Received: by 2002:ab2:6c55:0:b0:1fd:c486:4f03 with SMTP id v21csp328576lqp; Wed, 12 Jun 2024 02:51:10 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXYV1s/lEUv23tN5ONW5mUAT2ZxeQYrWGdGPEqJoJmHzRvTwm1nbTaOl6uk85nPiLZqHWSUiblLkCLn2L0eDpuYW1HNWryu+XnXAnTPKw== X-Google-Smtp-Source: AGHT+IGdSxnd+6Eyd2Lx0GJKe56fYvAIjjR2PjgzvHWjBwco1DEZnfjeVmR5BqNuR2qIqrUCPldF X-Received: by 2002:a81:8d45:0:b0:618:ce10:2fcd with SMTP id 00721157ae682-62fbc3d9fcbmr12386897b3.26.1718185869887; Wed, 12 Jun 2024 02:51:09 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1718185869; cv=pass; d=google.com; s=arc-20160816; b=v+f7LTIH/dwBrzNQk5AwaQnOuOZve232FnVPKABDuQFaajXtk9ljtuYrA+Rn8bOPwV xerXBXsgaln2YJ2GbkOl3f1pYxTerdkuqTryJzPB3DRQs1w0mAFNmIqdL7QaNtKlOl/0 umix2F+nfTJM/0i+gd4rZOE3cEJKw+16LixAwKL896lZAPnPLKP/rskmyHJE6GItnDb2 QP8DcQqNbp3YXylm+7OenFK0X+XNTMmOQ3DI9pnmZEJ8Ja7cm4YtcTrjUJs0ZZ2+5jb0 rlqYVacZXwD1Lg+EvdvM/HLvrImJ7OdaYSw0cONEcsTyqm0WoWRCbC6bINYNhvN3CBDw nbTw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=ZKfawODDLCXuRgnqSwJ1wa1RBRns4DQLkK8LMJ/8kJY=; fh=KrydMeoMFrY0U/2OX7Jl+IN+R/Jc8q3oJit3zFCXSIM=; b=DFsZbJ2kChMtbtzED1WbOhoVnElYbkITZvE5QIYkHeV8ZNTj7llVqEiiqgu5C6l+kM OA3SVt/Qwb9McrbIc0KBwQGX3GBuT7I8EniiTT1CQ32aIH4BuUYSaePW4nyxSq85TXSf uCISQ4ys+JRZhz8y5rNRLK1h6vCQ2UNARV2pdyN5Rn1iYizIytmWKHOFTpcjEFLELqaR 9yK6rQQhT4W9Wx+Y6SopaVDFCTmgSGYBB+TaO3WqFm4HkwPKNtBSDU7SAuJ2YWDuRpWF h1O1SIDjhgyh4Bn1/a2OhiMdv9SztaQtYEokZgrcGPKLd5D6933IU1x7IvDenIvsdqfu WByw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Rg5U1lky; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-211296-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-211296-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id af79cd13be357-795331d2a53si1586848885a.262.2024.06.12.02.51.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Jun 2024 02:51:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-211296-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Rg5U1lky; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-211296-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-211296-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 994F11C21431 for ; Wed, 12 Jun 2024 09:51:09 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 4168516DECA; Wed, 12 Jun 2024 09:51:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Rg5U1lky" Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 25EC415BB for ; Wed, 12 Jun 2024 09:51:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718185864; cv=none; b=CbN4cmkZGPWQSWsdCnSiIGHZdMNU6b2TIKYZu8bAacd5T3qEqLDQwjXuSRF/jXB9N+b7/RjeHjE6buCqxSMncLgS77vweEWyjVyE84CWwgrYqAqJg8ZB0lDUTTtWR+qIR5wUXxCzXiumAqH/Ys/lBkLIv7TA2GpKX1XfI3E9mWw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718185864; c=relaxed/simple; bh=EHuBceC3NjDWceIKSIK6pbNtuCAqnM4qibuojYESsl8=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=IqSKOQixhXtLu3jfnPh8/PabBdXRl1Uh8Q5y755uo9O2nimDmk39MhGYe7Mml4oSF6i1f1PrezGHeKEAo+zDla+l2VigK48Cjmx8umKR9mz4YLuZMe0wWi1A04XmWTkqEAzZr772PohwlK2KoO42tH8KeD+h/pJmJq7TPa+T+tA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Rg5U1lky; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1718185863; x=1749721863; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=EHuBceC3NjDWceIKSIK6pbNtuCAqnM4qibuojYESsl8=; b=Rg5U1lkyGG0MmdYOEhCI7+ijTzMrDarIDBQRi9uvamLUwCvtRqgv6OEh 7XKeafDC0JyUwT66yRyieXsk4yLj2+4LqCxTv0v9Yq+SPUnSlcqp7dc0i 8kZoZ0nNapNCUSz1F/r05cGJImxwMPFNbeyYin+UWOdgf+6ABx2DEWoPr dFmfjFeE61qI2XAD0h1eXQ7yP40lkUe4RCPwsrTIWhY5ixVQF2BSA0/fy r60hssLLYjYtl0uBjyEbJw3RIxo0mIS6OcJYIYR/L+vuMJYz39NNCw893 5EO1YYB9af5hy4IeeoGs85L5pnIEAX6vvJzzujfyutJfNl31mC4LXujsF Q==; X-CSE-ConnectionGUID: Io3P2i3xSDaUhyFDSvVCmA== X-CSE-MsgGUID: tzC4uUiGRNCD1D11v9C58g== X-IronPort-AV: E=McAfee;i="6600,9927,11100"; a="25515636" X-IronPort-AV: E=Sophos;i="6.08,232,1712646000"; d="scan'208";a="25515636" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Jun 2024 02:50:47 -0700 X-CSE-ConnectionGUID: qT6IuxotQDGhM6T4gjLDlA== X-CSE-MsgGUID: r20d6CkzRe6xjmst9jHkWw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.08,232,1712646000"; d="scan'208";a="44643649" Received: from black.fi.intel.com ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 12 Jun 2024 02:50:46 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id 4E81C193; Wed, 12 Jun 2024 12:50:43 +0300 (EEST) Date: Wed, 12 Jun 2024 12:50:43 +0300 From: "Kirill A. Shutemov" To: Dave Hansen Cc: Dave Hansen , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, "H. Peter Anvin" , linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org, cho@microsoft.com, decui@microsoft.com, John.Starks@microsoft.com Subject: Re: [PATCH] x86/tdx: Generate SIGBUS on userspace MMIO Message-ID: References: <20240528100919.520881-1-kirill.shutemov@linux.intel.com> <4df2ebee-40c0-4ea3-8909-13b90f049ff1@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Tue, Jun 11, 2024 at 09:16:13AM -0700, Dave Hansen wrote: > On 6/10/24 06:55, Dave Hansen wrote: > >> Enlightened userspace may choose to handle MMIO on their own if the > >> kernel does not emulate it. > >> > >> Handle the EPT_VIOLATION exit reason for userspace and deliver SIGBUS > >> instead of SIGSEGV. SIGBUS is more appropriate for the MMIO situation. > > Is any userspace _actually_ doing this? Sure, SIGBUS is more > > appropriate but in practice unprepared userspace crashes either way. > > I also can't help but wonder if there's a better way to do this. > > Just thinking out loud.... Ideally, we'd reject creating a potentially > troublesome VMA at mmap() time. That's way better than, for instance, > panic()'ing at some random place in the middle of program execution. I am not sure I follow. panic() is only for catastrophic cases: VMM pulled memory from under us or we mapped unaccepted memory into userspace. It should never happen. We have the same check is_private_gpa() in virt_exception_kernel(). -- Kiryl Shutsemau / Kirill A. Shutemov