Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp4018231rdg; Wed, 18 Oct 2023 12:20:42 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFEYZG9njdHTwvrxnk2cb/8twAEuQJOcurrjAcbQpQOR2TUxmNgY2QN2CYkjbVR3Uy2jqF+ X-Received: by 2002:a05:687c:d:b0:1d5:f070:d518 with SMTP id yf13-20020a05687c000d00b001d5f070d518mr425354oab.52.1697656842318; Wed, 18 Oct 2023 12:20:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697656842; cv=none; d=google.com; s=arc-20160816; b=xHmhM68HIOm4WHMdW0fxG2aRNhmjgX3Rcj7Gkpd7Ea/bKX/fYYjYQYvFzaso7mD6ce Sh7LHr1mE03XkM+o3Rj8Juf0v27xHc7r1dCTv67Chy3aXrbDIrYV1mQC9ywEkNvrLJTa aCpDhzPtNrU53tReULnU0yK0e24Lxt0pM8Nb0cksPGYxN58Pv6f0meG2WhsnKv6RxxSP UCYY0lhakyx8oi8/Yp9IinA+71Pb/z3BKh3CND8LlaT5uhyN1bKwM9M+6NdNePD2EcUc b5cJYuj21GGqQDuqXlNLLBAXFQ36rQXhpVoMIFosOcoq1H/ghLJ2crJ0WYxFk2AC7SLe 3cgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:mime-version:date :reply-to:dkim-signature; bh=H7ppnBIIrbmfIJgnyx9B9RiTitNvmGmwskuXYW2Y3sk=; fh=+bHu51nEgy2HG3H76aTWZEQfC1nIHMYOIdNEx2cUoYY=; b=jm3Y/ZWCfnceM5trFwE1l+cS/iEJcPXZCZC6WW2K6uLwzL1357FEiE0Nsz2Hc9XDLZ mPmTbeYmtmEKHb+HC4rq+fz+vSy07NpRvDrTVj1QxuMB2ICUdnDmsnKODscEMeIzalzd Pfc8ld9kim+Cmez2E4Lz4fO5g8U78Q+Lw08iTD47Wwtff3ceiS70uPrPaeQ2DqpRITAw 1e9CjoEMrGA4W9+FSECHAYZb18lZVpOLAXdZ1vKWsUUfiimHJCV7BXQBBpQS3vNkJHu2 xheZGerKBsadTNTMICpxa1MI5LbbwX3yyNwLWbhMXxuCTtRu2TlmFkHngyBl55PEmwLp 3sdw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b="Eh+lgmU/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from pete.vger.email (pete.vger.email. [2620:137:e000::3:6]) by mx.google.com with ESMTPS id 80-20020a630253000000b005859e8c7c22si2926809pgc.658.2023.10.18.12.20.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 12:20:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) client-ip=2620:137:e000::3:6; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b="Eh+lgmU/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id D52748132A77; Wed, 18 Oct 2023 12:20:38 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231419AbjJRTU1 (ORCPT + 99 others); Wed, 18 Oct 2023 15:20:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43270 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230421AbjJRTU0 (ORCPT ); Wed, 18 Oct 2023 15:20:26 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A620D119 for ; Wed, 18 Oct 2023 12:20:24 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id d9443c01a7336-1c9e0b9b96cso51804935ad.2 for ; Wed, 18 Oct 2023 12:20:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1697656824; x=1698261624; darn=vger.kernel.org; h=cc:to:from:subject:message-id:mime-version:date:reply-to:from:to:cc :subject:date:message-id:reply-to; bh=H7ppnBIIrbmfIJgnyx9B9RiTitNvmGmwskuXYW2Y3sk=; b=Eh+lgmU/yLFcI4f/ahRmW3zanjUCZG9OkK3vNWgq1j9GrPbUBhq09t376RbY1BBXDo JbspcSvDp2LYTk/d4EXp/e17UBoGy/w1vjEOGKf24/ZOQHfJ6++hoO1pVb2Fj5HAAJFG zzBNeEQqFXeitii8VRQ0+lQ6uP/aZd83yq24Fd0fWwARrYErbsgspqURWOaA1MQpMBR0 aj5jhWZUBIX27A0ThvrEoq/onaw3UnjKlK1I9jdKhm9p90xZ/9L6JsBQ8MgPuF+pCakc XvKdftOY3ezawUHR1D1a03Y8+rOxPbSsN+lUJ70bfNId7wasXeEQ4vjWoT9EUafYnezx I6lg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697656824; x=1698261624; h=cc:to:from:subject:message-id:mime-version:date:reply-to :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=H7ppnBIIrbmfIJgnyx9B9RiTitNvmGmwskuXYW2Y3sk=; b=DIWcV7DhjmBLDO5XB8wMESnkTKE6uG/m27ErvdP/IXuoo1BHbTVtqbdxeZH6IFecx7 CH8BZNyXguk7qRG+KqId5QiuTuXhgbAD0knsLN3W+AifAAJOWePReVqEnDQELBr60IFl /KG9aU0+qIp5VklMoHMMi4ttlKV5XD0cdtwwTBVae0EVaty2+s0p3eJmSN1OIHHAOQQR TBcfQGuvVaqZCyCLA6nm3R5OS6Vh+Mnex2Z0xoJbTDdfGDmjz+r3QIuDUsL+VYSk9C34 Zi3q1F4800Akc1qKDgkLpgWhsP2OlQ3UvWPpSZndJEYTPn8wgl5l3DOgrPcYynsx2r+C VXSA== X-Gm-Message-State: AOJu0YwoR0cTSlcSvkxrJ85poIKjembvr/bCsNGKqRTwey8/bUmoEOr4 jph5ipyVeXQZ/yvOG0V+uzLRYNavhpM= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:c9c4:b0:1ca:a382:7fc1 with SMTP id q4-20020a170902c9c400b001caa3827fc1mr6069pld.12.1697656824132; Wed, 18 Oct 2023 12:20:24 -0700 (PDT) Reply-To: Sean Christopherson Date: Wed, 18 Oct 2023 12:20:21 -0700 Mime-Version: 1.0 X-Mailer: git-send-email 2.42.0.655.g421f12c284-goog Message-ID: <20231018192021.1893261-1-seanjc@google.com> Subject: [PATCH v2] KVM: SVM: Don't intercept IRET when injecting NMI and vNMI is enabled From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Santosh Shukla , Maxim Levitsky Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-8.4 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Wed, 18 Oct 2023 12:20:39 -0700 (PDT) When vNMI is enabled, rely entirely on hardware to correctly handle NMI blocking, i.e. don't intercept IRET to detect when NMIs are no longer blocked. KVM already correctly ignores svm->nmi_masked when vNMI is enabled, so the effect of the bug is essentially an unnecessary VM-Exit. KVM intercepts IRET for two reasons: - To track NMI masking to be able to know at any point of time if NMI is masked. - To track NMI windows (to inject another NMI after the guest executes IRET, i.e. unblocks NMIs) When vNMI is enabled, both cases are handled by hardware: - NMI masking state resides in int_ctl.V_NMI_BLOCKING and can be read by KVM at will. - Hardware automatically "injects" pending virtual NMIs when virtual NMIs become unblocked. However, even though pending a virtual NMI for hardware to handle is the most common way to synthesize a guest NMI, KVM may still directly inject an NMI via when KVM is handling two "simultaneous" NMIs (see comments in process_nmi() for details on KVM's simultaneous NMI handling). Per AMD's APM, hardware sets the BLOCKING flag when software directly injects an NMI as well, i.e. KVM doesn't need to manually mark vNMIs as blocked: If Event Injection is used to inject an NMI when NMI Virtualization is enabled, VMRUN sets V_NMI_MASK in the guest state. Note, it's still possible that KVM could trigger a spurious IRET VM-Exit. When running a nested guest, KVM disables vNMI for L2 and thus will enable IRET interception (in both vmcb01 and vmcb02) while running L2 reason. If a nested VM-Exit happens before L2 executes IRET, KVM can end up running L1 with vNMI enable and IRET intercepted. This is also a benign bug, and even less likely to happen, i.e. can be safely punted to a future fix. Fixes: fa4c027a7956 ("KVM: x86: Add support for SVM's Virtual NMI") Link: https://lore.kernel.org/all/ZOdnuDZUd4mevCqe@google.como Cc: Santosh Shukla Cc: Maxim Levitsky Signed-off-by: Sean Christopherson --- v2: Expand changelog to explain the various behaviors and combos. [Maxim] v1: https://lore.kernel.org/all/20231009212919.221810-1-seanjc@google.com arch/x86/kvm/svm/svm.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 1785de7dc98b..517a12e0f1fd 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3568,8 +3568,15 @@ static void svm_inject_nmi(struct kvm_vcpu *vcpu) if (svm->nmi_l1_to_l2) return; - svm->nmi_masked = true; - svm_set_iret_intercept(svm); + /* + * No need to manually track NMI masking when vNMI is enabled, hardware + * automatically sets V_NMI_BLOCKING_MASK as appropriate, including the + * case where software directly injects an NMI. + */ + if (!is_vnmi_enabled(svm)) { + svm->nmi_masked = true; + svm_set_iret_intercept(svm); + } ++vcpu->stat.nmi_injections; } base-commit: 437bba5ad2bba00c2056c896753a32edf80860cc -- 2.42.0.655.g421f12c284-goog