Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33;
Message-ID: <2b1c8dde-3ea5-c687-2326-e1564ca7edbf@amd.com>
Date:   Sun, 22 Oct 2023 20:29:48 +0530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
 Thunderbird/102.13.0
Subject: Re: [PATCH v2] KVM: SVM: Don't intercept IRET when injecting NMI and
 vNMI is enabled
To:     Sean Christopherson <seanjc@google.com>,
        Paolo Bonzini <pbonzini@redhat.com>
Cc:     kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
        Maxim Levitsky <mlevitsk@redhat.com>
References: <20231018192021.1893261-1-seanjc@google.com>
Content-Language: en-US
From:   Santosh Shukla <santosh.shukla@amd.com>
In-Reply-To: <20231018192021.1893261-1-seanjc@google.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?ZWpEZzIweVB3N3lRdkRKYjJnNWFNcEJ5UWpHZ3RYY3FaeFczZnVEVVhqUXBV?=
 =?utf-8?B?ZXF3dFloUE9tUDY5NldzOCtFbHgrY1BMMGR6L01OSnc3TDNFWTdwOTJ1RTBH?=
 =?utf-8?B?NExEb0FVK0RCV2JweG0xcUNrTUlJRzhXUjExaCtZTy94eWMrbVlZVWR3OWlQ?=
 =?utf-8?B?T0RtYUx2NFI4OXJicldtQTcwSHdjUmduOWtwTzN0K2JFeThVQmtLbytJL2VN?=
 =?utf-8?B?aGVVNGZmSmxmcUhQdW01aHNacTAyd1VHZFdxQSt3MlN4NktzT1k3MEhXeExC?=
 =?utf-8?B?RlAxSW5iMVNYUW9rN3NJTnptaWpDbUJML3VOTWsvUTgwQnVJSnN1N3ZBdnND?=
 =?utf-8?B?MGxzazNGQWxub3FZMTEwWVc3WVRPSjVZNzU0MDZJOUYwRitrKy9VZDdRVVhu?=
 =?utf-8?B?MzdzV2x0TVVpVFVKamhMVzI2MzlHM0R0TmQxaHBZbGprRmd1azBiQWozbldy?=
 =?utf-8?B?VlQxTEdUY2VQa2JnUU12M0VZTGVpWEtIZnFiU2ZDNG9CYlhMY29iWUtZNy9t?=
 =?utf-8?B?WHBIclZWMDJxWUxvSUllNFdtWm9wYlE1NnhEVGpNeVR2WC9JYno2d2VNSlJI?=
 =?utf-8?B?enBaUlZ2MnA4bnZBTjhHZTEvcXpia2M0QmdvQ3hyUGx1bFNYdnJhMGc4blNR?=
 =?utf-8?B?aldWNDhDamZ6QVZQcW1aQlkyNlNmVWY1VmZrb3M2QmhsbS9wTU1mRnJwWVFw?=
 =?utf-8?B?elFIRTdoWndBbVlVUklrbDRZQmhCQWp0ekYzajhCbk9VdTlnZHFWdVZaeTM0?=
 =?utf-8?B?VHNYMnhXQnNvQWxSWTE5ZFBtTG1jb0gxSEhnOXFsNUUzTDA0aHA0NTVlcXFu?=
 =?utf-8?B?S0FlOFpuR3hXZ2N4eCtpcnRKN2ZNQk1GVjd6UEZleUxDcVl1b2xsQnc4bFVY?=
 =?utf-8?B?WFpXTVM5MU9mem9jcCtSRHd5N1pTdHlvMjk2dXVXM2UyMTFSL0FLNEFRcmZC?=
 =?utf-8?B?cUZwbVlmOVlJQnVNajVWOVFLb29yb3h2TWp0a1h4YkhwdlBheENSaHNVL2Va?=
 =?utf-8?B?cFRkWTJSVWE2bjFTcVlzVjZoYjVmOVFjeTEyUlpmSEdLNUwwTXJvNHQxM09n?=
 =?utf-8?B?dWNlTlFEbUJNaDFUUTVuUGhXWldmMnNESUtrUms1dmhVbW1pTWJzcU9pcE1z?=
 =?utf-8?B?VmN3MExER3U3RkM3ek9ubElFMmMyNTdRcS9VcnpwY3NpMGUyazVoVlZtcTA3?=
 =?utf-8?B?aG9LbXlPS3g4OXExMk1oYzNpK21oeThoRk0rd2FuMXFBUFZidUdSZ3l4ajJn?=
 =?utf-8?B?ZnJIdWhmQW1hSUxGYVhRTUxFb0hFSmtmb1gxZEdldEptcUJNWmNhMkxhYk9n?=
 =?utf-8?B?K0w2QTRKbUtieGk5bEIxcXYyM2szUVlZNUFxSUJxY2g5dWVJK0dWdWlKajMy?=
 =?utf-8?B?TThMM0VLU1ZuMmUxeXE4RlRSUlZQTE43cmdJMWVTNVRYdHcyNDI2UjNuOWQw?=
 =?utf-8?B?SmV0MGc1dVl4akdLb3lBb1NlZ0FjU3c0K1NZM1ltYm5yYWhnZldBUlFUR1ZD?=
 =?utf-8?B?clhTbVhOUldVRDliWUJQam9lSnNUU0dXMmhPTlRiQW1tVDVYZk8xbG83emw5?=
 =?utf-8?B?OFU4S3NPTTdJM0ZSbEUxK0NsbStjYzVOUlMyVG5pSUxORVhPYndnWlJEZTl6?=
 =?utf-8?B?aC9lOWlucVkzQUx6M2pMMzNjdzdSM1YzWklnNTlFNlByVzB4OWZlUHRlKzFv?=
 =?utf-8?B?TmpXUjdyQ3VWSHpPLzZnWmJaYlRrSnBWQTFNZ3p1dW93QjA5Z2JWWkQzajFw?=
 =?utf-8?B?V0xIK2NoTUJNZGZ5U0pTWmQvbEJxUW52NEovV1J4TURrazFGL1hmdVYxQU95?=
 =?utf-8?B?emx3RUhFUkpjdWJsaWIrMjgzc3hkR05mVEtrWGVxbE4zaXJPK3ZndHlpNVRN?=
 =?utf-8?B?Sk43OU9sSE5sSENjTHYzR3B6emczWEVGT3NQRWJESkwyNWlXTjc1b1Q5czV1?=
 =?utf-8?B?bWpJQUpXNDRVSkNUYWR5K21mcDJtNGVDRTduajZLcytSdnNrRjB5ZjV0d3pP?=
 =?utf-8?B?ZFhxdVpVQmkvZ0tRdllKRVh3Z3FTbHBUTEgxTmJOVGdSbUR0VXN3OUpLcFBn?=
 =?utf-8?B?YUVkUEFFb3h0MWgxMm1uN094Q1h0bEcxU0hkaCtxRUhTOTdsNE9uL05GRzg0?=
 =?utf-8?Q?WUdO/1Ym4FoRYslduPPg6yJf8?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6145b6e3-33ad-42c2-c7bb-08dbd30f8d8d
X-MS-Exchange-CrossTenant-AuthSource: CY5PR12MB6323.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Oct 2023 14:59:56.0304
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: F7/JnBw5xrAwg3umj9ToGjcQKUbP1+NkTrqSCcg7H3A41lRfufKPA8XCFcZnDCG/GXbhIXS/g8qIIUmL9R/lBw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN9PR12MB5145
X-Spam-Status: No, score=-4.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS
	autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Sun, 22 Oct 2023 08:00:18 -0700 (PDT)


On 10/19/2023 12:50 AM, Sean Christopherson wrote:
> When vNMI is enabled, rely entirely on hardware to correctly handle NMI
> blocking, i.e. don't intercept IRET to detect when NMIs are no longer
> blocked.  KVM already correctly ignores svm->nmi_masked when vNMI is
> enabled, so the effect of the bug is essentially an unnecessary VM-Exit.
> 
> KVM intercepts IRET for two reasons:
>  - To track NMI masking to be able to know at any point of time if NMI
>    is masked.
>  - To track NMI windows (to inject another NMI after the guest executes
>    IRET, i.e. unblocks NMIs)
> 
> When vNMI is enabled, both cases are handled by hardware:
> - NMI masking state resides in int_ctl.V_NMI_BLOCKING and can be read by
>   KVM at will.
> - Hardware automatically "injects" pending virtual NMIs when virtual NMIs
>   become unblocked.
> 
> However, even though pending a virtual NMI for hardware to handle is the
> most common way to synthesize a guest NMI, KVM may still directly inject
> an NMI via when KVM is handling two "simultaneous" NMIs (see comments in
> process_nmi() for details on KVM's simultaneous NMI handling).  Per AMD's
> APM, hardware sets the BLOCKING flag when software directly injects an NMI
> as well, i.e. KVM doesn't need to manually mark vNMIs as blocked:
> 
>   If Event Injection is used to inject an NMI when NMI Virtualization is
>   enabled, VMRUN sets V_NMI_MASK in the guest state.
> 
> Note, it's still possible that KVM could trigger a spurious IRET VM-Exit.
> When running a nested guest, KVM disables vNMI for L2 and thus will enable
> IRET interception (in both vmcb01 and vmcb02) while running L2 reason.  If
> a nested VM-Exit happens before L2 executes IRET, KVM can end up running
> L1 with vNMI enable and IRET intercepted.  This is also a benign bug, and
> even less likely to happen, i.e. can be safely punted to a future fix.
> 
> Fixes: fa4c027a7956 ("KVM: x86: Add support for SVM's Virtual NMI")
> Link: https://lore.kernel.org/all/ZOdnuDZUd4mevCqe@google.como
> Cc: Santosh Shukla <santosh.shukla@amd.com>
> Cc: Maxim Levitsky <mlevitsk@redhat.com>
> Signed-off-by: Sean Christopherson <seanjc@google.com>
> ---
> 
> v2: Expand changelog to explain the various behaviors and combos. [Maxim]
> 
> v1: https://lore.kernel.org/all/20231009212919.221810-1-seanjc@google.com
> 

Tested-by: Santosh Shukla <santosh.shukla@amd.com>

Thanks,