrupted, attempting to re-enter the guest, even > to (attempt to) inject a machine check, is risking undefined behavior in the guest. Synthesizing shutdown is fine, as long as userspace is notified.