[v3][PATCH 1/2] KVM: x86: don't print when fail to read/write pv eoi memory

[v3][PATCH 1/2] KVM: x86: don't print when fail to read/write pv eoi memory

[Li RongQing]

If guest gives MSR_KVM_PV_EOI_EN a wrong value, this printk() will
be trigged, and kernel log is spammed with the useless message

Fixes: 0d88800d5472 ("kvm: x86: ioapic and apic debug macros cleanup")
Reported-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: Li RongQing <lirongqing@baidu.com>
---
 arch/x86/kvm/lapic.c |   18 ++++++------------
 1 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
index d6ac32f..752c48e 100644
--- a/arch/x86/kvm/lapic.c
+++ b/arch/x86/kvm/lapic.c
@@ -676,31 +676,25 @@ static inline bool pv_eoi_enabled(struct kvm_vcpu *vcpu)
 static bool pv_eoi_get_pending(struct kvm_vcpu *vcpu)
 {
 	u8 val;
-	if (pv_eoi_get_user(vcpu, &val) < 0) {
-		printk(KERN_WARNING "Can't read EOI MSR value: 0x%llx\n",
-			   (unsigned long long)vcpu->arch.pv_eoi.msr_val);
+	if (pv_eoi_get_user(vcpu, &val) < 0)
 		return false;
-	}
+
 	return val & KVM_PV_EOI_ENABLED;
 }
 
 static void pv_eoi_set_pending(struct kvm_vcpu *vcpu)
 {
-	if (pv_eoi_put_user(vcpu, KVM_PV_EOI_ENABLED) < 0) {
-		printk(KERN_WARNING "Can't set EOI MSR value: 0x%llx\n",
-			   (unsigned long long)vcpu->arch.pv_eoi.msr_val);
+	if (pv_eoi_put_user(vcpu, KVM_PV_EOI_ENABLED) < 0)
 		return;
-	}
+
 	__set_bit(KVM_APIC_PV_EOI_PENDING, &vcpu->arch.apic_attention);
 }
 
 static void pv_eoi_clr_pending(struct kvm_vcpu *vcpu)
 {
-	if (pv_eoi_put_user(vcpu, KVM_PV_EOI_DISABLED) < 0) {
-		printk(KERN_WARNING "Can't clear EOI MSR value: 0x%llx\n",
-			   (unsigned long long)vcpu->arch.pv_eoi.msr_val);
+	if (pv_eoi_put_user(vcpu, KVM_PV_EOI_DISABLED) < 0)
 		return;
-	}
+
 	__clear_bit(KVM_APIC_PV_EOI_PENDING, &vcpu->arch.apic_attention);
 }
 
-- 
1.7.1

[v3][PATCH 2/2] KVM: Clear pv eoi pending bit only when it is set

[Li RongQing]

merge pv_eoi_get_pending and pv_eoi_clr_pending into a single
function pv_eoi_test_and_clear_pending, which returns and clear
the value of the pending bit.

and clear pv eoi pending bit only when it is set, to avoid calling
pv_eoi_put_user(), this can speed about 300 nsec on AMD EPYC most
of the time

Suggested-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Li RongQing <lirongqing@baidu.com>
---
diff v2: merge as pv_eoi_test_and_clear_pending
diff v3: remove printk with a new patch
 arch/x86/kvm/lapic.c |   39 ++++++++++++++++++---------------------
 1 files changed, 18 insertions(+), 21 deletions(-)

diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
index 752c48e..9c3b1b3 100644
--- a/arch/x86/kvm/lapic.c
+++ b/arch/x86/kvm/lapic.c
@@ -673,15 +673,6 @@ static inline bool pv_eoi_enabled(struct kvm_vcpu *vcpu)
 	return vcpu->arch.pv_eoi.msr_val & KVM_MSR_ENABLED;
 }
 
-static bool pv_eoi_get_pending(struct kvm_vcpu *vcpu)
-{
-	u8 val;
-	if (pv_eoi_get_user(vcpu, &val) < 0)
-		return false;
-
-	return val & KVM_PV_EOI_ENABLED;
-}
-
 static void pv_eoi_set_pending(struct kvm_vcpu *vcpu)
 {
 	if (pv_eoi_put_user(vcpu, KVM_PV_EOI_ENABLED) < 0)
@@ -690,12 +681,25 @@ static void pv_eoi_set_pending(struct kvm_vcpu *vcpu)
 	__set_bit(KVM_APIC_PV_EOI_PENDING, &vcpu->arch.apic_attention);
 }
 
-static void pv_eoi_clr_pending(struct kvm_vcpu *vcpu)
+static bool pv_eoi_test_and_clr_pending(struct kvm_vcpu *vcpu)
 {
-	if (pv_eoi_put_user(vcpu, KVM_PV_EOI_DISABLED) < 0)
-		return;
+	u8 val;
+
+	if (pv_eoi_get_user(vcpu, &val) < 0)
+		return false;
+
+	val &= KVM_PV_EOI_ENABLED;
 
+	/*
+	 * Clear pending bit in any case: it will be set again on vmentry.
+	 * While this might not be ideal from performance point of view,
+	 * this makes sure pv eoi is only enabled when we know it's safe.
+	 */
+	if (val && pv_eoi_put_user(vcpu, KVM_PV_EOI_DISABLED) < 0)
+		return false;
 	__clear_bit(KVM_APIC_PV_EOI_PENDING, &vcpu->arch.apic_attention);
+
+	return !!val;
 }
 
 static int apic_has_interrupt_for_ppr(struct kvm_lapic *apic, u32 ppr)
@@ -2671,7 +2675,6 @@ void __kvm_migrate_apic_timer(struct kvm_vcpu *vcpu)
 static void apic_sync_pv_eoi_from_guest(struct kvm_vcpu *vcpu,
 					struct kvm_lapic *apic)
 {
-	bool pending;
 	int vector;
 	/*
 	 * PV EOI state is derived from KVM_APIC_PV_EOI_PENDING in host
@@ -2685,14 +2688,8 @@ static void apic_sync_pv_eoi_from_guest(struct kvm_vcpu *vcpu,
 	 * 	-> host enabled PV EOI, guest executed EOI.
 	 */
 	BUG_ON(!pv_eoi_enabled(vcpu));
-	pending = pv_eoi_get_pending(vcpu);
-	/*
-	 * Clear pending bit in any case: it will be set again on vmentry.
-	 * While this might not be ideal from performance point of view,
-	 * this makes sure pv eoi is only enabled when we know it's safe.
-	 */
-	pv_eoi_clr_pending(vcpu);
-	if (pending)
+
+	if (pv_eoi_test_and_clr_pending(vcpu))
 		return;
 	vector = apic_set_eoi(apic);
 	trace_kvm_pv_eoi(apic, vector);
-- 
1.7.1

Re: [v3][PATCH 1/2] KVM: x86: don't print when fail to read/write pv eoi memory

[Vitaly Kuznetsov]

Li RongQing <lirongqing@baidu.com> writes:

> If guest gives MSR_KVM_PV_EOI_EN a wrong value, this printk() will
> be trigged, and kernel log is spammed with the useless message
>
> Fixes: 0d88800d5472 ("kvm: x86: ioapic and apic debug macros cleanup")
> Reported-by: Vitaly Kuznetsov <vkuznets@redhat.com>
> Signed-off-by: Li RongQing <lirongqing@baidu.com>

Paolo,

I'd Cc: stable@ here as these messages are not even ratelimited.

> ---
>  arch/x86/kvm/lapic.c |   18 ++++++------------
>  1 files changed, 6 insertions(+), 12 deletions(-)
>
> diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
> index d6ac32f..752c48e 100644
> --- a/arch/x86/kvm/lapic.c
> +++ b/arch/x86/kvm/lapic.c
> @@ -676,31 +676,25 @@ static inline bool pv_eoi_enabled(struct kvm_vcpu *vcpu)
>  static bool pv_eoi_get_pending(struct kvm_vcpu *vcpu)
>  {
>  	u8 val;
> -	if (pv_eoi_get_user(vcpu, &val) < 0) {
> -		printk(KERN_WARNING "Can't read EOI MSR value: 0x%llx\n",
> -			   (unsigned long long)vcpu->arch.pv_eoi.msr_val);
> +	if (pv_eoi_get_user(vcpu, &val) < 0)
>  		return false;
> -	}
> +
>  	return val & KVM_PV_EOI_ENABLED;
>  }
>  
>  static void pv_eoi_set_pending(struct kvm_vcpu *vcpu)
>  {
> -	if (pv_eoi_put_user(vcpu, KVM_PV_EOI_ENABLED) < 0) {
> -		printk(KERN_WARNING "Can't set EOI MSR value: 0x%llx\n",
> -			   (unsigned long long)vcpu->arch.pv_eoi.msr_val);
> +	if (pv_eoi_put_user(vcpu, KVM_PV_EOI_ENABLED) < 0)
>  		return;
> -	}
> +
>  	__set_bit(KVM_APIC_PV_EOI_PENDING, &vcpu->arch.apic_attention);
>  }
>  
>  static void pv_eoi_clr_pending(struct kvm_vcpu *vcpu)
>  {
> -	if (pv_eoi_put_user(vcpu, KVM_PV_EOI_DISABLED) < 0) {
> -		printk(KERN_WARNING "Can't clear EOI MSR value: 0x%llx\n",
> -			   (unsigned long long)vcpu->arch.pv_eoi.msr_val);
> +	if (pv_eoi_put_user(vcpu, KVM_PV_EOI_DISABLED) < 0)
>  		return;
> -	}
> +
>  	__clear_bit(KVM_APIC_PV_EOI_PENDING, &vcpu->arch.apic_attention);
>  }

Reviewed-by: Vitaly Kuznetsov <vkuznets@redhat.com>

-- 
Vitaly

Re: [v3][PATCH 2/2] KVM: Clear pv eoi pending bit only when it is set

[Vitaly Kuznetsov]

Li RongQing <lirongqing@baidu.com> writes:

> merge pv_eoi_get_pending and pv_eoi_clr_pending into a single
> function pv_eoi_test_and_clear_pending, which returns and clear
> the value of the pending bit.
>
> and clear pv eoi pending bit only when it is set, to avoid calling
> pv_eoi_put_user(), this can speed about 300 nsec on AMD EPYC most
> of the time
>
> Suggested-by: Vitaly Kuznetsov <vkuznets@redhat.com>
> Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
> Signed-off-by: Li RongQing <lirongqing@baidu.com>
> ---
> diff v2: merge as pv_eoi_test_and_clear_pending
> diff v3: remove printk with a new patch
>  arch/x86/kvm/lapic.c |   39 ++++++++++++++++++---------------------
>  1 files changed, 18 insertions(+), 21 deletions(-)
>
> diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
> index 752c48e..9c3b1b3 100644
> --- a/arch/x86/kvm/lapic.c
> +++ b/arch/x86/kvm/lapic.c
> @@ -673,15 +673,6 @@ static inline bool pv_eoi_enabled(struct kvm_vcpu *vcpu)
>  	return vcpu->arch.pv_eoi.msr_val & KVM_MSR_ENABLED;
>  }
>  
> -static bool pv_eoi_get_pending(struct kvm_vcpu *vcpu)
> -{
> -	u8 val;
> -	if (pv_eoi_get_user(vcpu, &val) < 0)
> -		return false;
> -
> -	return val & KVM_PV_EOI_ENABLED;
> -}
> -
>  static void pv_eoi_set_pending(struct kvm_vcpu *vcpu)
>  {
>  	if (pv_eoi_put_user(vcpu, KVM_PV_EOI_ENABLED) < 0)
> @@ -690,12 +681,25 @@ static void pv_eoi_set_pending(struct kvm_vcpu *vcpu)
>  	__set_bit(KVM_APIC_PV_EOI_PENDING, &vcpu->arch.apic_attention);
>  }
>  
> -static void pv_eoi_clr_pending(struct kvm_vcpu *vcpu)
> +static bool pv_eoi_test_and_clr_pending(struct kvm_vcpu *vcpu)
>  {
> -	if (pv_eoi_put_user(vcpu, KVM_PV_EOI_DISABLED) < 0)
> -		return;
> +	u8 val;
> +
> +	if (pv_eoi_get_user(vcpu, &val) < 0)
> +		return false;
> +
> +	val &= KVM_PV_EOI_ENABLED;
>  
> +	/*
> +	 * Clear pending bit in any case: it will be set again on vmentry.
> +	 * While this might not be ideal from performance point of view,
> +	 * this makes sure pv eoi is only enabled when we know it's safe.
> +	 */

This comment is misplaced now, as one may read it as we're clearing the
bit in guest's memory while in fact it refers to a bit in
'vcpu->arch.apic_attention'. Moreover, we're now checking 'val' so 'in
any case' above is certainly misleading.

We can add a 

	"Disable PV EOI in guest's memory in case it was previously
	enabled" (or something like that)

comment here (but I don't think it gives much value to be honest).

> +	if (val && pv_eoi_put_user(vcpu, KVM_PV_EOI_DISABLED) < 0)
> +		return false;

Let's move the original comment here.

>  	__clear_bit(KVM_APIC_PV_EOI_PENDING, &vcpu->arch.apic_attention);
> +
> +	return !!val;

('!!' is not really needed, the function returns bool)

>  }
>  
>  static int apic_has_interrupt_for_ppr(struct kvm_lapic *apic, u32 ppr)
> @@ -2671,7 +2675,6 @@ void __kvm_migrate_apic_timer(struct kvm_vcpu *vcpu)
>  static void apic_sync_pv_eoi_from_guest(struct kvm_vcpu *vcpu,
>  					struct kvm_lapic *apic)
>  {
> -	bool pending;
>  	int vector;
>  	/*
>  	 * PV EOI state is derived from KVM_APIC_PV_EOI_PENDING in host
> @@ -2685,14 +2688,8 @@ static void apic_sync_pv_eoi_from_guest(struct kvm_vcpu *vcpu,
>  	 * 	-> host enabled PV EOI, guest executed EOI.
>  	 */
>  	BUG_ON(!pv_eoi_enabled(vcpu));
> -	pending = pv_eoi_get_pending(vcpu);
> -	/*
> -	 * Clear pending bit in any case: it will be set again on vmentry.
> -	 * While this might not be ideal from performance point of view,
> -	 * this makes sure pv eoi is only enabled when we know it's safe.
> -	 */
> -	pv_eoi_clr_pending(vcpu);
> -	if (pending)
> +
> +	if (pv_eoi_test_and_clr_pending(vcpu))
>  		return;
>  	vector = apic_set_eoi(apic);
>  	trace_kvm_pv_eoi(apic, vector);

-- 
Vitaly