Received: by 2002:ab2:6816:0:b0:1f9:5764:f03e with SMTP id t22csp3107969lqo; Tue, 21 May 2024 07:10:42 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWOBNIBxZJV9ylbn/5/5fszRnZ0cjlAxlG4MzCxIhUrhqtrOecfLMWmH2ibpeYHIjn+x5ozxifK6rS03gtEJUKYnItD6jGq3XiJpLHBrA== X-Google-Smtp-Source: AGHT+IEJtUFQTPb048Mm6WT5AK8aDID4Xnozt2egjNsiH4dxkpaAp+UlTtDMzQPzg/cLnY6PVBay X-Received: by 2002:a05:6102:a46:b0:47f:1aa9:192e with SMTP id ada2fe7eead31-48077e7c576mr28961748137.26.1716300641725; Tue, 21 May 2024 07:10:41 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1716300641; cv=pass; d=google.com; s=arc-20160816; b=XzYlkH9/5KI+8C2SQv/SmRg6/VTnHysoHwuTC7kdE90tCgNE0vt8ZLRTx1UDoYRckQ 5V43xvs8L3HxULvT7G001YdPEZl/2T3i/sUt+gSnNtLynjLT7wERZDIb4DO/X8Mj1zAs 2Wfqh6AnSms4GS/AdVSfBIyim6LR6cYORt/6xRTzHx/jV5dFaUHK7Wi4+zbF9Ktk9Rou wVoSlzyLKo9moF5/1t/HzO6NagkdrxtEB16+F0Ykzp766vUDTvJzu8cafeAtrlRjHdQS tvzBUZDp8HqMu7m1gsgSgCx1FvMfHxhu5ySg5KLld69uzf69A1sq7hyEG0bHGTKhJkr3 psTg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :dkim-signature; bh=ESvGWXS0fD/t8ylmnmWa5FToXUokd2bJzguAulWr/QU=; fh=rmSFeCAGVcoLQhwUpOgOIRFBLcqon4LW3aOhkArNJSk=; b=dE9E8gYUmlDtM/03W2MEsZqeg7+O/gXRrz6blVDfh3MPZLKWXqMlYvV8muenG7u5jx 070RrBX+bB88zq5+wgJra43h27ypKblqukiplyQC2grnjDFQ6nuG14v7EHQfPgMGz5Vi +rHtxbYbShL16C/nT+0sdr7eqoYqc1d6NbfTRRFv7FbmVwHAH4tBMRhxxz1zPl7Umlzj FXJM3/225PlSXiG8Zkl68LJ4oe0KsvU/4gtFVLx/D1GoNluOfZSa6KCZA7qXe847StRL jvdhySGWqYViiVkbcKV568nfMB2y/oniOw2wJJUPQ4YXlh26F7t1RXunzrBsPm+ldr/F Mozw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=CSWuwS47; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-185064-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-185064-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id ada2fe7eead31-4806cc90a7csi5465200137.603.2024.05.21.07.10.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 May 2024 07:10:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-185064-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=CSWuwS47; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-185064-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-185064-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id D5E641C22E45 for ; Tue, 21 May 2024 14:09:16 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 198EC7F7D1; Tue, 21 May 2024 14:09:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="CSWuwS47" Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D48527EF1F for ; Tue, 21 May 2024 14:09:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716300548; cv=none; b=GcIXv7IaMIEMUhY1hv3hHeHogVufiKEc21Wn34nvXTLyrDKCCF9qurnZ5z7Aw3N3XPOBZVcz1LBHX36YO27PU/7C4AnYCaBFmvUE+GSMPX+mjDlRBxkh5ShlLjxivQZxJLaRpCL5TRFOe824GE4vhEfAv0GOe9Lkdf18Csx9k34= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716300548; c=relaxed/simple; bh=/caslErRT+Hc56Anfjhz6C34hVHNqoRgVZhJ+3+OHxg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Q6IosqXhyzg9d3DU4WIptG0hvnekpNAWNN7OTSA6b5E4hGNYTK+cwYX4XZAYbA5qvJF0CKZMHdXi5xJ9nUH4ngJWhXd9zqR7ENByoT5NcoIYsUEfpavGxlu/OsZT2df6I11LOtFGue7uGWWjdQ0C2VgjKZp2r8npa3bUe0NPWZ0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=CSWuwS47; arc=none smtp.client-ip=209.85.219.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yb1-f201.google.com with SMTP id 3f1490d57ef6-dee8315174dso18105496276.0 for ; Tue, 21 May 2024 07:09:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1716300546; x=1716905346; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=ESvGWXS0fD/t8ylmnmWa5FToXUokd2bJzguAulWr/QU=; b=CSWuwS477MsQct4LeuXgF5z9n9kh2YlCgMjA2JxFq3sOuBI2xWwJJNEP/RQd1DQTEg 2FwyO8ZofUSODa58yTwTD7FTA7hQUBFVaTJfTWRusfMSp8XR5f/BUAvJWZfH2k+28iKn Z4nnUe0nvrQVpFezJXUH1c2i23QfMjb7sEcP+rcaz+MYdKsn0EzQtjMJFR64eni4drvj Bbh3cpNTHlVLPYdXdAf/nroyAaoQ6LRiaqxi5foEjQXUaBIZEFrY9W/QBirPsoIKKFBE mcWIKVrNZQPCJ8ns2PbyEUKR7k2NmNWkafFk+7pHQ+WvKsKHAUlJ6r/zpzw3O6/+WPdN Zulg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716300546; x=1716905346; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ESvGWXS0fD/t8ylmnmWa5FToXUokd2bJzguAulWr/QU=; b=hihRAqJ/jzV6XnOv7Y0SVhZ1cbZOLXP4jVlgnSBY9t64XGhY0nVtBybS6hSDcH9LgN iXO0sZPSyUT5n0saRJ2xinoZa/WX2wwUSDk8uEkeKOV4z8+N9vdpfZRuEjZs2vpDn6NB lZwE2c9gtP5UtebqN7Q+pBSBeqjgZ/oZDm7+dfCvf/5wEtujIr2MgbByklNtxfnD0TtX PWHjeHyTpf+3B0E5Bd7aOL5imLKRk/4zZuO6MQ/ytfKn3rGQkzT8koYhXE9jNTRaf7sa XkhkVqECIi3kYjC7bdVXdYm/11A9OAeLxoe4pksL1oUH5FPAUBc2H2Mup3zzF/UaVxhu qdXA== X-Forwarded-Encrypted: i=1; AJvYcCUHOTRcKJ79rnH3eFjNmoyCKbeXQQfxBvACz6BneBngm1cJAipsjS3JjAw1Ue+yc++08jbfIryMUETfsgrixob8A9tWF8c1Dnbx0pyh X-Gm-Message-State: AOJu0YxoJZL0qb4ENeD4tREiYjySQDcnyOySZIWT6yVJaI3xGjxqZlEF 6AIvzzFYMeJYUqF3KKRcdmiWd07bU1umU4gDju6uedkMJx+DOd8AHpxrwtF56f0FJrUD6I5wQIN m8Q== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:100f:b0:dda:c4ec:7db5 with SMTP id 3f1490d57ef6-df49063341cmr2813975276.4.1716300545914; Tue, 21 May 2024 07:09:05 -0700 (PDT) Date: Tue, 21 May 2024 07:09:04 -0700 In-Reply-To: <20240521020049.tm3pa2jdi2pg4agh@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <58492a1a-63bb-47d2-afef-164557d15261@redhat.com> <20240518150457.1033295-1-michael.roth@amd.com> <20240521020049.tm3pa2jdi2pg4agh@amd.com> Message-ID: Subject: Re: [PATCH] KVM: SEV: Fix guest memory leak when handling guest requests From: Sean Christopherson To: Michael Roth Cc: Michael Roth , pbonzini@redhat.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, ashish.kalra@amd.com, thomas.lendacky@amd.com, rick.p.edgecombe@intel.com Content-Type: text/plain; charset="us-ascii" On Mon, May 20, 2024, Michael Roth wrote: > On Mon, May 20, 2024 at 04:32:04PM -0700, Sean Christopherson wrote: > > On Mon, May 20, 2024, Michael Roth wrote: > > > But there is a possibility that the guest will attempt access the response > > > PFN before/during that reporting and spin on an #NPF instead though. So > > > maybe the safer more repeatable approach is to handle the error directly > > > from KVM and propagate it to userspace. > > > > I was thinking more along the lines of KVM marking the VM as dead/bugged. > > In practice userspace will get an unhandled exit and kill the vcpu/guest, > but we could additionally flag the guest as dead. Honest question, does it make sense from KVM to make the VM unusable? E.g. is it feasible for userspace to keep running the VM? Does the page that's in a bad state present any danger to the host? > Is there a existing mechanism for this? kvm_vm_dead()