Received: by 2002:a5d:9c59:0:0:0:0:0 with SMTP id 25csp21540iof; Wed, 8 Jun 2022 14:14:40 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxw5HevvWNQMT2W2GNxv0jTwJ5PgyWc+4ovBp5ASBxlakKbb3P9Ueh+O6LOeXciGVkwEECH X-Received: by 2002:a17:907:7f9f:b0:711:c9d7:c44e with SMTP id qk31-20020a1709077f9f00b00711c9d7c44emr18381620ejc.142.1654722879896; Wed, 08 Jun 2022 14:14:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1654722879; cv=none; d=google.com; s=arc-20160816; b=Fh90fBZl5sbTI5Zi0CG0WCUoFzol1FM+wSOgGYAECpqb3OS5+p0hpoDyM0Cvp+F312 MvbOVWuVYHnU0nXroJgpVqCq2l6VQKPOjNUxliTfVXRmHw9MypkV1kFbPWQeVy3yqrS8 mx39SnHfLMRgO1dXD4G7zwdJP2vR7uStFwL+JnGfUH3r4v50pJezWcfb0o8QdYoQ5eh4 /mtks2WLGTHqFVvm3TSgBcDeHcYHuXnxnIqLJhPMUU3j0sh3VFacrQA0f/DR8sco77qr oPeXDuoBZy3MOvLy7eGPjEhVDyREvuCJVQnIEG4AI75QQUoHeTDVdtMRFFt+xBTAaRgn vB/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=vMqOytVP+gk8AwC7a473qnQFRe9VfwTYdUh9Vb7sypY=; b=O4SyOu/xppckSXypUWWF26oBu9pbcNJ7x0KQLCFIZQh6BsORfy4Rn2zksmUhyLgYvn OTTYns5okg+0ZPkfCAEqaYNwVMoHiUSy8pSJqUrdBGKedV+m81KScYL46t7duhqDYcmS zNXAGVOJwlboEPhVu9ik6rX7XeYhR3z3DytRYXQAolp8hQ8L0OTHvmYrhc0s4TRWPx8n 4BJDPwRgk733CYIK1nk2kgaFhMZ45H4IeZnEUEVVCh8WI2yQb24fD8Cu3w6iWTky4iQ3 cqxZZ3B4yMOC3YAXFAljkNNlMwGpWO3LwXQ6AkfWFK2E1PBnDWJ+4kKtiK9FX6shJlnL SSrA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=C3NoCaOb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id sc27-20020a1709078a1b00b007118b080e9asi8470341ejc.1004.2022.06.08.14.14.13; Wed, 08 Jun 2022 14:14:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=C3NoCaOb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233934AbiFHUyE (ORCPT + 99 others); Wed, 8 Jun 2022 16:54:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45066 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234318AbiFHUxb (ORCPT ); Wed, 8 Jun 2022 16:53:31 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 7215A1D08B2 for ; Wed, 8 Jun 2022 13:53:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1654721591; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=vMqOytVP+gk8AwC7a473qnQFRe9VfwTYdUh9Vb7sypY=; b=C3NoCaObtAeZ2/6HMnZLTc7h4nSUqLTjU3yHeqN7v4BAQCx/drNzwNUqoJaMysvl+xZU78 rr4QyePAygcBA/+WHcwRaUhqxslqwOsolu+v0ct11s6Foh1rKg+1z2QB2xWDlB7uPpHw9m l4QzMeNlpBehjMjOjpAdCVXn/oU6UFc= Received: from mail-il1-f198.google.com (mail-il1-f198.google.com [209.85.166.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-653-d7b0URseNR6l-2zU6ErDdg-1; Wed, 08 Jun 2022 16:53:08 -0400 X-MC-Unique: d7b0URseNR6l-2zU6ErDdg-1 Received: by mail-il1-f198.google.com with SMTP id y18-20020a927d12000000b002d3dd2a5d53so15732678ilc.0 for ; Wed, 08 Jun 2022 13:53:08 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=vMqOytVP+gk8AwC7a473qnQFRe9VfwTYdUh9Vb7sypY=; b=pT7YaH6n2ovmWPVEIGGsHtQAJanDiHNZv9+EKSbz7WkFVCHcDKzhpZupoev9+oBJow SBNHzuWVFGx8M0gZ7n6sl0yScdgPXrfi6R/8n6P6nxGHr7oeaUW5bFHdoZegEubadB+O rp1qhthqQOW/7VER5WKNtH+Ov8KTVuGsuk6oCEUnZJSVV5haQINHaETHRbqMo25hMDIG LZ0LZuMWy4OP4sPEhCEstaaWaEFNA8iCYgAi9eQcPEQZg2VLhKW4EsRSQblHTg+5ppJc 4Gcl9Ow/9KuiSWgsXIdtdJFxiyzBD5RKYGWfV5Xwh3D/X1bicLVEOTy/2re2wO9ZGu1R RMCw== X-Gm-Message-State: AOAM53043H9fbzXIh+yltZP28ozP8tvPIQWf198OwXajcmMhvagNfQTA l1nEvZJwsHS0Um+qhgc8mxkkj5EJcZePHlujAjGnoTPJ+yQyoAi7sLwG2d200hBP1jJnZRgGFjx AghzaO2nwqhEK0hSIpSkfuelN X-Received: by 2002:a6b:4013:0:b0:668:825b:1ceb with SMTP id k19-20020a6b4013000000b00668825b1cebmr17742752ioa.180.1654721587553; Wed, 08 Jun 2022 13:53:07 -0700 (PDT) X-Received: by 2002:a6b:4013:0:b0:668:825b:1ceb with SMTP id k19-20020a6b4013000000b00668825b1cebmr17742737ioa.180.1654721587236; Wed, 08 Jun 2022 13:53:07 -0700 (PDT) Received: from xz-m1.local (cpec09435e3e0ee-cmc09435e3e0ec.cpe.net.cable.rogers.com. [99.241.198.116]) by smtp.gmail.com with ESMTPSA id a13-20020a92d34d000000b002d3de4c1ecbsm8918633ilh.68.2022.06.08.13.53.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 08 Jun 2022 13:53:06 -0700 (PDT) Date: Wed, 8 Jun 2022 16:53:04 -0400 From: Peter Xu To: Leonardo Bras Soares Passos Cc: Sean Christopherson , Paolo Bonzini , Sasha Levin , linux-kernel@vger.kernel.org, stable@vger.kernel.org, Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "Chang S. Bae" , Andy Lutomirski , kvm@vger.kernel.org Subject: Re: [PATCH AUTOSEL 5.16 07/28] x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0 Message-ID: References: <20220301201344.18191-7-sashal@kernel.org> <5f2b7b93-d4c9-1d59-14df-6e8b2366ca8a@redhat.com> <2d9ba70b-ac18-a461-7a57-22df2c0165c6@redhat.com> <9d336622-6964-454a-605f-1ca90b902836@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-3.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jun 08, 2022 at 05:34:18PM -0300, Leonardo Bras Soares Passos wrote: > Hello Peter, > > On Tue, Jun 7, 2022 at 5:07 PM Peter Xu wrote: > > > > On Tue, Jun 07, 2022 at 02:17:54PM -0400, Peter Xu wrote: > > > On Tue, Jun 07, 2022 at 03:04:27PM +0000, Sean Christopherson wrote: > > > > On Tue, Jun 07, 2022, Paolo Bonzini wrote: > > > > > On 6/6/22 23:27, Peter Xu wrote: > > > > > > On Mon, Jun 06, 2022 at 06:18:12PM +0200, Paolo Bonzini wrote: > > > > > > > > However there seems to be something missing at least to me, on why it'll > > > > > > > > fail a migration from 5.15 (without this patch) to 5.18 (with this patch). > > > > > > > > In my test case, user_xfeatures will be 0x7 (FP|SSE|YMM) if without this > > > > > > > > patch, but 0x0 if with it. > > > > > > > > > > > > > > What CPU model are you using for the VM? > > > > > > > > > > > > I didn't specify it, assuming it's qemu64 with no extra parameters. > > > > > > > > > > Ok, so indeed it lacks AVX and this patch can have an effect. > > > > > > > > > > > > For example, if the source lacks this patch but the destination has it, > > > > > > > the source will transmit YMM registers, but the destination will fail to > > > > > > > set them if they are not available for the selected CPU model. > > > > > > > > > > > > > > See the commit message: "As a bonus, it will also fail if userspace tries to > > > > > > > set fpu features (with the KVM_SET_XSAVE ioctl) that are not compatible to > > > > > > > the guest configuration. Such features will never be returned by > > > > > > > KVM_GET_XSAVE or KVM_GET_XSAVE2." > > > > > > > > > > > > IIUC you meant we should have failed KVM_SET_XSAVE when they're not aligned > > > > > > (probably by failing validate_user_xstate_header when checking against the > > > > > > user_xfeatures on dest host). But that's probably not my case, because here > > > > > > KVM_SET_XSAVE succeeded, it's just that the guest gets a double fault after > > > > > > the precopy migration completes (or for postcopy when the switchover is > > > > > > done). > > > > > > > > > > Difficult to say what's happening without seeing at least the guest code > > > > > around the double fault (above you said "fail a migration" and I thought > > > > > that was a different scenario than the double fault), and possibly which was > > > > > the first exception that contributed to the double fault. > > > > > > > > Regardless of why the guest explodes in the way it does, is someone planning on > > > > bisecting this (if necessary?) and sending a backport to v5.15? There's another > > > > bug report that is more than likely hitting the same bug. > > > > > > What's the bisection you mentioned? I actually did a bisection and I also > > > checked reverting Leo's change can also fix this issue. Or do you mean > > > something else? > > > > Ah, I forgot to mention on the "stable tree decisions": IIUC it also means > > we should apply Leo's patch to all the stable trees if possible, then > > migrations between them won't trigger the misterous faults anymore, > > including when migrating to the latest Linux versions. > > > > However there's the delimma that other kernels (any kernel that does not > > have Leo's patch) will start to fail migrations to the stable branches that > > apply Leo's patch too.. > > IIUC, you commented before that the migration issue should be solved with a > QEMU fix, is that correct? That would mean something like 'QEMU is relying on a > kernel bug to work', and should be no blocker for fixing the kernel. The QEMU fix (that I posted [1]) is not a real fix, only the kernel fix is. The QEMU patchset only allows the migration to fail early, the kernel patch allows the migration to go through with no problem as long as both sides are applied with the fix (or both are not..). So there're two issues we're tackling with and IMHO we should fix both. [1] https://lore.kernel.org/qemu-devel/20220607230645.53950-1-peterx@redhat.com/ > > If that's the case, I think we should apply the fix to every supported > stable branch that > have the fpku issue, and in parallel come with a qemu fix for that. > > What do you think about it? Yes I mostly agree with you. I think your patch still does the right thing by not migrating anything the guest doesn't even support, and that seems to be the only way to fix the pksu-like issue on migrations between hosts with different processor configurations. But it'll also bring other unwanted side effects, that's why IMHO we need some careful thoughts and I hope I didn't miss anything important. Thanks, -- Peter Xu