From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751011AbdGYIs7 (ORCPT ); Tue, 25 Jul 2017 04:48:59 -0400 Received: from mx1.redhat.com ([209.132.183.28]:56432 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750790AbdGYIs6 (ORCPT ); Tue, 25 Jul 2017 04:48:58 -0400 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 738EF19CFF5 Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=pbonzini@redhat.com Subject: Re: [PATCH] KVM: VMX: Fix losing blocking by NMI in the guest interruptibility-state field To: Wanpeng Li Cc: "linux-kernel@vger.kernel.org" , kvm , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Wanpeng Li References: <1500025145-96878-1-git-send-email-wanpeng.li@hotmail.com> From: Paolo Bonzini Message-ID: Date: Tue, 25 Jul 2017 10:48:54 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Tue, 25 Jul 2017 08:48:58 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 25/07/2017 10:27, Wanpeng Li wrote: > 2017-07-14 19:36 GMT+08:00 Paolo Bonzini : >> On 14/07/2017 11:39, Wanpeng Li wrote: >>> However, commit 0be9c7a89f750 (KVM: VMX: set "blocked by NMI" flag if EPT >>> violation happens during IRET from NMI) just fixes the fault due to EPT violation. >>> This patch tries to fix the fault due to the page fault of shadow page table. >>> >>> Cc: Paolo Bonzini >>> Cc: Radim Krčmář >>> Signed-off-by: Wanpeng Li >>> --- >>> arch/x86/kvm/vmx.c | 5 +++++ >>> 1 file changed, 5 insertions(+) >>> >>> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c >>> index 84e62ac..32ca063 100644 >>> --- a/arch/x86/kvm/vmx.c >>> +++ b/arch/x86/kvm/vmx.c >>> @@ -5709,6 +5709,11 @@ static int handle_exception(struct kvm_vcpu *vcpu) >>> } >>> >>> if (is_page_fault(intr_info)) { >>> + >>> + if (!(to_vmx(vcpu)->idt_vectoring_info & VECTORING_INFO_VALID_MASK) && >>> + (intr_info & INTR_INFO_UNBLOCK_NMI)) >>> + vmcs_set_bits(GUEST_INTERRUPTIBILITY_INFO, GUEST_INTR_STATE_NMI); >>> + >>> cr2 = vmcs_readl(EXIT_QUALIFICATION); >>> /* EPT won't cause page fault directly */ >>> WARN_ON_ONCE(!vcpu->arch.apf.host_apf_reason && enable_ept); >> >> vmx_recover_nmi_blocking is supposed to do the same. EPT and PML-full exits >> need separate code because they store bit 12 in the exit qualification rather >> than the VM-exit interruption info. I think the bug is in the handling of >> vmx->nmi_known_unmasked. >> >> The following patch fixes it for me, can you test it too? > > Sorry, I just touch my testing machine recently and had a traveling > before. It seems that the patch is correct for itself, but it still > can't fix the issue which I encounter. Actually, L1 injects NMI to L2 > kvm-unit-tests/event.flat and mark the cached value of the guest > interruptibility info is masked, however, it is marked in the L1 and > L0 can't know what's the right value of the cached info should be. We > lost the right value of the cached info on L0, and the cached info is > unmask so vmx_recover_nmi_blocking can't handle it. So I'm afraid the > original patch also should be applied. No, the original patch is wrong. Handling intr_info & INTR_INFO_UNBLOCK_NMI is vmx_recover_nmi_blocking's task. Are you saying that nmi_known_unmasked must be updated when preparing the vmcs02 for the vmcs12? Thanks, Paolo