Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp3237896pxm; Mon, 28 Feb 2022 15:15:57 -0800 (PST) X-Google-Smtp-Source: ABdhPJxLn0b7mOPC/CzCuq618ffJY1aGd9O8zbuYdBLUF++6xU7W+Mnz1Hijcj+em3/KsLQcZfPY X-Received: by 2002:a17:906:3042:b0:6cd:20ed:7c5c with SMTP id d2-20020a170906304200b006cd20ed7c5cmr17051889ejd.241.1646090157714; Mon, 28 Feb 2022 15:15:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1646090157; cv=none; d=google.com; s=arc-20160816; b=Trd6VI+FKB/3qsL4UdIxXbQBYAlPNqW9jxsZdCiADluiw3xyltT64WTegizecY9TOO YAC4g6oPG6DgcpnhQDZZEjFkV/wzUwHKWDBxzDeqLUIpMvP5YtAOg9smZE0kYnN+Im+o KwpdpNLiI1MMHdpyumb89b4ImQpGuUcT/Gxbqgry7clVGpXON3AKULfRtvBHfJz0vIHT 3ObChqEcGyS5I7WKk0iOL494GhWDT9P9fBHyppNYEcfHHsTP60PVbYx+nlLdJ8b913nq 3jPXem13z9eJTRke/KyAAW8WOSyfmqkBw10egU1nLeCbWCl+ldqIxT8D6LY3vgceU79r D9iQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=BNRCF8PYv/Se3Dr3g8bGB7rOq5xJ078NNrz5/g8pVZs=; b=mouS4zQ9inUjDeH8+g9mR9KaEep9scv2Fh/YcSb58ObaPqxEyKPRbmgIYQxAPiXgpO ALR7Oan9tQ8/YsR6kHlPFNGWsf3NThK3vJKb2QGqsXfHgkTFx41uix8qXYIckeAZzxzR 02lvng9ufBQ1pukKsTBcgVFJWcz4V4ADxHA5Io+HoqfH1PxMr/IP+ajVmFPuNvQAV+Df WZReQFYzuIi26yM092FmplhscEJhCQCTKqQOAkQsTVQhqW3DfXBLYE0lOQMP63i28Wx+ xMIP1cGMt5MqRcxZdzwurvQz73Ijm6jDETQYAflOAG3YF+EjTa/v9tlCujWpG1EiipD7 TawA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=dt8e270g; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 18-20020a170906101200b006ceafb3c992si7425487ejm.391.2022.02.28.15.15.35; Mon, 28 Feb 2022 15:15:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=dt8e270g; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231262AbiB1Weu (ORCPT + 99 others); Mon, 28 Feb 2022 17:34:50 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51502 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229987AbiB1Wer (ORCPT ); Mon, 28 Feb 2022 17:34:47 -0500 Received: from mail-ej1-x62c.google.com (mail-ej1-x62c.google.com [IPv6:2a00:1450:4864:20::62c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3DAF31110A3 for ; Mon, 28 Feb 2022 14:34:08 -0800 (PST) Received: by mail-ej1-x62c.google.com with SMTP id qx21so27737061ejb.13 for ; Mon, 28 Feb 2022 14:34:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=BNRCF8PYv/Se3Dr3g8bGB7rOq5xJ078NNrz5/g8pVZs=; b=dt8e270gTFsMBghtAbbkonO5HxcUHpTucVjLM44I0WLBir1+DS5PcrwF0Bw9+ee9lm 965+PQ4wRV+mwWDNaGkOQQ5IAxY3Vx4Bshrfw+oOBUTtgx962QizQihbGL3AbIUeBIKm L8YqXSasf7TPu/bpERcs89moST2jhYnBb3D5BAOrxVQU5VsdNrPKmNRemkZW7d/EpAG+ smG9WO/GaHV1ft4HmSsFnMUMWPPRYHJoBcX7Qhw06F6e8YKkPSXe7WYX6i4WpUnaFbF8 R4D8Zlc99G2ZZtfi0XblTrVgEt3Qtb5hHlnAkZjgSsKYfeCQWF5ERn5NkJj9WxjkLM6K h2ww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=BNRCF8PYv/Se3Dr3g8bGB7rOq5xJ078NNrz5/g8pVZs=; b=rrQeGZeg0IRwmmhJMDkLv6Vr7Am4yhNjrIANYZJHgLAjvzSjHYVWilxNLt/fSqVHgn FNz9zQvwfYXIyDtZbBa56BHYhXKLxkBafaJsvP8mPmuDb4MtvaQk9umU8V5HJtAIQYfy q0W89p1AVGlFDD1ozluILkEQyBsPPwVIsYSDOUShPyR9htQCrYcR+XK9GFF2yhKuUsQh f1T/3i3Z5EbWed70dMruGUvzRFc58YduvsZCAVLKl9hxm3bBzi9b5f/ShvDWL8pSile5 Bn9KpOD3dV1SYa6v6r4gB1MLbGYOmuT/UE5dQQvNbwGY/j9/L0ZV98teLF5qm+QTFAP3 B6Pg== X-Gm-Message-State: AOAM532nBHMtXRwvLmycGDYIy0zBYDtOWSpIFDkR3f6JW1l2vJ4gD/jn bRcTclTjn5dbmLjTkOhXVzVyuAiIsfyEJllAOOggEw== X-Received: by 2002:a17:906:d14e:b0:6cd:8d7e:eec9 with SMTP id br14-20020a170906d14e00b006cd8d7eeec9mr16860815ejb.28.1646087646642; Mon, 28 Feb 2022 14:34:06 -0800 (PST) MIME-Version: 1.0 References: <20220225182248.3812651-1-seanjc@google.com> <20220225182248.3812651-8-seanjc@google.com> In-Reply-To: <20220225182248.3812651-8-seanjc@google.com> From: Ben Gardon Date: Mon, 28 Feb 2022 14:33:55 -0800 Message-ID: Subject: Re: [PATCH v2 7/7] KVM: WARN if is_unsync_root() is called on a root without a shadow page To: Sean Christopherson Cc: Paolo Bonzini , Christian Borntraeger , Janosch Frank , David Hildenbrand , Claudio Imbrenda , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm , LKML , Lai Jiangshan Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-18.1 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 25, 2022 at 10:23 AM Sean Christopherson wrote: > > WARN and bail if is_unsync_root() is passed a root for which there is no > shadow page, i.e. is passed the physical address of one of the special > roots, which do not have an associated shadow page. The current usage > squeaks by without bug reports because neither kvm_mmu_sync_roots() nor > kvm_mmu_sync_prev_roots() calls the helper with pae_root or pml4_root, > and 5-level AMD CPUs are not generally available, i.e. no one can coerce > KVM into calling is_unsync_root() on pml5_root. > > Note, this doesn't fix the mess with 5-level nNPT, it just (hopefully) > prevents KVM from crashing. > > Cc: Lai Jiangshan > Signed-off-by: Sean Christopherson > --- > arch/x86/kvm/mmu/mmu.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c > index 825996408465..3e7c8ad5bed9 100644 > --- a/arch/x86/kvm/mmu/mmu.c > +++ b/arch/x86/kvm/mmu/mmu.c > @@ -3634,6 +3634,14 @@ static bool is_unsync_root(hpa_t root) > */ > smp_rmb(); > sp = to_shadow_page(root); > + > + /* > + * PAE roots (somewhat arbitrarily) aren't backed by shadow pages, the > + * PDPTEs for a given PAE root need to be synchronized individually. > + */ > + if (WARN_ON_ONCE(!sp)) > + return false; > + I was trying to figure out if this should be returning true or false, but neither really seems correct. Since we never expect this to fire, perhaps it doesn't matter and it's easier to just return false so the callers don't need to be changed. If this did fire in a production scenario, I'd want it to terminate the VM too. > if (sp->unsync || sp->unsync_children) > return true; > > -- > 2.35.1.574.g5d30c73bfb-goog >