From: Paolo Bonzini <pbonzini@redhat.com>
To: Sasha Levin <sashal@kernel.org>,
linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Sean Christopherson <seanjc@google.com>,
Liam Merwick <liam.merwick@oracle.com>,
tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
dave.hansen@linux.intel.com, x86@kernel.org, kvm@vger.kernel.org
Subject: Re: [PATCH MANUALSEL 5.10 5/6] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
Date: Thu, 10 Feb 2022 17:41:48 +0100 [thread overview]
Message-ID: <0ed5a95c-39d7-1139-4234-83b1857504b4@redhat.com> (raw)
In-Reply-To: <20220209185714.48936-5-sashal@kernel.org>
On 2/9/22 19:57, Sasha Levin wrote:
> From: Sean Christopherson <seanjc@google.com>
>
> [ Upstream commit cdf85e0c5dc766fc7fc779466280e454a6d04f87 ]
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo
> Inject a #GP instead of synthesizing triple fault to try to avoid killing
> the guest if emulation of an SEV guest fails due to encountering the SMAP
> erratum. The injected #GP may still be fatal to the guest, e.g. if the
> userspace process is providing critical functionality, but KVM should
> make every attempt to keep the guest alive.
>
> Signed-off-by: Sean Christopherson <seanjc@google.com>
> Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
> Message-Id: <20220120010719.711476-10-seanjc@google.com>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> Signed-off-by: Sasha Levin <sashal@kernel.org>
> ---
> arch/x86/kvm/svm/svm.c | 16 +++++++++++++++-
> 1 file changed, 15 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index fa543c355fbdb..d515c8e68314c 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -4155,7 +4155,21 @@ static bool svm_can_emulate_instruction(struct kvm_vcpu *vcpu, void *insn, int i
> return true;
>
> pr_err_ratelimited("KVM: SEV Guest triggered AMD Erratum 1096\n");
> - kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu);
> +
> + /*
> + * If the fault occurred in userspace, arbitrarily inject #GP
> + * to avoid killing the guest and to hopefully avoid confusing
> + * the guest kernel too much, e.g. injecting #PF would not be
> + * coherent with respect to the guest's page tables. Request
> + * triple fault if the fault occurred in the kernel as there's
> + * no fault that KVM can inject without confusing the guest.
> + * In practice, the triple fault is moot as no sane SEV kernel
> + * will execute from user memory while also running with SMAP=1.
> + */
> + if (is_user)
> + kvm_inject_gp(vcpu, 0);
> + else
> + kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu);
> }
>
> return false;
next prev parent reply other threads:[~2022-02-10 16:42 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-09 18:57 [PATCH MANUALSEL 5.10 1/6] KVM: eventfd: Fix false positive RCU usage warning Sasha Levin
2022-02-09 18:57 ` [PATCH MANUALSEL 5.10 2/6] KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER Sasha Levin
2022-02-10 16:40 ` Paolo Bonzini
2022-02-09 18:57 ` [PATCH MANUALSEL 5.10 3/6] KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS Sasha Levin
2022-02-10 16:40 ` Paolo Bonzini
2022-02-09 18:57 ` [PATCH MANUALSEL 5.10 4/6] KVM: nVMX: WARN on any attempt to allocate shadow VMCS for vmcs02 Sasha Levin
2022-02-10 16:35 ` Paolo Bonzini
2022-02-09 18:57 ` [PATCH MANUALSEL 5.10 5/6] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode Sasha Levin
2022-02-10 16:40 ` Paolo Bonzini
2022-02-10 16:41 ` Paolo Bonzini [this message]
2022-02-09 18:57 ` [PATCH MANUALSEL 5.10 6/6] KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking shadow Sasha Levin
2022-02-10 16:36 ` Paolo Bonzini
2022-02-10 16:40 ` [PATCH MANUALSEL 5.10 1/6] KVM: eventfd: Fix false positive RCU usage warning Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0ed5a95c-39d7-1139-4234-83b1857504b4@redhat.com \
--to=pbonzini@redhat.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=liam.merwick@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=sashal@kernel.org \
--cc=seanjc@google.com \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.