From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: Xiaoyao Li <xiaoyao.li@intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Fenghua Yu <fenghua.yu@intel.com>, Ingo Molnar <mingo@redhat.com>,
Borislav Petkov <bp@alien8.de>, H Peter Anvin <hpa@zytor.com>,
Peter Zijlstra <peterz@infradead.org>,
Andrew Morton <akpm@linux-foundation.org>,
Dave Hansen <dave.hansen@intel.com>,
Radim Krcmar <rkrcmar@redhat.com>,
Ashok Raj <ashok.raj@intel.com>, Tony Luck <tony.luck@intel.com>,
Dan Williams <dan.j.williams@intel.com>,
Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>,
Ravi V Shankar <ravi.v.shankar@intel.com>,
linux-kernel <linux-kernel@vger.kernel.org>, x86 <x86@kernel.org>,
kvm@vger.kernel.org
Subject: Re: [PATCH v9 09/17] x86/split_lock: Handle #AC exception for split lock
Date: Wed, 16 Oct 2019 10:42:00 -0700 [thread overview]
Message-ID: <20191016174200.GF5866@linux.intel.com> (raw)
In-Reply-To: <20191016162337.GC5866@linux.intel.com>
On Wed, Oct 16, 2019 at 09:23:37AM -0700, Sean Christopherson wrote:
> On Wed, Oct 16, 2019 at 05:43:53PM +0200, Paolo Bonzini wrote:
> > On 16/10/19 17:41, Sean Christopherson wrote:
> > > On Wed, Oct 16, 2019 at 04:08:14PM +0200, Paolo Bonzini wrote:
> > >> SIGBUS (actually a new KVM_EXIT_INTERNAL_ERROR result from KVM_RUN is
> > >> better, but that's the idea) is for when you're debugging guests.
> > >> Global disable (or alternatively, disable SMT) is for production use.
> > >
> > > Alternatively, for guests without split-lock #AC enabled, what if KVM were
> > > to emulate the faulting instruction with split-lock detection temporarily
> > > disabled?
> >
> > Yes we can get fancy, but remember that KVM is not yet supporting
> > emulation of locked instructions. Adding it is possible but shouldn't
> > be in the critical path for the whole feature.
>
> Ah, didn't realize that. I'm surprised emulating all locks with cmpxchg
> doesn't cause problems (or am I misreading the code?). Assuming I'm
> reading the code correctly, the #AC path could kick all other vCPUS on
> emulation failure and then retry emulation to "guarantee" success. Though
> that's starting to build quite the house of cards.
Ugh, doesn't the existing emulation behavior create another KVM issue?
KVM uses a locked cmpxchg in emulator_cmpxchg_emulated() and the address
is guest controlled, e.g. a guest could coerce the host into disabling
split-lock detection via the host's #AC handler by triggering emulation
and inducing an #AC in the emulator.
> > How would you disable split-lock detection temporarily? Just tweak
> > MSR_TEST_CTRL for the time of running the one instruction, and cross
> > fingers that the sibling doesn't notice?
>
> Tweak MSR_TEST_CTRL, with logic to handle the scenario where split-lock
> detection is globally disable during emulation (so KVM doesn't
> inadvertantly re-enable it).
>
> There isn't much for the sibling to notice. The kernel would temporarily
> allow split-locks on the sibling, but that's a performance issue and isn't
> directly fatal. A missed #AC in the host kernel would only delay the
> inevitable global disabling of split-lock. A missed #AC in userspace would
> again just delay the inevitable SIGBUS.
next prev parent reply other threads:[~2019-10-16 17:42 UTC|newest]
Thread overview: 85+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-18 22:41 [PATCH v9 00/17] x86/split_lock: Enable split lock detection Fenghua Yu
2019-06-18 22:41 ` [PATCH v9 01/17] x86/common: Align cpu_caps_cleared and cpu_caps_set to unsigned long Fenghua Yu
2019-06-18 22:41 ` [PATCH v9 02/17] drivers/net/b44: Align pwol_mask to unsigned long for better performance Fenghua Yu
2019-06-24 15:12 ` David Laight
2019-06-24 18:43 ` Paolo Bonzini
2019-06-18 22:41 ` [PATCH v9 03/17] x86/split_lock: Align x86_capability to unsigned long to avoid split locked access Fenghua Yu
2019-06-24 15:12 ` David Laight
2019-06-25 23:54 ` Fenghua Yu
2019-06-26 19:15 ` Thomas Gleixner
2019-06-18 22:41 ` [PATCH v9 04/17] x86/msr-index: Define MSR_IA32_CORE_CAP and split lock detection bit Fenghua Yu
2019-06-18 22:41 ` [PATCH v9 05/17] x86/cpufeatures: Enumerate MSR_IA32_CORE_CAP Fenghua Yu
2019-06-18 22:41 ` [PATCH v9 06/17] x86/split_lock: Enumerate split lock detection by MSR_IA32_CORE_CAP Fenghua Yu
2019-06-18 22:41 ` [PATCH v9 07/17] x86/split_lock: Enumerate split lock detection on Icelake mobile processor Fenghua Yu
2019-06-18 22:41 ` [PATCH v9 08/17] x86/split_lock: Define MSR TEST_CTL register Fenghua Yu
2019-06-18 22:41 ` [PATCH v9 09/17] x86/split_lock: Handle #AC exception for split lock Fenghua Yu
2019-06-26 20:20 ` Thomas Gleixner
2019-06-26 20:36 ` Fenghua Yu
2019-06-26 21:47 ` Thomas Gleixner
2019-09-25 18:09 ` Sean Christopherson
2019-10-16 6:58 ` Xiaoyao Li
2019-10-16 9:29 ` Thomas Gleixner
2019-10-16 15:59 ` Sean Christopherson
2019-10-16 9:40 ` Paolo Bonzini
2019-10-16 9:47 ` Thomas Gleixner
2019-10-16 10:16 ` Paolo Bonzini
2019-10-16 11:23 ` Xiaoyao Li
2019-10-16 11:26 ` Paolo Bonzini
2019-10-16 13:13 ` Xiaoyao Li
2019-10-16 14:43 ` Thomas Gleixner
2019-10-16 15:37 ` Paolo Bonzini
2019-10-16 16:25 ` Xiaoyao Li
2019-10-16 16:38 ` Paolo Bonzini
2019-10-17 12:29 ` [RFD] x86/split_lock: Request to Intel Thomas Gleixner
2019-10-17 17:23 ` Sean Christopherson
2019-10-17 21:31 ` Thomas Gleixner
2019-10-17 23:38 ` Sean Christopherson
2019-10-17 23:28 ` Luck, Tony
2019-10-18 10:45 ` David Laight
2019-10-18 21:03 ` hpa
2019-10-18 2:36 ` Xiaoyao Li
2019-10-18 9:02 ` Thomas Gleixner
2019-10-18 10:20 ` Xiaoyao Li
2019-10-18 10:43 ` Peter Zijlstra
2019-10-16 11:49 ` [PATCH v9 09/17] x86/split_lock: Handle #AC exception for split lock Thomas Gleixner
2019-10-16 11:58 ` Paolo Bonzini
2019-10-16 13:51 ` Xiaoyao Li
2019-10-16 14:08 ` Paolo Bonzini
2019-10-16 14:14 ` David Laight
2019-10-16 15:03 ` Thomas Gleixner
2019-10-16 15:41 ` Sean Christopherson
2019-10-16 15:43 ` Paolo Bonzini
2019-10-16 16:23 ` Sean Christopherson
2019-10-16 17:42 ` Sean Christopherson [this message]
2019-10-17 1:23 ` Xiaoyao Li
2019-10-21 13:06 ` Paolo Bonzini
2019-10-21 13:03 ` Paolo Bonzini
2019-10-21 13:02 ` Paolo Bonzini
2019-10-16 14:50 ` Thomas Gleixner
2019-06-18 22:41 ` [PATCH v9 10/17] kvm/x86: Emulate MSR IA32_CORE_CAPABILITY Fenghua Yu
2019-06-18 22:41 ` [PATCH v9 11/17] kvm/vmx: Emulate MSR TEST_CTL Fenghua Yu
2019-06-27 2:24 ` Xiaoyao Li
2019-06-27 7:12 ` Thomas Gleixner
2019-06-27 7:58 ` Xiaoyao Li
2019-06-27 12:11 ` Thomas Gleixner
2019-06-27 12:22 ` Xiaoyao Li
2019-06-18 22:41 ` [PATCH v9 12/17] x86/split_lock: Enable split lock detection by default Fenghua Yu
2019-06-18 22:41 ` [PATCH v9 13/17] x86/split_lock: Disable split lock detection by kernel parameter "nosplit_lock_detect" Fenghua Yu
2019-06-26 20:34 ` Thomas Gleixner
2019-06-26 20:37 ` Fenghua Yu
2019-06-18 22:41 ` [PATCH v9 14/17] x86/split_lock: Add a debugfs interface to enable/disable split lock detection during run time Fenghua Yu
2019-06-26 21:37 ` Thomas Gleixner
2019-06-18 22:41 ` [PATCH v9 15/17] x86/split_lock: Add documentation for split lock detection interface Fenghua Yu
2019-06-26 21:51 ` Thomas Gleixner
2019-06-18 22:41 ` [PATCH v9 16/17] x86/split_lock: Reorganize few header files in order to call WARN_ON_ONCE() in atomic bit ops Fenghua Yu
2019-06-18 22:41 ` [PATCH v9 17/17] x86/split_lock: Warn on unaligned address in atomic bit operations Fenghua Yu
2019-06-26 22:00 ` Thomas Gleixner
2019-09-16 22:39 ` [PATCH 0/3] Fix some 4-byte vs. 8-byte alignment issues Tony Luck
2019-09-16 22:39 ` [PATCH 1/3] x86/common: Align cpu_caps_cleared and cpu_caps_set to unsigned long Tony Luck
2019-11-15 19:26 ` [tip: x86/cpu] x86/cpu: " tip-bot2 for Fenghua Yu
2019-09-16 22:39 ` [PATCH 2/3] drivers/net/b44: Align pwol_mask to unsigned long for better performance Tony Luck
2019-09-16 22:39 ` [PATCH 3/3] x86/split_lock: Align the x86_capability array to size of unsigned long Tony Luck
2019-09-17 8:29 ` David Laight
2019-09-17 19:14 ` Luck, Tony
2019-09-18 8:54 ` David Laight
2019-11-15 19:26 ` [tip: x86/cpu] x86/cpu: " tip-bot2 for Fenghua Yu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191016174200.GF5866@linux.intel.com \
--to=sean.j.christopherson@intel.com \
--cc=akpm@linux-foundation.org \
--cc=ashok.raj@intel.com \
--cc=bp@alien8.de \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@intel.com \
--cc=fenghua.yu@intel.com \
--cc=hpa@zytor.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=ravi.v.shankar@intel.com \
--cc=rkrcmar@redhat.com \
--cc=sai.praneeth.prakhya@intel.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=x86@kernel.org \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.