From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.1 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,NICE_REPLY_A,SIGNED_OFF_BY,SPF_HELO_NONE, SPF_PASS,USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3421AC4741F for ; Tue, 29 Sep 2020 14:47:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id BF55C20757 for ; Tue, 29 Sep 2020 14:47:36 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="IksYDtnu" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731386AbgI2Orf (ORCPT ); Tue, 29 Sep 2020 10:47:35 -0400 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:26944 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728607AbgI2Orf (ORCPT ); Tue, 29 Sep 2020 10:47:35 -0400 Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1601390853; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=PtRKjvr2xKdnyYEHitFUee6d7Brs/dWCC9MF1YYO3xM=; b=IksYDtnuZyRBSML19JirOJP6+HOk2rU69at/CKVG9PYJQ4JUIhC6ZcYpfdXg3+e0CXp6RM B263CjemAjFMfUb6WiP2yJRNrTiQVCPvacxikZfF8S6OkGSOyAijkfYb+W9BqLrcDWX3Vh jIINX5GqxNURNBZntH5E7z26Td0owm4= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-440-y0hbHeegPjmG-GeAtYHLgA-1; Tue, 29 Sep 2020 10:47:31 -0400 X-MC-Unique: y0hbHeegPjmG-GeAtYHLgA-1 Received: by mail-wm1-f69.google.com with SMTP id 73so68748wma.5 for ; Tue, 29 Sep 2020 07:47:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=PtRKjvr2xKdnyYEHitFUee6d7Brs/dWCC9MF1YYO3xM=; b=msdUZv3dOvTXMSuVgqQPWqry9gIDSKUCUCuK3DvlN/f02eUGJsrwsRky8KHfnhLJJL 3C7KZNMNbVW4l8ZC8QrjVH+vW9vMsNw1c+CeHqOvIrADFcnUGeRZCfFYptTbFa/SG6yW oQ/uuYrWbScsDq3Ohpllxvh6FXURO6UOV5CI95DwiqWkUp6vDc11a2au5udPgGtxykm3 7Df3I9TJYCjoozqIJLWaoqDt5/2/vOsqpiluDPXISumwDm6ENVL/PKLUOuJKWK9/mUXT 1vuu+CaD6oLaXqMU4U8ClmV+yh9Zxr3SDV69wBfX0jAdpZgQ/Y1/IEk0CvPhOO+EAVFS wRlg== X-Gm-Message-State: AOAM5321rztylaZK2lcn2XIPRdFLQjMpsruzkbVTGIb6+RnS/N7/lUJ9 phRHQoXV6sg105KzE5aWNl3nWg4qG9XXInP2p+GwTOQRjO5+JOK9l+zRA9qLscOESoUlz+rcp9x QwLArXiWp5LtjVyoudAghVFJc X-Received: by 2002:a1c:9c4b:: with SMTP id f72mr4941945wme.188.1601390850361; Tue, 29 Sep 2020 07:47:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwVvIsgRlLltuU7/F3qHNhZaYh3pEjgJZUzHs5Wbg6c+re1FxA/iDBgncxK9LACmKogcerxaw== X-Received: by 2002:a1c:9c4b:: with SMTP id f72mr4941915wme.188.1601390850039; Tue, 29 Sep 2020 07:47:30 -0700 (PDT) Received: from ?IPv6:2001:b07:6468:f312:9dbe:2c91:3d1b:58c6? ([2001:b07:6468:f312:9dbe:2c91:3d1b:58c6]) by smtp.gmail.com with ESMTPSA id t17sm6687615wrx.82.2020.09.29.07.47.26 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 29 Sep 2020 07:47:28 -0700 (PDT) Subject: Re: [PATCH] KVM: x86: VMX: Make smaller physical guest address space support user-configurable To: Qian Cai , Mohammed Gamal , kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, sean.j.christopherson@intel.com, vkuznets@redhat.com, wanpengli@tencent.com, jmattson@google.com, joro@8bytes.org, Stephen Rothwell , linux-next@vger.kernel.org, Linus Torvalds References: <20200903141122.72908-1-mgamal@redhat.com> <1f42d8f084083cdf6933977eafbb31741080f7eb.camel@redhat.com> <2063b592f82f680edf61dad575f7c092d11d8ba3.camel@redhat.com> From: Paolo Bonzini Message-ID: Date: Tue, 29 Sep 2020 16:47:26 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <2063b592f82f680edf61dad575f7c092d11d8ba3.camel@redhat.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 29/09/20 15:39, Qian Cai wrote: > On Tue, 2020-09-29 at 14:26 +0200, Paolo Bonzini wrote: >> On 29/09/20 13:59, Qian Cai wrote: >>> WARN_ON_ONCE(!allow_smaller_maxphyaddr); >>> >>> I noticed the origin patch did not have this WARN_ON_ONCE(), but the >>> mainline >>> commit b96e6506c2ea ("KVM: x86: VMX: Make smaller physical guest address >>> space >>> support user-configurable") does have it for some reasons. >> >> Because that part of the code should not be reached. The exception >> bitmap is set up with >> >> if (!vmx_need_pf_intercept(vcpu)) >> eb &= ~(1u << PF_VECTOR); >> >> where >> >> static inline bool vmx_need_pf_intercept(struct kvm_vcpu *vcpu) >> { >> if (!enable_ept) >> return true; >> >> return allow_smaller_maxphyaddr && >> cpuid_maxphyaddr(vcpu) < boot_cpu_data.x86_phys_bits; >> } >> >> We shouldn't get here if "enable_ept && !allow_smaller_maxphyaddr", >> which implies vmx_need_pf_intercept(vcpu) == false. So the warning is >> genuine; I've sent a patch. > > Care to provide a link to the patch? Just curious. > Ok, I haven't sent it yet. :) But here it is: commit 608e2791d7353e7d777bf32038ca3e7d548155a4 (HEAD -> kvm-master) Author: Paolo Bonzini Date: Tue Sep 29 08:31:32 2020 -0400 KVM: VMX: update PFEC_MASK/PFEC_MATCH together with PF intercept The PFEC_MASK and PFEC_MATCH fields in the VMCS reverse the meaning of the #PF intercept bit in the exception bitmap when they do not match. This means that, if PFEC_MASK and/or PFEC_MATCH are set, the hypervisor can get a vmexit for #PF exceptions even when the corresponding bit is clear in the exception bitmap. This is unexpected and is promptly reported as a WARN_ON_ONCE. To fix it, reset PFEC_MASK and PFEC_MATCH when the #PF intercept is disabled (as is common with enable_ept && !allow_smaller_maxphyaddr). Reported-by: Qian Cai > Signed-off-by: Paolo Bonzini diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index f0384e93548a..f4e9c310032a 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -794,6 +794,18 @@ void update_exception_bitmap(struct kvm_vcpu *vcpu) */ if (is_guest_mode(vcpu)) eb |= get_vmcs12(vcpu)->exception_bitmap; + else { + /* + * If EPT is enabled, #PF is only trapped if MAXPHYADDR is mismatched + * between guest and host. In that case we only care about present + * faults. For vmcs02, however, PFEC_MASK and PFEC_MATCH are set in + * prepare_vmcs02_rare. + */ + bool selective_pf_trap = enable_ept && (eb & (1u << PF_VECTOR)); + int mask = selective_pf_trap ? PFERR_PRESENT_MASK : 0; + vmcs_write32(PAGE_FAULT_ERROR_CODE_MASK, mask); + vmcs_write32(PAGE_FAULT_ERROR_CODE_MATCH, mask); + } vmcs_write32(EXCEPTION_BITMAP, eb); } @@ -4355,16 +4367,6 @@ static void init_vmcs(struct vcpu_vmx *vmx) vmx->pt_desc.guest.output_mask = 0x7F; vmcs_write64(GUEST_IA32_RTIT_CTL, 0); } - - /* - * If EPT is enabled, #PF is only trapped if MAXPHYADDR is mismatched - * between guest and host. In that case we only care about present - * faults. - */ - if (enable_ept) { - vmcs_write32(PAGE_FAULT_ERROR_CODE_MASK, PFERR_PRESENT_MASK); - vmcs_write32(PAGE_FAULT_ERROR_CODE_MATCH, PFERR_PRESENT_MASK); - } } static void vmx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event)