Received: by 2002:ab2:3b09:0:b0:1ed:14ea:9113 with SMTP id b9csp210900lqc; Thu, 29 Feb 2024 15:15:16 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWa2kmOIpWrARj//TEkpA69LYF+BgHYUd0h9UkowYSHFo7zxCw2hkRXJ/Em37j0Z4kraTUnq0rlConjtXU+F9soadpHgjMqDekB5mz/xA== X-Google-Smtp-Source: AGHT+IHpUQUenVFyUaRmioqdsc9Epk8lVVs08TbOPsUc299VKLEWOvs5pojdKTw3h8SIxf2uwFAO X-Received: by 2002:a17:906:2548:b0:a43:7ea2:a289 with SMTP id j8-20020a170906254800b00a437ea2a289mr57240ejb.55.1709248516447; Thu, 29 Feb 2024 15:15:16 -0800 (PST) Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id hd11-20020a170907968b00b00a444b9d37b9si810908ejc.408.2024.02.29.15.15.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 15:15:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87667-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=nYAr9QGJ; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel+bounces-87667-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87667-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id F16901F22F7E for ; Thu, 29 Feb 2024 23:15:15 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 88DBB75806; Thu, 29 Feb 2024 23:15:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="nYAr9QGJ" Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 253BB16FF4D; Thu, 29 Feb 2024 23:14:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=192.198.163.10 ARC-Seal:i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709248502; cv=fail; b=lvy1vRX6ijGjSoH4/DEbegfAIHXgDVmw0sDBhjAXaysIjePYclWkRo7IrjhFISPqDUoHeRYzvLOpqqbsXvISnNgA8dXYlMiXA1K8LGkAXUlkjLiSKFBsbg2ULd3vMs0na/zNssoJMh0tRSu57S4tJKe9FKljjSFkNYiDFPosoxE= ARC-Message-Signature:i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709248502; c=relaxed/simple; bh=Md9xZlXo4nrroithU0YeN41AzBVy+7IWbiudSf6pxW4=; h=Message-ID:Date:Subject:To:CC:References:From:In-Reply-To: Content-Type:MIME-Version; b=tQX9DiPuNq5eUz6f+jVliE+4cBci/ohQGmVl2Yqrh3E4cKjt1EBczOWvSD08nObDeHJZ6yBajNvV1q7+mrCoFddSFkdmVwXi1dtzazOb78PXCG/FbA6rMOMyDo3e0+gYu9ZIM952GAa3SzI1AHBzozpyFxBLbFYv5lAsZUsWmRs= ARC-Authentication-Results:i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=nYAr9QGJ; arc=fail smtp.client-ip=192.198.163.10 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1709248500; x=1740784500; h=message-id:date:subject:to:cc:references:from: in-reply-to:content-transfer-encoding:mime-version; bh=Md9xZlXo4nrroithU0YeN41AzBVy+7IWbiudSf6pxW4=; b=nYAr9QGJl86qZxt90SJbBchbTJ7YXB6SRRQDkk6S5w5YI1YfH5Eqi8eW GHEIfYxffFDmgfY9XzFW+puyvP7hQYpFVk/5KLl1tDdgU428AjjotyE7I PqHU3/p2mRPKXHrRtIRUKpvimS9EBFWDjGoTyCS78kfNl6jNNOT69ujzw 2ZIzofqL1u4jFuAdCNxCXW+q1+2Xy0rPmcY/Z7zHZHOFL4gBdqghOTjPR yKfA/evDwyX3eRhlnSIvv3zcLHqDOfJ5Qg9tIojkinBrCDY4PzllVbGn7 rV/RIJzqUDz7FDs0ySBnkGNPQVVZt905EWPIRhB5oZi4hmrRzUTUs43jv Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10999"; a="15177616" X-IronPort-AV: E=Sophos;i="6.06,194,1705392000"; d="scan'208";a="15177616" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by fmvoesa104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Feb 2024 15:14:59 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.06,194,1705392000"; d="scan'208";a="39002087" Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by fmviesa001.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 29 Feb 2024 15:14:59 -0800 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Thu, 29 Feb 2024 15:14:58 -0800 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Thu, 29 Feb 2024 15:14:58 -0800 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.169) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Thu, 29 Feb 2024 15:14:58 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SDfLPJYwn8ociU8AIq1+WDs8Z3J4bPTlIXPxbQyZ0Hen5pi838ZJCCIaBYt8BS1W49p8yqqrxYxL6RTLHtPp+BA7x6JZTI0Iikm3Y2h5ZQLyUsQ3w6DgLOYQ0LgRhLBBOIyO0sUj/LhfCOXtS5LUKj64AEmNeWfe/fTJGoyAnMuep6wlJLJUPKff5n6zQAohcRoIOt4IOKN95VayIvlV+Y7XfPGrEAIwQ1zEX/dXkHQGBvwt2VXTkCL8ljw2YKwtxKkLZVnRn7AJwGHahyQ0pSDrrD/BWo7WnMpfi2iT6CP2RW1aVmE8FhXlJJQMukj6UpRUkf2vE+kJoPgAyugFxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PMC+De5NemF5LxSpDUv7MbdP5GZhhfnPmAsSKfW5+jg=; b=DVESKdS6uEdH5+6e0cOOt8I3n5earw7BB9CH/+Wv9ZiZ/7Eoaba+hxlrjKAuof9/eLw0aO2YcYAX3n0OWXGByFnN58KQiZCahmYbGaYoOqgW57pKbGi9Ill700raGyMsIaJAMiWkQFa8OGTCYzFD3OMDSiihJQMNv2eBd7Frn9s7rdYJCDQVR4sIlpaBC1pE+K+4IyY67G4iINGMyQ8m1v8tvDPjECdKbfomAwlDknj5I7EiQpu6GePsyuPvibi4uYpPRDPNdJjWeuxtdY4C9EGRhHW9RaHEZNHca5Tj6lyg9bkLX10ClsY9lSMl0d3URUlgqjI/aJuUMLq30L8sHA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; Received: from BL1PR11MB5978.namprd11.prod.outlook.com (2603:10b6:208:385::18) by SJ0PR11MB5072.namprd11.prod.outlook.com (2603:10b6:a03:2db::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7339.25; Thu, 29 Feb 2024 23:14:55 +0000 Received: from BL1PR11MB5978.namprd11.prod.outlook.com ([fe80::ef2c:d500:3461:9b92]) by BL1PR11MB5978.namprd11.prod.outlook.com ([fe80::ef2c:d500:3461:9b92%4]) with mapi id 15.20.7339.024; Thu, 29 Feb 2024 23:14:55 +0000 Message-ID: Date: Fri, 1 Mar 2024 12:14:46 +1300 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH 07/16] KVM: x86: Move synthetic PFERR_* sanity checks to SVM's #NPF handler Content-Language: en-US To: Sean Christopherson CC: Paolo Bonzini , , , Yan Zhao , "Isaku Yamahata" , Michael Roth , "Yu Zhang" , Chao Peng , Fuad Tabba , David Matlack References: <20240228024147.41573-1-seanjc@google.com> <20240228024147.41573-8-seanjc@google.com> From: "Huang, Kai" In-Reply-To: Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 7bit X-ClientProxiedBy: MW4PR04CA0313.namprd04.prod.outlook.com (2603:10b6:303:82::18) To BL1PR11MB5978.namprd11.prod.outlook.com (2603:10b6:208:385::18) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL1PR11MB5978:EE_|SJ0PR11MB5072:EE_ X-MS-Office365-Filtering-Correlation-Id: 6c4c1952-d56f-467a-d125-08dc397c3de3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nz+CU8HdPUt5mVV6sLXTFfbvGSwqatlOiHCoB2hX+EUcHZawR5A3geS/+m97xQnvE9p84u/Y3lnywn8+XLbunC/KPnrbWANBgJ5g3dof5clGcTtW/azBa82ON+BBZAIjFiFmrnazOUO/FC0b1mS2u6zG8fMRb5GqSS0vkult9n6ULqQ+mUUon/gi5nsTN2+0I5QuZeEE7P/6vBgMkYZT4+97/HJ1Es3ul7lCdr3lVRWladw3w8t6Z2RFQeBK/U7aDmcolwFooEKIw2DjWyVr9MvNzkhtRrkaveEsBYjygMR0yJYpP7l6tu9ZY820Jd3dIR4shWYeCeOnzIq4nsz/oQ3E48TwffoQ/81JZ5y1h2Z2upZBM84nBBhY1wt6mmuqQIZlr2thgNBAwF3Ojg/aXQWU00P/mEyKyiGumSp6Hw8vxiQpr50EXuxBii87m7ClRqKsum7Gq+m2vpT5Jg8QGpCAoTc0pAa1X2u5PoQJGa3t44+lrGwjUA+5fnH+W7Dcmqn80ZgeaRtekFQOEwv3szy15VYFxizy2ad1uRJFpWiuv8xlwjI0xB31+MdbGlRXuyebv5a1VDRXx1DfRCwb4aqVzMUSUzHxAANfnJM7FHdQAJE7sCVe8zrwVajV6cL3Uqs818jt1okdtGs5b9ewyw== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL1PR11MB5978.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?YVBjZDRCaEN5NW9sUzZ5Z2hENFo1UjlCb0pQdVJweGl6empkMVdwWVdaODRw?= =?utf-8?B?bityZ1JOLzBTeWhNa1R1SWJLbGlldExpSW94ZlhMbWVzOTNZdVY5YTZrQ1l1?= =?utf-8?B?d3l6SXZIS0NSczZWd05ZSWtnbVlvYlZHYmozMU4xcjAvVmFxVjZGZFVZUG80?= =?utf-8?B?SVlYQ0VQOUMxeCsvNVNMc3VOUlBQVzlvRDBrK1oxK3BMZWdmVHZxNHAzQ0lj?= =?utf-8?B?RTkwR0twTno1S3BQb2E3dWhSU0diREVHVStzbU1NT0tuQkdCQ2l5YjRiQWEv?= =?utf-8?B?UFBXTzJrYzFlMnRsWlRTRXZ4eVNHZTlVbEdwWVZheUhCZ3E3RnovREpPdzZC?= =?utf-8?B?M2pnL1R1dmo2d0hWVGhIWThmdkcwVGdHZ0o0ZldTN1EvN3IvRDRzYVZkMCs5?= =?utf-8?B?WFEyMTF5ekZ4eVkxYW1LdjlJSzdUQkUzNkI0Y3RkaWdMeXV3TXF1NnMzN3FR?= =?utf-8?B?MUpVVlA3eHRGcmRCQkxFcGpXNUNtOXh6Y2l0TzVRbDdYK3orYzNUR1BkOEdB?= =?utf-8?B?NnA1RWZWWUhDUTJtY3JGQWRxV3JSSHVOdm55ZExJbEFoSmZJaldHcE1NRnNw?= =?utf-8?B?S05kcDgyRXBVTWtoYmo5QjBWNjlkTmcrdlNRVTg4NVdDUU9IR2RnWldxWmNL?= =?utf-8?B?QktzQ1ZLRWFsb2tHaE91K3Z3WFR1bDhiellmYkxTeTltK0pMNnpjRVFhMGtZ?= =?utf-8?B?ZEtEbjJSZ0dwais0S1ZlZE8yUkZLTkl1M0VZVmpBWDBCWFdnRnB3Z29GOEdP?= =?utf-8?B?SVFvclN6UTIwdXl2UkpkY2hsbUcvMU5HdmkzM1B6cHdwblo2Z29LLy9hbkRC?= =?utf-8?B?RkNVd3p0ZUdvSWpSdXpQUENZZ3FhU2pmU1ZUTE1BU1loRlBVYk1RSG9qcE9S?= =?utf-8?B?SmtEajBnM2tRdmhBbUxhK0o2K3psTnQ2YUF0Lzh2ZjNudGZpM1lEQ2V3Slkv?= =?utf-8?B?Vms3bnBVS2s3MWF2R2tWSThLL0IzTjdrSU1zaW9Lb1E5djZiRGg4QXBBZUJs?= =?utf-8?B?VFVydDJ0OVpCTzRZa0NuT3JNM0FsejA3U0ZZdVVZbHcvSnJHOFpPdEk2SWd1?= =?utf-8?B?OVY0ZXNjMXVQdWkxYzlxZ1crUkFJd3ZZZWdHWEV3NjVEVVQyMGZSajFYZGdm?= =?utf-8?B?V0gwa0owMHV2aU9KL3NORmhmbUpLdXhZNWhrRWxVeGhLRXlyejl5ZGJYbHgv?= =?utf-8?B?QzNQaWxPS1VNbE1Jd0tNZTcrVmsrQlNmeVgwTlpnVStQem1PdGxLd0VmekxC?= =?utf-8?B?S1l4Q3BQN3JZdU1ZTkM2cDBYR3M2K0VtT1gvUktjUTRpcm5ROTl2ajJqZEpu?= =?utf-8?B?eU53cDFDdXhUcTZ6c1ZxTDNtdHJnK1ZFOU5QZVNORHR0dGlGbzl0Y2tyM28w?= =?utf-8?B?dlc2bmhYQmUrTnQ3a0daQjNtZHhKRzBrRDcyVFY2ZVhvbmZvYkJhZEIwVHZp?= =?utf-8?B?Y2I3dnhvTkU1RnljaVFKSEZISTRPSmhwSG1xL1ZPWUhCcjB2OUQ0cmFnd2E4?= =?utf-8?B?NzVaeG55K3IwekNSMTJ6V0lRUDNOQTk5REE2SmE1bjAwbXdLNXkrNFpLcDNQ?= =?utf-8?B?cHMxaytwUnpzN0RzTDYzRXJQQXdYSEZhR1NSVHVlSHcreVlkQlQzYVN2Mlhw?= =?utf-8?B?N1dPTkpXdnhZWURXZHhWditlU2lpcElVamQxTUdIM1BlWnFMclgrN05ZLzdS?= =?utf-8?B?RFVUZXBCTDRsZ1FyZEtLN2ZkekZ5clRYMk1XdHFDZ0UraHc4dWxRbWNuUW5z?= =?utf-8?B?YnA0WFlZVzhhRWgwS3NHSmVMUjZPNEl5QjUxc2M0WkZmMnE1WjBqMFdJTC9t?= =?utf-8?B?VUJmSWxnQ3FVK2xBcG9xMnB3RXhLZHFVYXNuQTBOb0UyVmpoeEpSTnVRR3VX?= =?utf-8?B?ejg5SGFHTDBmRWtWOFNOR3Vkb1pvUDI5QnF4VXBKRURlL29XMC9kUkhzcTlN?= =?utf-8?B?OCtDZUZ6MzRBSVVIK3pWdkU1T2Z3OXNpRHhMVGM5TXF0ZUw0aDlIeHRVa2Z1?= =?utf-8?B?eHZpUHE1Z3doTHR5bFRGeFFGUDFEbTkvdVE4ckhGMjdJOEM0M0Q5akpkVlRN?= =?utf-8?B?WWRIcWhGSi9sUUlra203MkduaUEwbys1VEUyQlB5Z2ZDZWZubDJEa2F2Vmc2?= =?utf-8?Q?7SSSL9hVrwjwAowgsWpUlCi+e?= X-MS-Exchange-CrossTenant-Network-Message-Id: 6c4c1952-d56f-467a-d125-08dc397c3de3 X-MS-Exchange-CrossTenant-AuthSource: BL1PR11MB5978.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Feb 2024 23:14:55.8511 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: cGoOHpGOIjxOTfik2462Q1kmWAc5qyxcyvPNvYTgWUAITbo9McqdjuRL6jbCjefsysO4bo2MC3HLIiNlOc/j7A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR11MB5072 X-OriginatorOrg: intel.com On 1/03/2024 11:52 am, Sean Christopherson wrote: > On Fri, Mar 01, 2024, Kai Huang wrote: >> >> >> On 28/02/2024 3:41 pm, Sean Christopherson wrote: >>> Move the sanity check that hardware never sets bits that collide with KVM- >>> define synthetic bits from kvm_mmu_page_fault() to npf_interception(), >>> i.e. make the sanity check #NPF specific. The legacy #PF path already >>> WARNs if _any_ of bits 63:32 are set, and the error code that comes from >>> VMX's EPT Violatation and Misconfig is 100% synthesized (KVM morphs VMX's >>> EXIT_QUALIFICATION into error code flags). >>> >>> Add a compile-time assert in the legacy #PF handler to make sure that KVM- >>> define flags are covered by its existing sanity check on the upper bits. >>> >>> Signed-off-by: Sean Christopherson >>> --- >>> arch/x86/kvm/mmu/mmu.c | 12 +++--------- >>> arch/x86/kvm/svm/svm.c | 9 +++++++++ >>> 2 files changed, 12 insertions(+), 9 deletions(-) >>> >>> diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c >>> index 5d892bd59c97..bd342ebd0809 100644 >>> --- a/arch/x86/kvm/mmu/mmu.c >>> +++ b/arch/x86/kvm/mmu/mmu.c >>> @@ -4561,6 +4561,9 @@ int kvm_handle_page_fault(struct kvm_vcpu *vcpu, u64 error_code, >>> if (WARN_ON_ONCE(error_code >> 32)) >>> error_code = lower_32_bits(error_code); >>> + /* Ensure the above sanity check also covers KVM-defined flags. */ >>> + BUILD_BUG_ON(lower_32_bits(PFERR_SYNTHETIC_MASK)); >>> + >> >> Could you explain why adding this BUILD_BUG_ON() here, but not ... >> >>> vcpu->arch.l1tf_flush_l1d = true; >>> if (!flags) { >>> trace_kvm_page_fault(vcpu, fault_address, error_code); >>> @@ -5845,15 +5848,6 @@ int noinline kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, u64 err >>> int r, emulation_type = EMULTYPE_PF; >>> bool direct = vcpu->arch.mmu->root_role.direct; >>> - /* >>> - * WARN if hardware generates a fault with an error code that collides >>> - * with KVM-defined sythentic flags. Clear the flags and continue on, >>> - * i.e. don't terminate the VM, as KVM can't possibly be relying on a >>> - * flag that KVM doesn't know about. >>> - */ >>> - if (WARN_ON_ONCE(error_code & PFERR_SYNTHETIC_MASK)) >>> - error_code &= ~PFERR_SYNTHETIC_MASK; >>> - >>> if (WARN_ON_ONCE(!VALID_PAGE(vcpu->arch.mmu->root.hpa))) >>> return RET_PF_RETRY; >>> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c >>> index e90b429c84f1..199c4dd8d214 100644 >>> --- a/arch/x86/kvm/svm/svm.c >>> +++ b/arch/x86/kvm/svm/svm.c >>> @@ -2055,6 +2055,15 @@ static int npf_interception(struct kvm_vcpu *vcpu) >>> u64 fault_address = svm->vmcb->control.exit_info_2; >>> u64 error_code = svm->vmcb->control.exit_info_1; >>> + /* >>> + * WARN if hardware generates a fault with an error code that collides >>> + * with KVM-defined sythentic flags. Clear the flags and continue on, >>> + * i.e. don't terminate the VM, as KVM can't possibly be relying on a >>> + * flag that KVM doesn't know about. >>> + */ >>> + if (WARN_ON_ONCE(error_code & PFERR_SYNTHETIC_MASK)) >>> + error_code &= ~PFERR_SYNTHETIC_MASK; >>> + >>> trace_kvm_page_fault(vcpu, fault_address, error_code); >>> return kvm_mmu_page_fault(vcpu, fault_address, error_code, >>> static_cpu_has(X86_FEATURE_DECODEASSISTS) ? >> >> ... in npf_interception() or > > The intent of the BUILD_BUG_ON() is to ensure that kvm_handle_page_fault()'s > sanity check that bits 63:32 also serves as a sanity check that hardware doesn't > generate an error code that collides with any of KVM's synthetic flags. > > E.g. if we were to add a KVM-defined flag in the lower 32 bits, then the #NPF > path would Just Work, because it already sanity checks all synthetic bits. But > the #PF path would need new code, thus the BUILD_BUG_ON() to scream that new code > is needed. Ah, right. Thanks for explaining :-) Reviewed-by: Kai Huang