Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Message-ID: <cbcb6f35-e5d7-c1c9-4db9-fe5cc4de579a@amd.com>
Date:   Tue, 15 Nov 2022 12:34:36 -0600
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.4.2
Subject: Re: [PATCH v3 0/3] x86/crash: Fix double NMI shootdown bug
Content-Language: en-US
To:     Sean Christopherson <seanjc@google.com>,
        Andrew Cooper <Andrew.Cooper3@citrix.com>
Cc:     Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        "x86@kernel.org" <x86@kernel.org>,
        "H. Peter Anvin" <hpa@zytor.com>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "Guilherme G . Piccoli" <gpiccoli@igalia.com>,
        Vitaly Kuznetsov <vkuznets@redhat.com>,
        Paolo Bonzini <pbonzini@redhat.com>
References: <20221114233441.3895891-1-seanjc@google.com>
 <5b8787b8-16e9-13dc-7fca-0dc441d673f9@citrix.com>
 <Y3PEv9MmQ+y91Ir+@google.com>
From:   Tom Lendacky <thomas.lendacky@amd.com>
In-Reply-To: <Y3PEv9MmQ+y91Ir+@google.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?YlY1M0ZmbHBCdVczbHl6eWRKdGZxZHZMOFhXRytyNTFxa0RiTnl1Q2F3WXlX?=
 =?utf-8?B?aVhyUFdyL3hFalp2Mk1ZRDNFcXZyMDU2RjN3ZGJENzZQQjB0MDFFVjVTaGhM?=
 =?utf-8?B?enQyektMcEN0OWdVNWdKdnRMdlRMS1NDR2xrUWthTkpXNTVDZ1B0akphbXh1?=
 =?utf-8?B?eUFSRkVvMHdQR2RnWllrcnFwM2JKVlhPZGxPT2VQcE1pZ0dGZDhrMmxZWE9p?=
 =?utf-8?B?SUNkT3djemlOOVh4ZGdtRHYrN0VxR08yMUdSSE1sNEo4eWNYeFJXYlBQbm1x?=
 =?utf-8?B?RHhUVUxQbnhpanRJQlk4WFNuSzVJSGt1bGpjK1IxZ3VNUnp5bW9EMlBobUdU?=
 =?utf-8?B?dnU5RE12MWRIM2N2SEk3TFZNUXRKMUdEeEtoTGM4Q2hzZVlveER1OUZvYVdT?=
 =?utf-8?B?OUhTWUFremxPT2xCWS93dXJUSm1IM3djVmtPR0tRdWgxa2dZVjJINjU2b3ZH?=
 =?utf-8?B?aWpweG0yZUdITlhiRmJuamNDc21mbnN6ZXdEU3BGSHdlaDRCeCtVTVdSZlVS?=
 =?utf-8?B?ZTNqaVYwU21OVEpjOFlCNmlEVWJjbEVVZFRKMTl4bjdBY2NtbnJ1a0I0SFRO?=
 =?utf-8?B?YXIxRFpLWmYvbjcxTHM5SldxM0NZSitCZ0x2ZEpJL3JrQ0pmUWJQQ3o1TUcr?=
 =?utf-8?B?MHhRNFdHMTBqZGhNZmQ0cWorZUZCd2NMMTcrTkpUQUlleUd4NmhhcVJ2K2E2?=
 =?utf-8?B?T0daWkkvd05GV2x4TWxzSUdrOUlVZG91QVFKV056UlRqT2tReWpIcDRQT3pn?=
 =?utf-8?B?Y2hLcjg4L2x5RTlpT2FtUzRBZy9abU5FM0xIaTVmd29GWkZ4OUVPOWhLaE1V?=
 =?utf-8?B?b0ZvRUtZU0J5dTF1Y3BJYU5TRzQxQ29aU1hSSEYrVjVRdXIyNG92dEh1dmht?=
 =?utf-8?B?dmFXSmNFZTVFcmUxb3kxWnpwRzlKRGVDVHBPSFpPZmhiOGRzaWl5alNLYU1F?=
 =?utf-8?B?SFZpR1MrV1NIWEVBRis3WU9BS0VQMlNpV0hWNzJNSjJhTU9VcXZLYU52TUZH?=
 =?utf-8?B?d0w1ZXh6R2dQWmxhZlJnMzRtdVRYaFp4aGE4ZXZTQ1lkalNvdXZIVFdwU29x?=
 =?utf-8?B?Q1NabzRBWXViMzYvNVpKNHpmWm1MNzc1WWhjOUJaMXFvaGZnM2N3UEVMNzM4?=
 =?utf-8?B?M29OQjNxVy9NVFd5UXlrTGR3Z082b2FyNnVOaGtwS091TlJyeUtiZlFuTGs2?=
 =?utf-8?B?THlDMWMraC9RQzN6R29mWFJMQ2NWSnBLbU02cG5Sck9iczlxVmtwd3dnTVZy?=
 =?utf-8?B?c2NjNWtIWG5GbVlSOTR5Q1NnLy92b0tiS0R0NXAySmV3bDA2azFGbEF3RFlF?=
 =?utf-8?B?RFQ1YnJ1Q3J4eUw3VE1BWWxqb1ZWdXF3YTl5aElvZ2tEMGxGb3NhOEp4c3Aw?=
 =?utf-8?B?YkdJU0VrRnUrejNRN2tadHZpY09TYnBFVk53TmVKWnZCZlFsZW1EakdrSGt5?=
 =?utf-8?B?N2dNd2sySTZBeHp3bjMzTFJmdW1QOWl3THUzSGE5TW92TVZnRFZMWWxBY2ZH?=
 =?utf-8?B?d3ozb0MvZ0hTVXlscWVLNm9QeXZxZTdFWGpuZXZaUXRLUWZsRmY0K21LcEJ5?=
 =?utf-8?B?alNHUWJIMXg5K0pjcUpxRlFJUUlnVHRUcVV2QjBRbVh6OHBVK1lUU2VZUnZ6?=
 =?utf-8?B?ZVRQS2ozZWxCM3NpSHlLZVAxZEpEZnBkdDdmZmlTNnlKaCtpWHZvYnc3RDhl?=
 =?utf-8?B?YzQ3RklaZVdIZEtzRWpWalIzeFMxZDJKQUJSdGJxR2I1Q3B4Z0VCTkIzUjJy?=
 =?utf-8?B?OHl6YTlrM05jOVljRmtDSGIybVdmTzVRbkZSNE1Ra2JaUDZoM01hYldPMjE0?=
 =?utf-8?B?ZE42R2VQSm9lOHJFT1o2eTVEb3hHSWcwNzFTM0lUNWwzVW5yNmppOXZlNU5s?=
 =?utf-8?B?U1RpWmJnTG5yM2w2M1VRcmxHbHlIMi9aY3NyWURDeEd5aC9oTWd6QzJ6VXRY?=
 =?utf-8?B?OWFxMTZiMEN5dnJ6czd3MXFIdWNvNzNMd1ZMQXNKNWJuaGErYkpWeXFFdjdm?=
 =?utf-8?B?Q1ZPOEpTRjFPQkxqeEtIZVpPVnNmbzZ1UXQrTFpVaFI5ZTZiQ0xXd2FTZXAz?=
 =?utf-8?B?eFpMKy90RityRnRYNDJGcnRGVDY1alJPbkRVNCtPc0N4WEQ2Mmc2MCtZVy9s?=
 =?utf-8?Q?EVdk8K3w47fo50nOV+e2NWu4D?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1a7ba6e1-38ee-4017-c068-08dac7380d43
X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5229.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Nov 2022 18:34:38.2548
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: JQ783GOrVQIdeJgKI+CYV1K+0pTV1uAfvQyMPCEhW7w1bp/aqEFM6YuE8pHESXBxJatg6S+YeGuVp4g9WcPLlg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW5PR12MB5600
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,
        RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 11/15/22 10:56, Sean Christopherson wrote:
> On Tue, Nov 15, 2022, Andrew Cooper wrote:
>> On 14/11/2022 23:34, Sean Christopherson wrote:
>>> Tom,
>>>
>>> I Cc'd you this time around because the APM doesn't explicitly state that
>>> GIF is set when EFER.SVME is disabled.  KVM's nSVM emulation does set GIF
>>> in this case, but it's not clear whether or not KVM is making up behavior.
>>> If clearing EFER.SVME doesn't set GIF, then patch 1 needs to be modified
>>> to try STGI before clearing EFER.SVME, e.g. if a crash is initiated from
>>> KVM between CLGI and STGI.  Responding CPUs are "safe" because GIF=0 also
>>> blocks NMIs, but the initiating CPU might leave GIF=0 when jumping into
>>> the new kernel.
>>
>> GIF exists independently of EFER.SVME.
>>
>> It is also gets set by the SKINIT instruction, which is why there is an
>> asymmetry on the #UD conditions of STGI and CLGI.
>>
>> STGI is also intended to be used by the DLME once critical
>> initialisation is done, hence why it's dependent on EFER.SVME || SKINIT.
> 
> Gah, stupid APM.  The pseudocode states "EFER.SVME || CPUID.SKINIT", but the
> description and the comment both say that SVM must be enabled to execute SKINIT,
> which made me hope that disabling SVM would reset everything.
> 
>    This instruction generates a #UD exception if SVM is not enabled. See “Enabling
>    SVM” in AMD64 Architecture Programmer’s Manual Volume 2: System Instructions,
>    order# 24593.
> 
> ...
> 
>    IF ((EFER.SVME == 0) && !(CPUID 8000_0001.ECX[SKINIT]) || (!PROTECTED_MODE))
>            EXCEPTION [#UD]  // This instruction can only be executed
>                             // in protected mode with SVM enabled
>                                                       ^^^^^^^^^^^

I'll see if I can't get someone to update the psuedo-code comment here.

But, to your original question, as far as I understand, GIF is not 
automatically set if SVME is cleared from EFER.

Thanks,
Tom