From: Marc Zyngier <maz@kernel.org>
To: Jianyong Wu <jianyong.wu@arm.com>
Cc: justin.he@arm.com, nd@arm.com, will@kernel.org,
kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH] arm64/kvm: correct the error report in kvm_handle_guest_abort
Date: Fri, 15 Jan 2021 11:20:46 +0000 [thread overview]
Message-ID: <6f5a2ce458e33f879635f45140293517@kernel.org> (raw)
In-Reply-To: <20210115093028.6504-1-jianyong.wu@arm.com>
On 2021-01-15 09:30, Jianyong Wu wrote:
> Currently, error report when cache maintenance at read-only memory
> range,
> like rom, is not clear enough and even not correct. As the specific
> error
> is definitely known by kvm, it is obliged to give it out.
>
> Fox example, in a qemu/kvm VM, if the guest do dc at the pflash range
> from
> 0 to 128M, error is reported by kvm as "Data abort outside memslots
> with
> no valid syndrome info" which is not quite correct.
>
> Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
> ---
> arch/arm64/kvm/mmu.c | 12 +++++++++---
> 1 file changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c
> index 7d2257cc5438..de66b7e38a5b 100644
> --- a/arch/arm64/kvm/mmu.c
> +++ b/arch/arm64/kvm/mmu.c
> @@ -1022,9 +1022,15 @@ int kvm_handle_guest_abort(struct kvm_vcpu
> *vcpu)
> * So let's assume that the guest is just being
> * cautious, and skip the instruction.
> */
> - if (kvm_is_error_hva(hva) && kvm_vcpu_dabt_is_cm(vcpu)) {
> - kvm_incr_pc(vcpu);
> - ret = 1;
> + if (kvm_vcpu_dabt_is_cm(vcpu)) {
> + if (kvm_is_error_hva(hva)) {
> + kvm_incr_pc(vcpu);
> + ret = 1;
> + goto out_unlock;
> + }
> +
> + kvm_err("Do cache maintenance in the read-only memory range\n");
We don't scream on the console for guests bugs.
> + ret = -EFAULT;
> goto out_unlock;
> }
And what is userspace going to do with that? To be honest, I'd rather
not report it in any case:
- either it isn't mapped, and there is no cache to clean/invalidate
- or it is mapped read-only:
- if it is a "DC IVAC", the guest should get the fault as per
the ARM ARM. But I don't think we can identify the particular CMO
at this stage, so actually performing an invalidation is the least
bad thing to do.
How about this (untested)?
M.
diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c
index 7d2257cc5438..0f497faad131 100644
--- a/arch/arm64/kvm/mmu.c
+++ b/arch/arm64/kvm/mmu.c
@@ -1013,16 +1013,27 @@ int kvm_handle_guest_abort(struct kvm_vcpu
*vcpu)
}
/*
- * Check for a cache maintenance operation. Since we
- * ended-up here, we know it is outside of any memory
- * slot. But we can't find out if that is for a device,
- * or if the guest is just being stupid. The only thing
- * we know for sure is that this range cannot be cached.
+ * Check for a cache maintenance operation. Two cases:
*
- * So let's assume that the guest is just being
- * cautious, and skip the instruction.
+ * - It is outside of any memory slot. But we can't
+ * find out if that is for a device, or if the guest
+ * is just being stupid. The only thing we know for
+ * sure is that this range cannot be cached. So
+ * let's assume that the guest is just being
+ * cautious, and skip the instruction.
+ *
+ * - Otherwise, clean/invalidate the whole memslot. We
+ * should special-case DC IVAC and inject a
+ * permission fault, but we can't really identify it
+ * in this context.
*/
- if (kvm_is_error_hva(hva) && kvm_vcpu_dabt_is_cm(vcpu)) {
+ if (kvm_vcpu_dabt_is_cm(vcpu)) {
+ if (!kvm_is_error_hva(hva)) {
+ spin_lock(&vcpu->kvm->mmu_lock);
+ stage2_flush_memslot(vcpu->kvm, memslot);
+ spin_unlock(&vcpu->kvm->mmu_lock);
+ }
+
kvm_incr_pc(vcpu);
ret = 1;
goto out_unlock;
--
Jazz is not dead. It just smells funny...
_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
WARNING: multiple messages have this Message-ID (diff)
From: Marc Zyngier <maz@kernel.org>
To: Jianyong Wu <jianyong.wu@arm.com>
Cc: justin.he@arm.com, Steve.Capper@arm.com, suzuki.poulose@arm.com,
james.morse@arm.com, nd@arm.com, will@kernel.org,
kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH] arm64/kvm: correct the error report in kvm_handle_guest_abort
Date: Fri, 15 Jan 2021 11:20:46 +0000 [thread overview]
Message-ID: <6f5a2ce458e33f879635f45140293517@kernel.org> (raw)
In-Reply-To: <20210115093028.6504-1-jianyong.wu@arm.com>
On 2021-01-15 09:30, Jianyong Wu wrote:
> Currently, error report when cache maintenance at read-only memory
> range,
> like rom, is not clear enough and even not correct. As the specific
> error
> is definitely known by kvm, it is obliged to give it out.
>
> Fox example, in a qemu/kvm VM, if the guest do dc at the pflash range
> from
> 0 to 128M, error is reported by kvm as "Data abort outside memslots
> with
> no valid syndrome info" which is not quite correct.
>
> Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
> ---
> arch/arm64/kvm/mmu.c | 12 +++++++++---
> 1 file changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c
> index 7d2257cc5438..de66b7e38a5b 100644
> --- a/arch/arm64/kvm/mmu.c
> +++ b/arch/arm64/kvm/mmu.c
> @@ -1022,9 +1022,15 @@ int kvm_handle_guest_abort(struct kvm_vcpu
> *vcpu)
> * So let's assume that the guest is just being
> * cautious, and skip the instruction.
> */
> - if (kvm_is_error_hva(hva) && kvm_vcpu_dabt_is_cm(vcpu)) {
> - kvm_incr_pc(vcpu);
> - ret = 1;
> + if (kvm_vcpu_dabt_is_cm(vcpu)) {
> + if (kvm_is_error_hva(hva)) {
> + kvm_incr_pc(vcpu);
> + ret = 1;
> + goto out_unlock;
> + }
> +
> + kvm_err("Do cache maintenance in the read-only memory range\n");
We don't scream on the console for guests bugs.
> + ret = -EFAULT;
> goto out_unlock;
> }
And what is userspace going to do with that? To be honest, I'd rather
not report it in any case:
- either it isn't mapped, and there is no cache to clean/invalidate
- or it is mapped read-only:
- if it is a "DC IVAC", the guest should get the fault as per
the ARM ARM. But I don't think we can identify the particular CMO
at this stage, so actually performing an invalidation is the least
bad thing to do.
How about this (untested)?
M.
diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c
index 7d2257cc5438..0f497faad131 100644
--- a/arch/arm64/kvm/mmu.c
+++ b/arch/arm64/kvm/mmu.c
@@ -1013,16 +1013,27 @@ int kvm_handle_guest_abort(struct kvm_vcpu
*vcpu)
}
/*
- * Check for a cache maintenance operation. Since we
- * ended-up here, we know it is outside of any memory
- * slot. But we can't find out if that is for a device,
- * or if the guest is just being stupid. The only thing
- * we know for sure is that this range cannot be cached.
+ * Check for a cache maintenance operation. Two cases:
*
- * So let's assume that the guest is just being
- * cautious, and skip the instruction.
+ * - It is outside of any memory slot. But we can't
+ * find out if that is for a device, or if the guest
+ * is just being stupid. The only thing we know for
+ * sure is that this range cannot be cached. So
+ * let's assume that the guest is just being
+ * cautious, and skip the instruction.
+ *
+ * - Otherwise, clean/invalidate the whole memslot. We
+ * should special-case DC IVAC and inject a
+ * permission fault, but we can't really identify it
+ * in this context.
*/
- if (kvm_is_error_hva(hva) && kvm_vcpu_dabt_is_cm(vcpu)) {
+ if (kvm_vcpu_dabt_is_cm(vcpu)) {
+ if (!kvm_is_error_hva(hva)) {
+ spin_lock(&vcpu->kvm->mmu_lock);
+ stage2_flush_memslot(vcpu->kvm, memslot);
+ spin_unlock(&vcpu->kvm->mmu_lock);
+ }
+
kvm_incr_pc(vcpu);
ret = 1;
goto out_unlock;
--
Jazz is not dead. It just smells funny...
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-01-15 11:20 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-15 9:30 [PATCH] arm64/kvm: correct the error report in kvm_handle_guest_abort Jianyong Wu
2021-01-15 9:30 ` Jianyong Wu
2021-01-15 11:20 ` Marc Zyngier [this message]
2021-01-15 11:20 ` Marc Zyngier
2021-01-16 8:46 ` Jianyong Wu
2021-01-16 8:46 ` Jianyong Wu
2021-01-18 13:01 ` Jianyong Wu
2021-01-18 13:01 ` Jianyong Wu
2021-01-18 13:04 ` Jianyong Wu
2021-01-18 13:04 ` Jianyong Wu
2021-01-18 13:26 ` Marc Zyngier
2021-01-18 13:26 ` Marc Zyngier
2021-01-18 13:38 ` Jianyong Wu
2021-01-18 13:38 ` Jianyong Wu
2021-01-18 13:44 ` Marc Zyngier
2021-01-18 13:44 ` Marc Zyngier
2021-01-18 14:24 ` Jianyong Wu
2021-01-18 14:24 ` Jianyong Wu
2021-01-26 8:10 ` Jianyong Wu
2021-01-26 8:10 ` Jianyong Wu
2021-01-26 9:18 ` Marc Zyngier
2021-01-26 9:18 ` Marc Zyngier
2021-01-28 3:01 ` Jianyong Wu
2021-01-28 3:01 ` Jianyong Wu
2021-01-28 9:07 ` Marc Zyngier
2021-01-28 9:07 ` Marc Zyngier
2021-01-28 9:55 ` Jianyong Wu
2021-01-28 9:55 ` Jianyong Wu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6f5a2ce458e33f879635f45140293517@kernel.org \
--to=maz@kernel.org \
--cc=jianyong.wu@arm.com \
--cc=justin.he@arm.com \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=nd@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.