[v3,00/12] KVM: SVM: Fix soft int/ex re-injection

Message ID	cover.1651440202.git.maciej.szmigiero@oracle.com (mailing list archive)
Headers	show Return-Path: <kvm-owner@kernel.org> From: "Maciej S. Szmigiero" <mail@maciej.szmigiero.name> To: Paolo Bonzini <pbonzini@redhat.com>, Sean Christopherson <seanjc@google.com> Cc: Vitaly Kuznetsov <vkuznets@redhat.com>, Wanpeng Li <wanpengli@tencent.com>, Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>, Maxim Levitsky <mlevitsk@redhat.com>, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v3 00/12] KVM: SVM: Fix soft int/ex re-injection Date: Mon, 2 May 2022 00:07:24 +0200 Message-Id: <cover.1651440202.git.maciej.szmigiero@oracle.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	KVM: SVM: Fix soft int/ex re-injection \| expand [v3,00/12] KVM: SVM: Fix soft int/ex re-injection [v3,01/12] KVM: nSVM: Sync next_rip field from vmcb12 to vmcb02 [v3,02/12] KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 [v3,03/12] KVM: SVM: Unwind "speculative" RIP advancement if INTn injection "fails" [v3,04/12] KVM: SVM: Stuff next_rip on emulated INT3 injection if NRIPS is supported [v3,05/12] KVM: SVM: Re-inject INT3/INTO instead of retrying the instruction [v3,06/12] KVM: SVM: Re-inject INTn instead of retrying the insn on "failure" [v3,07/12] KVM: x86: Trace re-injected exceptions [v3,08/12] KVM: x86: Print error code in exception injection tracepoint iff valid [v3,09/12] KVM: x86: Differentiate Soft vs. Hard IRQs vs. reinjected in tracepoint [v3,10/12] KVM: nSVM: Transparently handle L1 -> L2 NMI re-injection [v3,11/12] KVM: selftests: nSVM: Add svm_nested_soft_inject_test [v3,12/12] KVM: nSVM: Drop support for CPUs without NRIPS (NextRIP Save) support

Message ID

cover.1651440202.git.maciej.szmigiero@oracle.com (mailing list archive)

Headers

From: "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
To: Paolo Bonzini <pbonzini@redhat.com>,
        Sean Christopherson <seanjc@google.com>
Cc: Vitaly Kuznetsov <vkuznets@redhat.com>,
        Wanpeng Li <wanpengli@tencent.com>,
        Jim Mattson <jmattson@google.com>,
        Joerg Roedel <joro@8bytes.org>,
        Maxim Levitsky <mlevitsk@redhat.com>, kvm@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH v3 00/12] KVM: SVM: Fix soft int/ex re-injection
Date: Mon,  2 May 2022 00:07:24 +0200
Message-Id: <cover.1651440202.git.maciej.szmigiero@oracle.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

KVM: SVM: Fix soft int/ex re-injection | expand

Message

Maciej S. Szmigiero May 1, 2022, 10:07 p.m. UTC

From: "Maciej S. Szmigiero" <maciej.szmigiero@oracle.com>

This series is an updated version of Sean's SVM soft interrupt/exception
re-injection fixes patch set, which in turn extended and generalized my
nSVM L1 -> L2 event injection fixes series.

Detailed list of changes in this version:
* "Downgraded" the commit affecting !nrips CPUs to just drop nested SVM
support for such parts instead of SVM support in general,

* Removed the BUG_ON() from svm_inject_irq() completely, instead of
replacing it with WARN() - Maxim has pointed out it can still be triggered
by userspace via KVM_SET_VCPU_EVENTS,

* Updated the new KVM self-test to switch to an alternate IDT before attempting
a second L1 -> L2 injection to cause intervening NPF again,

* Added a fix for L1/L2 NMI state confusion during L1 -> L2 NMI re-injection,

* Updated the new KVM self-test to also check for the NMI injection
scenario being fixed (that was found causing issues with a real guest),

* Changed "kvm_inj_virq" trace event "reinjected" field type to bool,

* Integrated the fix from patch 5 for nested_vmcb02_prepare_control() call
argument in svm_set_nested_state() to patch 1,

* Collected Maxim's "Reviewed-by:" for tracepoint patches.

Previous versions:
Sean's v2:
https://lore.kernel.org/kvm/20220423021411.784383-1-seanjc@google.com

Sean's v1:
https://lore.kernel.org/kvm/20220402010903.727604-1-seanjc@google.com

My original series:
https://lore.kernel.org/kvm/cover.1646944472.git.maciej.szmigiero@oracle.com

Maciej S. Szmigiero (4):
  KVM: nSVM: Sync next_rip field from vmcb12 to vmcb02
  KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
  KVM: nSVM: Transparently handle L1 -> L2 NMI re-injection
  KVM: selftests: nSVM: Add svm_nested_soft_inject_test

Sean Christopherson (8):
  KVM: SVM: Unwind "speculative" RIP advancement if INTn injection
    "fails"
  KVM: SVM: Stuff next_rip on emulated INT3 injection if NRIPS is
    supported
  KVM: SVM: Re-inject INT3/INTO instead of retrying the instruction
  KVM: SVM: Re-inject INTn instead of retrying the insn on "failure"
  KVM: x86: Trace re-injected exceptions
  KVM: x86: Print error code in exception injection tracepoint iff valid
  KVM: x86: Differentiate Soft vs. Hard IRQs vs. reinjected in
    tracepoint
  KVM: nSVM: Drop support for CPUs without NRIPS (NextRIP Save) support

 arch/x86/include/asm/kvm_host.h               |   2 +-
 arch/x86/kvm/svm/nested.c                     |  55 ++++-
 arch/x86/kvm/svm/svm.c                        | 179 +++++++++++----
 arch/x86/kvm/svm/svm.h                        |   8 +-
 arch/x86/kvm/trace.h                          |  31 ++-
 arch/x86/kvm/vmx/vmx.c                        |   4 +-
 arch/x86/kvm/x86.c                            |  20 +-
 tools/testing/selftests/kvm/.gitignore        |   3 +-
 tools/testing/selftests/kvm/Makefile          |   1 +
 .../selftests/kvm/include/x86_64/processor.h  |  17 ++
 .../selftests/kvm/include/x86_64/svm_util.h   |  12 +
 .../kvm/x86_64/svm_nested_soft_inject_test.c  | 217 ++++++++++++++++++
 12 files changed, 478 insertions(+), 71 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/x86_64/svm_nested_soft_inject_test.c

Comments

Sean Christopherson May 3, 2022, 6:48 p.m. UTC | #1

On Mon, May 02, 2022, Maciej S. Szmigiero wrote:
> From: "Maciej S. Szmigiero" <maciej.szmigiero@oracle.com>
> 
> This series is an updated version of Sean's SVM soft interrupt/exception
> re-injection fixes patch set, which in turn extended and generalized my
> nSVM L1 -> L2 event injection fixes series.
> 
> Detailed list of changes in this version:
> * "Downgraded" the commit affecting !nrips CPUs to just drop nested SVM
> support for such parts instead of SVM support in general,
> 
> * Removed the BUG_ON() from svm_inject_irq() completely, instead of
> replacing it with WARN() - Maxim has pointed out it can still be triggered
> by userspace via KVM_SET_VCPU_EVENTS,
> 
> * Updated the new KVM self-test to switch to an alternate IDT before attempting
> a second L1 -> L2 injection to cause intervening NPF again,
> 
> * Added a fix for L1/L2 NMI state confusion during L1 -> L2 NMI re-injection,
> 
> * Updated the new KVM self-test to also check for the NMI injection
> scenario being fixed (that was found causing issues with a real guest),
> 
> * Changed "kvm_inj_virq" trace event "reinjected" field type to bool,
> 
> * Integrated the fix from patch 5 for nested_vmcb02_prepare_control() call
> argument in svm_set_nested_state() to patch 1,
> 
> * Collected Maxim's "Reviewed-by:" for tracepoint patches.
> 
> Previous versions:
> Sean's v2:
> https://lore.kernel.org/kvm/20220423021411.784383-1-seanjc@google.com
> 
> Sean's v1:
> https://lore.kernel.org/kvm/20220402010903.727604-1-seanjc@google.com
> 
> My original series:
> https://lore.kernel.org/kvm/cover.1646944472.git.maciej.szmigiero@oracle.com
> 
> Maciej S. Szmigiero (4):
>   KVM: nSVM: Sync next_rip field from vmcb12 to vmcb02
>   KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0

LOL, this should win some kind of award for most ridiculous multi-author patch :-)

Series looks good, thanks!

Maxim Levitsky May 4, 2022, 12:40 p.m. UTC | #2

On Tue, 2022-05-03 at 18:48 +0000, Sean Christopherson wrote:
> On Mon, May 02, 2022, Maciej S. Szmigiero wrote:
> > From: "Maciej S. Szmigiero" <maciej.szmigiero@oracle.com>
> > 
> > This series is an updated version of Sean's SVM soft interrupt/exception
> > re-injection fixes patch set, which in turn extended and generalized my
> > nSVM L1 -> L2 event injection fixes series.
> > 
> > Detailed list of changes in this version:
> > * "Downgraded" the commit affecting !nrips CPUs to just drop nested SVM
> > support for such parts instead of SVM support in general,
> > 
> > * Removed the BUG_ON() from svm_inject_irq() completely, instead of
> > replacing it with WARN() - Maxim has pointed out it can still be triggered
> > by userspace via KVM_SET_VCPU_EVENTS,
> > 
> > * Updated the new KVM self-test to switch to an alternate IDT before attempting
> > a second L1 -> L2 injection to cause intervening NPF again,
> > 
> > * Added a fix for L1/L2 NMI state confusion during L1 -> L2 NMI re-injection,
> > 
> > * Updated the new KVM self-test to also check for the NMI injection
> > scenario being fixed (that was found causing issues with a real guest),
> > 
> > * Changed "kvm_inj_virq" trace event "reinjected" field type to bool,
> > 
> > * Integrated the fix from patch 5 for nested_vmcb02_prepare_control() call
> > argument in svm_set_nested_state() to patch 1,
> > 
> > * Collected Maxim's "Reviewed-by:" for tracepoint patches.
> > 
> > Previous versions:
> > Sean's v2:
> > https://lore.kernel.org/kvm/20220423021411.784383-1-seanjc@google.com
> > 
> > Sean's v1:
> > https://lore.kernel.org/kvm/20220402010903.727604-1-seanjc@google.com
> > 
> > My original series:
> > https://lore.kernel.org/kvm/cover.1646944472.git.maciej.szmigiero@oracle.com
> > 
> > Maciej S. Szmigiero (4):
> >   KVM: nSVM: Sync next_rip field from vmcb12 to vmcb02
> >   KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
> 
> LOL, this should win some kind of award for most ridiculous multi-author patch :-)
> 
> Series looks good, thanks!
> 
Well I think I, Paolo, and you hold the record for this, when we fixed the AVIC inhibition
races, remember?

Patch series also looks overall good to me, but I haven't checked everything to be honest.

Best regards,
	Maxim Levitsky

Maciej S. Szmigiero May 17, 2022, 12:28 p.m. UTC | #3

On 2.05.2022 00:07, Maciej S. Szmigiero wrote:
> This series is an updated version of Sean's SVM soft interrupt/exception
> re-injection fixes patch set, which in turn extended and generalized my
> nSVM L1 -> L2 event injection fixes series.

@Paolo:
Can't see this series in kvm/queue, do you plan to merge it for 5.19?

Thanks,
Maciej

Paolo Bonzini May 17, 2022, 4:46 p.m. UTC | #4

On 5/17/22 14:28, Maciej S. Szmigiero wrote:
> On 2.05.2022 00:07, Maciej S. Szmigiero wrote:
>> This series is an updated version of Sean's SVM soft interrupt/exception
>> re-injection fixes patch set, which in turn extended and generalized my
>> nSVM L1 -> L2 event injection fixes series.
> 
> @Paolo:
> Can't see this series in kvm/queue, do you plan to merge it for 5.19?

Yes, FWIW my list right now is (from most likely to less likely but 
still doable):

* deadlock (5.18)

* PMU filter patches from alewis (5.18?)

* architectural LBR

* Like's perf HW_EVENT series

* cache refresh

* this one

* nested dirty-log selftest

* x2AVIC

* dirty quota

* CMCI

* pfn functions

* Vitaly's Hyper-V TLB

Maciej S. Szmigiero May 17, 2022, 9:17 p.m. UTC | #5

On 17.05.2022 18:46, Paolo Bonzini wrote:
> On 5/17/22 14:28, Maciej S. Szmigiero wrote:
>> On 2.05.2022 00:07, Maciej S. Szmigiero wrote:
>>> This series is an updated version of Sean's SVM soft interrupt/exception
>>> re-injection fixes patch set, which in turn extended and generalized my
>>> nSVM L1 -> L2 event injection fixes series.
>>
>> @Paolo:
>> Can't see this series in kvm/queue, do you plan to merge it for 5.19?
> 
> Yes, FWIW my list right now is (from most likely to less likely but still doable):
> 
> * deadlock (5.18)
> 
> * PMU filter patches from alewis (5.18?)
> 
> * architectural LBR
> 
> * Like's perf HW_EVENT series
> 
> * cache refresh
> 
> * this one
> 
> * nested dirty-log selftest
> 
> * x2AVIC
> 
> * dirty quota
> 
> * CMCI
> 
> * pfn functions
> 
> * Vitaly's Hyper-V TLB
> 

Ugh, that's a long TODO list...

Thanks for the update - waiting patiently then.

Thanks,
Maciej