Received: by 2002:a05:7412:98c1:b0:fa:551:50a7 with SMTP id kc1csp425694rdb; Fri, 5 Jan 2024 15:05:30 -0800 (PST) X-Google-Smtp-Source: AGHT+IEwfV/9ttjgsZJQpx6Y68D8bkHPn32+CkQ1n28YgdB4H1WtfbELMLWd6kHcOT77b+AQAszd X-Received: by 2002:a50:8a93:0:b0:557:1d4a:ea64 with SMTP id j19-20020a508a93000000b005571d4aea64mr70126edj.8.1704495930818; Fri, 05 Jan 2024 15:05:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704495930; cv=none; d=google.com; s=arc-20160816; b=mHYsq1vMpqnfS2ALc+nMVLyDpTVylb578GsORXyHxXJqC9Wsdqf42DQbLxWIIhQtQa FUc2Jp3iyNZwT54rp7t+6eA5S7kmUodqc6uuM+AHDZjqGxCL7g6Rt+rEMDNFlE3eJEoA E556/wGZJfXXO0R+1Gew7efEVIYn0OmRIs5h8qVDK697MTY8SU63MrUKAI1FDoR0ghIp JkPmDQEJ1ffdJiLXolLqDSZV2z5MOCiTxhkpAKRa0IwHFELp3tF1Yi1tWhOwxyCOfKCF 6ZdMFnGo1GBBykArQNsz/4FERXU/VVxoDZU2vEooHrugxQWdVt3cPMAJ6cG24jaiimBX fpVQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :dkim-signature; bh=eRvWPDCG4JAZwBNK/6G5GN/cR0tx6Hok+T3LJaZP40Y=; fh=cGGTlUWKorIhiv6DCSk/jtnf4Mo+TZOBpZFvHvVYhUY=; b=KbMVSAJm8WZq6l1df1WNiBhZWTKhbUwtDataz2ZK+uQtkxtC1/zG1i70dmiCmb4bkN gGKzCgUh/iVnbOQ0mDIp21wuQDwEBjf1HKnxOFmrK7p5zJas2bkN43myhlSQz7E8LuLg qVe0iiD809Tyu5QKOZCJtY4tq1ZzuRe3vSLE/oq3oZw980iJ+g+XYJURnqLHG2ii40vn UiNI4yxwDuJmAxjjl95CWVgiAmhsM4gSPAKsvEXM44GYhU01bSNBHOrYByWVF4h/NbT0 bWWQ8au0WMtYVInvhERj1AxSvvfcQVx5h9UboZ68ypv2jTdE4i8zQlqam57wcWMpTQsi MKHQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=jLKmdtD1; spf=pass (google.com: domain of linux-kernel+bounces-18409-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-18409-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id m2-20020a509982000000b005573c137986si607719edb.179.2024.01.05.15.05.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jan 2024 15:05:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-18409-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=jLKmdtD1; spf=pass (google.com: domain of linux-kernel+bounces-18409-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-18409-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 577B41F24678 for ; Fri, 5 Jan 2024 23:05:30 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 54117360BE; Fri, 5 Jan 2024 23:05:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="jLKmdtD1" X-Original-To: linux-kernel@vger.kernel.org Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6D6E43609F for ; Fri, 5 Jan 2024 23:05:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-28cbd4aaf29so61498a91.2 for ; Fri, 05 Jan 2024 15:05:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1704495913; x=1705100713; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=eRvWPDCG4JAZwBNK/6G5GN/cR0tx6Hok+T3LJaZP40Y=; b=jLKmdtD1DWEJ7zx+5s/mqcVjjGALm71JKNNaPtFjcYGqKwSom8TpecdesFklLFmqO7 QqOjsnBIqGzJK1uqKp6uJUBxjG8vI/T0WjCw+KuC4/qPYsglFCuXgaMqqWSq/+m8TBOS v+9hYUnrVKs0ZkWtRGLeOE1IUqn2JdP4NHOQRJW4WHEleWi9G3v08A2M38vHX7cfr6Oj rOZYwEgzWGjBLyluRTGiLjGbjt/fdifbJ9k89WdVAXNf2Svb7qD36q4+O2EqOwOaCYzF UtPQwwmbE9I12t3AzDjYXxtq6gC4y+QRR2l6v/hlyC1afR020sZ3k6VOeqHrfrmtcWrQ WPyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704495913; x=1705100713; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=eRvWPDCG4JAZwBNK/6G5GN/cR0tx6Hok+T3LJaZP40Y=; b=vZBIfucMJiL74KBfWU3bpzrmJAbDJ0piqQbHwpv94POWvQR8huZ9SMXM48aMH+gqRQ OJnWMtgvqqDUYSTDvHlNPlm+jXZi7ZIBbpJtCHDAu27o7MMxHGeeBYfLiUZUItNbFMQF OvKPztynaMo+h3Dnju3VqRt5dQYLpnhQnTv9Q0XwrpO1X8+Y8JGIGBNsiD8DPiOs8mZo j+FI++KguApmxV5/91Tf6q1vF5MlVu5BytyAUeg2xrySL0heFkygYNDFnGViDvOHRzjV TALxtscrEVuJ0eicEPt6SZWPCzF0lRw4yamtSW1WiReH9D5H1cpDhrwy5OSFWBCVfweM pPog== X-Gm-Message-State: AOJu0YydfZc2WlMdJTfibLMHchBP3yTb6wJ5hRvZtYrPVFtHjMa+sV4H +/ntBPnTywG6uxjFP4X3RMv0k4qoHuC7OAJ4ZQ== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90b:3b82:b0:28b:7cfa:a8c with SMTP id pc2-20020a17090b3b8200b0028b7cfa0a8cmr1255pjb.2.1704495913633; Fri, 05 Jan 2024 15:05:13 -0800 (PST) Date: Fri, 5 Jan 2024 15:05:12 -0800 In-Reply-To: <7ca4b7af33646e3f5693472b4394ba0179b550e1.1699368322.git.isaku.yamahata@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <7ca4b7af33646e3f5693472b4394ba0179b550e1.1699368322.git.isaku.yamahata@intel.com> Message-ID: Subject: Re: [PATCH v17 092/116] KVM: TDX: Handle TDX PV HLT hypercall From: Sean Christopherson To: isaku.yamahata@intel.com Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sagi Shahar , David Matlack , Kai Huang , Zhi Wang , chen.bo@intel.com, hang.yuan@intel.com, tina.zhang@intel.com Content-Type: text/plain; charset="us-ascii" On Tue, Nov 07, 2023, isaku.yamahata@intel.com wrote: > From: Isaku Yamahata > > Wire up TDX PV HLT hypercall to the KVM backend function. > > Signed-off-by: Isaku Yamahata > --- > arch/x86/kvm/vmx/tdx.c | 42 +++++++++++++++++++++++++++++++++++++++++- > arch/x86/kvm/vmx/tdx.h | 3 +++ > 2 files changed, 44 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c > index 3a1fe74b95c3..4e48989d364f 100644 > --- a/arch/x86/kvm/vmx/tdx.c > +++ b/arch/x86/kvm/vmx/tdx.c > @@ -662,7 +662,32 @@ void tdx_vcpu_load(struct kvm_vcpu *vcpu, int cpu) > > bool tdx_protected_apic_has_interrupt(struct kvm_vcpu *vcpu) > { > - return pi_has_pending_interrupt(vcpu); > + bool ret = pi_has_pending_interrupt(vcpu); > + struct vcpu_tdx *tdx = to_tdx(vcpu); > + > + if (ret || vcpu->arch.mp_state != KVM_MP_STATE_HALTED) > + return true; > + > + if (tdx->interrupt_disabled_hlt) > + return false; > + > + /* > + * This is for the case where the virtual interrupt is recognized, > + * i.e. set in vmcs.RVI, between the STI and "HLT". KVM doesn't have > + * access to RVI and the interrupt is no longer in the PID (because it > + * was "recognized". It doesn't get delivered in the guest because the > + * TDCALL completes before interrupts are enabled. > + * > + * TDX modules sets RVI while in an STI interrupt shadow. > + * - TDExit(typically TDG.VP.VMCALL) from the guest to TDX module. > + * The interrupt shadow at this point is gone. > + * - It knows that there is an interrupt that can be delivered > + * (RVI > PPR && EFLAGS.IF=1, the other conditions of 29.2.2 don't > + * matter) > + * - It forwards the TDExit nevertheless, to a clueless hypervisor that > + * has no way to glean either RVI or PPR. WTF. Seriously, what in the absolute hell is going on. I reported this internally four ***YEARS*** ago. This is not some obscure theoretical edge case, this is core functionality and it's completely broken garbage. NAK. Hard NAK. Fix the TDX module, full stop. Even worse, TDX 1.5 apparently _already_ has the necessary logic for dealing with interrupts that are pending in RVI when handling NESTED VM-Enter. Really!?!?! Y'all went and added nested virtualization support of some kind, but can't find the time to get the basics right?