From: Liran Alon <LIRAN.ALON@ORACLE.COM>
To: "Jim Mattson" <jmattson@google.com>, "Radim Krčmář" <rkrcmar@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
kvm list <kvm@vger.kernel.org>,
Idan Brown <idan.brown@ORACLE.COM>,
Konrad Rzeszutek Wilk <konrad.wilk@ORACLE.COM>
Subject: Re: [PATCH v2] KVM: nVMX/nSVM: Don't intercept #UD when running L2
Date: Sat, 02 Dec 2017 02:27:03 +0200 [thread overview]
Message-ID: <5A21F357.4080108@ORACLE.COM> (raw)
In-Reply-To: <CALMp9eRxbcDKjNEFRqZkWDrL53GzPdFTe7rvB69p3152iunyNw@mail.gmail.com>
On 02/12/17 01:00, Jim Mattson wrote:
> How does this change interact with commit 84cffe499b94 ("kvm: Emulate MOVBE")?
>
> If the hardware doesn't support MOVBE, but L0 sets CPUID.01H:ECX.MOVBE
> in L1's emulated CPUID information, then L1 is likely to pass that
> CPUID bit through to L2. L2 will expect MOVBE to work, but if L1
> doesn't intercept #UD, then any MOVBE instruction executed in L2 will
> raise #UD, and the exception will be delivered in L2.
>
Nice catch.
When I considered the functionality of the original commit which I
attempted to fix (commit ae1f57670703 ("KVM: nVMX: Do not emulate #UD
while in guest mode")), my patch made sense as a more complete and
better fix.
However, both my patch and the original patch don't seem to consider the
issue you present here. I completely agree.
Maybe it was better just reverting my patch and commit ae1f57670703. I
think the attempt of that patch was to make L0 not simulate behaviour it
simulates for L1 in L2 as-well. but after reading your reply, I think
that it is a desired behaviour...
-Liran
>
> On Fri, Nov 10, 2017 at 1:37 PM, Radim Krčmář <rkrcmar@redhat.com> wrote:
>> 2017-11-06 16:15+0200, Liran Alon:
>>> When running L2, #UD should be intercepted by L1 or just forwarded
>>> directly to L2. It should not reach L0 x86 emulator.
>>> Therefore, set intercept for #UD only based on L1 exception-bitmap.
>>>
>>> Also add WARN_ON_ONCE() on L0 #UD intercept handlers to make sure
>>> it is never reached while running L2.
>>>
>>> This improves commit ae1f57670703 ("KVM: nVMX: Do not emulate #UD while
>>> in guest mode") by removing an unnecessary exit from L2 to L0 on #UD
>>> when L1 doesn't intercept it.
>>>
>>> In addition, SVM L0 #UD intercept handler doesn't handle correctly the
>>> case it is raised from L2. In this case, it should forward the #UD to
>>> guest instead of x86 emulator. As done in VMX #UD intercept handler.
>>> This commit fixes this issue as-well.
>>>
>>> Signed-off-by: Liran Alon <liran.alon@oracle.com>
>>> Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
>>> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
>>> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
>>> ---
>>
>> Applied, thanks.
next prev parent reply other threads:[~2017-12-02 0:27 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-06 14:15 [PATCH v2] KVM: nVMX/nSVM: Don't intercept #UD when running L2 Liran Alon
2017-11-06 14:16 ` Paolo Bonzini
2017-11-07 1:23 ` Wanpeng Li
2017-11-10 21:37 ` Radim Krčmář
2017-12-01 23:00 ` Jim Mattson
2017-12-01 23:08 ` Jim Mattson
2017-12-02 0:27 ` Liran Alon [this message]
2018-01-10 19:56 ` Jim Mattson
-- strict thread matches above, loose matches on Subject: below --
2018-01-10 23:01 Liran Alon
2018-01-11 10:34 ` Paolo Bonzini
2018-01-11 13:29 Liran Alon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5A21F357.4080108@ORACLE.COM \
--to=liran.alon@oracle.com \
--cc=idan.brown@ORACLE.COM \
--cc=jmattson@google.com \
--cc=konrad.wilk@ORACLE.COM \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.