From mboxrd@z Thu Jan 1 00:00:00 1970 From: Sean Christopherson Date: Thu, 18 Nov 2021 18:50:55 +0000 Subject: [PATCH v3 08/12] KVM: Propagate vcpu explicitly to mark_page_dirty_in_slot() In-Reply-To: References: <20211117174003.297096-1-dwmw2@infradead.org> <20211117174003.297096-9-dwmw2@infradead.org> <85d9fec17f32c3eb9e100e56b91af050.squirrel@twosheds.infradead.org> <4c48546b-eb4a-dff7-cc38-5df54f73f5d4@redhat.com> <20b5952e76c54a3a5dfe5a898e3b835404ac6fb1.camel@infradead.org> Message-ID: List-Id: To: kvm-riscv@lists.infradead.org MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit On Thu, Nov 18, 2021, Sean Christopherson wrote: > On Thu, Nov 18, 2021, David Woodhouse wrote: > > That leaves the one in TDP MMU handle_changed_spte_dirty_log() which > > AFAICT can trigger the same crash seen by butt3rflyh4ck ? can't that > > happen from a thread where kvm_get_running_vcpu() is NULL too? For that > > one I'm not sure. > > I think could be trigger in the TDP MMU via kvm_mmu_notifier_release() > -> kvm_mmu_zap_all(), e.g. if the userspace VMM exits while dirty logging is > enabled. That should be easy to (dis)prove via a selftest. Scratch that, the dirty log update is guarded by the new_spte being present, so zapping of any kind won't trigger it. Currently, I believe the only path that would create a present SPTE without an active vCPU is mmu_notifer.change_pte, but that squeaks by because its required to be wrapped with invalidate_range_{start,end}(MMU_NOTIFY_CLEAR), and KVM zaps in that situation. Ben's series to promote pages on disabling of dirty logging will also sqeuak by because dirty logging is obviously disabled. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A81ACC433EF for ; Thu, 18 Nov 2021 18:51:04 +0000 (UTC) Received: from mm01.cs.columbia.edu (mm01.cs.columbia.edu [128.59.11.253]) by mail.kernel.org (Postfix) with ESMTP id 29C6761AFF for ; Thu, 18 Nov 2021 18:51:04 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 29C6761AFF Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.cs.columbia.edu Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id ADCCB4B1A9; Thu, 18 Nov 2021 13:51:03 -0500 (EST) X-Virus-Scanned: at lists.cs.columbia.edu Authentication-Results: mm01.cs.columbia.edu (amavisd-new); dkim=softfail (fail, message has been altered) header.i=@google.com Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U9eGY7unZHji; Thu, 18 Nov 2021 13:51:02 -0500 (EST) Received: from mm01.cs.columbia.edu (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id AA96D4B1B0; Thu, 18 Nov 2021 13:51:02 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id C2B6E4B1AB for ; Thu, 18 Nov 2021 13:51:01 -0500 (EST) X-Virus-Scanned: at lists.cs.columbia.edu Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VlbzOgngFkcq for ; Thu, 18 Nov 2021 13:51:00 -0500 (EST) Received: from mail-pg1-f172.google.com (mail-pg1-f172.google.com [209.85.215.172]) by mm01.cs.columbia.edu (Postfix) with ESMTPS id C59494B19D for ; Thu, 18 Nov 2021 13:51:00 -0500 (EST) Received: by mail-pg1-f172.google.com with SMTP id r132so6209192pgr.9 for ; Thu, 18 Nov 2021 10:51:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=zAr8G8m6HwrPqqoGdIArvc5MN7TTOd03aeCBtzrDy6c=; b=rbZpSNPBshLLEgA/oYmPUPBbBkHwOg37klgFkMWXqRk+AzrmyZ/M8ccKC2y8hmj5XX PLpPwnUPPnPUTd02kdHoVA+HzFD/83CjjC3Xbl8iUzGpDaC5IgVnhNZp/tysG3KqErGy 5NHK+nazoYp2JBbWoBCcZ90G56QCBVHGDC2bRvtFDuQptjhoIwkzkNewqtOfKXf5uclO DhLKIN93hjB32b8vl6mql00pPTkF1CnjBXdgyjfBHRSJU7IHYoN8ZQlZWFAH1r/9oUd0 jnvQBNIOdWFfAc3UrHP8NU5X0ygb/qQXibVUtpmNCElsCb3HlLNAGjLYo0jNbS4Fc47o oIdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to; bh=zAr8G8m6HwrPqqoGdIArvc5MN7TTOd03aeCBtzrDy6c=; b=X1vXINvksYy1VIEXZvZ78nPu5JO7YRiYSMT9YAe96wfoTm8uZBlBZkhMn5iOxlGRSO +IkUwx1/uAtHsx/apOuIMeTqcgsFkwOD3LLFEYCN9jOyfHuGGIA1RaJGGDDG56Uhq5Py ejRZe818LkCBo1mRzENSeXir7JXfi2/S06UEZ9aAjefigozaKacDhKpROJY9M256/gJL 13opezZNneGCRZgj25avhdf5WXX5PTjqf0/aPq01N0Nwcttii8b4R2HbIekbhLEdjJ+5 fcZjEZix0AXwhUkSJ7WWuDpuHf+ftfljlP5OZh2pPKgIIZy7yNr4F/b+SnBcZwMSCCeS +XRw== X-Gm-Message-State: AOAM5323WyqBWaU0Z+T9c29RaWHUNHQ39FkeowCUWq3nehvkYHTb2iMJ OWbX2CD/hAZu3UCJx2tCQ8Bbmw== X-Google-Smtp-Source: ABdhPJwrEgdsIYmbNbF+vA4sWC6GNXtBMPWh0SewfV4Te7mVM91SE0D0KPe2RQ2SZU3Fb1o23V6Nkg== X-Received: by 2002:a05:6a00:b49:b0:49f:bad2:bd7c with SMTP id p9-20020a056a000b4900b0049fbad2bd7cmr58136547pfo.64.1637261459650; Thu, 18 Nov 2021 10:50:59 -0800 (PST) Received: from google.com (157.214.185.35.bc.googleusercontent.com. [35.185.214.157]) by smtp.gmail.com with ESMTPSA id y18sm306696pgh.18.2021.11.18.10.50.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Nov 2021 10:50:59 -0800 (PST) Date: Thu, 18 Nov 2021 18:50:55 +0000 From: Sean Christopherson To: David Woodhouse Subject: Re: [PATCH v3 08/12] KVM: Propagate vcpu explicitly to mark_page_dirty_in_slot() Message-ID: References: <20211117174003.297096-1-dwmw2@infradead.org> <20211117174003.297096-9-dwmw2@infradead.org> <85d9fec17f32c3eb9e100e56b91af050.squirrel@twosheds.infradead.org> <4c48546b-eb4a-dff7-cc38-5df54f73f5d4@redhat.com> <20b5952e76c54a3a5dfe5a898e3b835404ac6fb1.camel@infradead.org> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: Cc: Anup Patel , "wanpengli @ tencent . com" , kvm , Benjamin Herrenschmidt , Joao Martins , Will Deacon , kvmarm@lists.cs.columbia.edu, linux-s390@vger.kernel.org, Michael Ellerman , "joro @ 8bytes . org" , Huacai Chen , Christian Borntraeger , Aleksandar Markovic , karahmed@amazon.com, Catalin Marinas , Boris Ostrovsky , linux-arm-kernel , "jmattson @ google . com" , "mtosatti @ redhat . com" , linux-mips@vger.kernel.org, kvm-riscv@lists.infradead.org, Marc Zyngier , Paolo Bonzini , "vkuznets @ redhat . com" , linuxppc-dev@lists.ozlabs.org X-BeenThere: kvmarm@lists.cs.columbia.edu X-Mailman-Version: 2.1.14 Precedence: list List-Id: Where KVM/ARM decisions are made List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kvmarm-bounces@lists.cs.columbia.edu Sender: kvmarm-bounces@lists.cs.columbia.edu T24gVGh1LCBOb3YgMTgsIDIwMjEsIFNlYW4gQ2hyaXN0b3BoZXJzb24gd3JvdGU6Cj4gT24gVGh1 LCBOb3YgMTgsIDIwMjEsIERhdmlkIFdvb2Rob3VzZSB3cm90ZToKPiA+IFRoYXQgbGVhdmVzIHRo ZSBvbmUgaW4gVERQIE1NVSBoYW5kbGVfY2hhbmdlZF9zcHRlX2RpcnR5X2xvZygpIHdoaWNoCj4g PiBBRkFJQ1QgY2FuIHRyaWdnZXIgdGhlIHNhbWUgY3Jhc2ggc2VlbiBieSBidXR0M3JmbHloNGNr IOKAlCBjYW4ndCB0aGF0Cj4gPiBoYXBwZW4gZnJvbSBhIHRocmVhZCB3aGVyZSBrdm1fZ2V0X3J1 bm5pbmdfdmNwdSgpIGlzIE5VTEwgdG9vPyBGb3IgdGhhdAo+ID4gb25lIEknbSBub3Qgc3VyZS4K PiAKPiBJIHRoaW5rIGNvdWxkIGJlIHRyaWdnZXIgaW4gdGhlIFREUCBNTVUgdmlhIGt2bV9tbXVf bm90aWZpZXJfcmVsZWFzZSgpCj4gLT4ga3ZtX21tdV96YXBfYWxsKCksIGUuZy4gaWYgdGhlIHVz ZXJzcGFjZSBWTU0gZXhpdHMgd2hpbGUgZGlydHkgbG9nZ2luZyBpcwo+IGVuYWJsZWQuICBUaGF0 IHNob3VsZCBiZSBlYXN5IHRvIChkaXMpcHJvdmUgdmlhIGEgc2VsZnRlc3QuCgpTY3JhdGNoIHRo YXQsIHRoZSBkaXJ0eSBsb2cgdXBkYXRlIGlzIGd1YXJkZWQgYnkgdGhlIG5ld19zcHRlIGJlaW5n IHByZXNlbnQsIHNvCnphcHBpbmcgb2YgYW55IGtpbmQgd29uJ3QgdHJpZ2dlciBpdC4KCkN1cnJl bnRseSwgSSBiZWxpZXZlIHRoZSBvbmx5IHBhdGggdGhhdCB3b3VsZCBjcmVhdGUgYSBwcmVzZW50 IFNQVEUgd2l0aG91dCBhbgphY3RpdmUgdkNQVSBpcyBtbXVfbm90aWZlci5jaGFuZ2VfcHRlLCBi dXQgdGhhdCBzcXVlYWtzIGJ5IGJlY2F1c2UgaXRzIHJlcXVpcmVkCnRvIGJlIHdyYXBwZWQgd2l0 aCBpbnZhbGlkYXRlX3JhbmdlX3tzdGFydCxlbmR9KE1NVV9OT1RJRllfQ0xFQVIpLCBhbmQgS1ZN IHphcHMKaW4gdGhhdCBzaXR1YXRpb24uCgpCZW4ncyBzZXJpZXMgdG8gcHJvbW90ZSBwYWdlcyBv biBkaXNhYmxpbmcgb2YgZGlydHkgbG9nZ2luZyB3aWxsIGFsc28gc3FldWFrIGJ5CmJlY2F1c2Ug ZGlydHkgbG9nZ2luZyBpcyBvYnZpb3VzbHkgZGlzYWJsZWQuCl9fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fCmt2bWFybSBtYWlsaW5nIGxpc3QKa3ZtYXJtQGxp c3RzLmNzLmNvbHVtYmlhLmVkdQpodHRwczovL2xpc3RzLmNzLmNvbHVtYmlhLmVkdS9tYWlsbWFu L2xpc3RpbmZvL2t2bWFybQo= From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7A727C433FE for ; Thu, 18 Nov 2021 18:51:01 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 59B6061AFF for ; Thu, 18 Nov 2021 18:51:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230179AbhKRSyB (ORCPT ); Thu, 18 Nov 2021 13:54:01 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48672 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229734AbhKRSyA (ORCPT ); Thu, 18 Nov 2021 13:54:00 -0500 Received: from mail-pg1-x531.google.com (mail-pg1-x531.google.com [IPv6:2607:f8b0:4864:20::531]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6C031C061748 for ; Thu, 18 Nov 2021 10:51:00 -0800 (PST) Received: by mail-pg1-x531.google.com with SMTP id d64so4189634pgc.7 for ; Thu, 18 Nov 2021 10:51:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=zAr8G8m6HwrPqqoGdIArvc5MN7TTOd03aeCBtzrDy6c=; b=rbZpSNPBshLLEgA/oYmPUPBbBkHwOg37klgFkMWXqRk+AzrmyZ/M8ccKC2y8hmj5XX PLpPwnUPPnPUTd02kdHoVA+HzFD/83CjjC3Xbl8iUzGpDaC5IgVnhNZp/tysG3KqErGy 5NHK+nazoYp2JBbWoBCcZ90G56QCBVHGDC2bRvtFDuQptjhoIwkzkNewqtOfKXf5uclO DhLKIN93hjB32b8vl6mql00pPTkF1CnjBXdgyjfBHRSJU7IHYoN8ZQlZWFAH1r/9oUd0 jnvQBNIOdWFfAc3UrHP8NU5X0ygb/qQXibVUtpmNCElsCb3HlLNAGjLYo0jNbS4Fc47o oIdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to; bh=zAr8G8m6HwrPqqoGdIArvc5MN7TTOd03aeCBtzrDy6c=; b=JuJH5+Ba80ocpZ99BNuXl3Sfm8SsAHKKfuDVl6Nym4TmpihiC6jUYpGXVLBLBT1OC5 5N/Jy68RydbCEDaR8Sc2unvpTJfIVNLv3ULy+js/a6qBIe405FqKlXY2ksp9i7y8WaGi oubGf41OeB8bc2c2ZP9RQ3nwLsajx81v4G4xzIRZ6bVdzn1LPF4ERqn1FRA5S5HxzTEV 0xxH7AnwgSMddUMoxr8HmJUw4/Lfb1V8SK6cY/op9EiuhU3HLMfDhYGD53iZSrSo8AKz DbIxLwUpQUaRhwa5PqR4C3bh6f0eQf2SFM/0jb9sHw2oMzwkYk0exfb86hKSR5MFxvlW Pf6Q== X-Gm-Message-State: AOAM5303IhD9bpAh0yoVGXYT5QyI0rwX38EJmddrUDvClKWbPrgF1gK6 EIqtM9IKbQJfVDvm69HV+N725A== X-Google-Smtp-Source: ABdhPJwrEgdsIYmbNbF+vA4sWC6GNXtBMPWh0SewfV4Te7mVM91SE0D0KPe2RQ2SZU3Fb1o23V6Nkg== X-Received: by 2002:a05:6a00:b49:b0:49f:bad2:bd7c with SMTP id p9-20020a056a000b4900b0049fbad2bd7cmr58136547pfo.64.1637261459650; Thu, 18 Nov 2021 10:50:59 -0800 (PST) Received: from google.com (157.214.185.35.bc.googleusercontent.com. [35.185.214.157]) by smtp.gmail.com with ESMTPSA id y18sm306696pgh.18.2021.11.18.10.50.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Nov 2021 10:50:59 -0800 (PST) Date: Thu, 18 Nov 2021 18:50:55 +0000 From: Sean Christopherson To: David Woodhouse Cc: Paolo Bonzini , kvm , Boris Ostrovsky , Joao Martins , "jmattson @ google . com" , "wanpengli @ tencent . com" , "vkuznets @ redhat . com" , "mtosatti @ redhat . com" , "joro @ 8bytes . org" , karahmed@amazon.com, Marc Zyngier , James Morse , Alexandru Elisei , Suzuki K Poulose , Catalin Marinas , Will Deacon , Huacai Chen , Aleksandar Markovic , Michael Ellerman , Benjamin Herrenschmidt , Anup Patel , Christian Borntraeger , kvmarm@lists.cs.columbia.edu, linux-arm-kernel , linux-mips@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, kvm-riscv@lists.infradead.org, linux-s390@vger.kernel.org Subject: Re: [PATCH v3 08/12] KVM: Propagate vcpu explicitly to mark_page_dirty_in_slot() Message-ID: References: <20211117174003.297096-1-dwmw2@infradead.org> <20211117174003.297096-9-dwmw2@infradead.org> <85d9fec17f32c3eb9e100e56b91af050.squirrel@twosheds.infradead.org> <4c48546b-eb4a-dff7-cc38-5df54f73f5d4@redhat.com> <20b5952e76c54a3a5dfe5a898e3b835404ac6fb1.camel@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-mips@vger.kernel.org On Thu, Nov 18, 2021, Sean Christopherson wrote: > On Thu, Nov 18, 2021, David Woodhouse wrote: > > That leaves the one in TDP MMU handle_changed_spte_dirty_log() which > > AFAICT can trigger the same crash seen by butt3rflyh4ck — can't that > > happen from a thread where kvm_get_running_vcpu() is NULL too? For that > > one I'm not sure. > > I think could be trigger in the TDP MMU via kvm_mmu_notifier_release() > -> kvm_mmu_zap_all(), e.g. if the userspace VMM exits while dirty logging is > enabled. That should be easy to (dis)prove via a selftest. Scratch that, the dirty log update is guarded by the new_spte being present, so zapping of any kind won't trigger it. Currently, I believe the only path that would create a present SPTE without an active vCPU is mmu_notifer.change_pte, but that squeaks by because its required to be wrapped with invalidate_range_{start,end}(MMU_NOTIFY_CLEAR), and KVM zaps in that situation. Ben's series to promote pages on disabling of dirty logging will also sqeuak by because dirty logging is obviously disabled. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1BA44C433EF for ; Thu, 18 Nov 2021 18:51:48 +0000 (UTC) Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 393A461A8A for ; Thu, 18 Nov 2021 18:51:47 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 393A461A8A Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.ozlabs.org Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4Hw8693bQvz3c75 for ; Fri, 19 Nov 2021 05:51:45 +1100 (AEDT) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.a=rsa-sha256 header.s=20210112 header.b=rbZpSNPB; dkim-atps=neutral Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=google.com (client-ip=2607:f8b0:4864:20::52d; helo=mail-pg1-x52d.google.com; envelope-from=seanjc@google.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.a=rsa-sha256 header.s=20210112 header.b=rbZpSNPB; dkim-atps=neutral Received: from mail-pg1-x52d.google.com (mail-pg1-x52d.google.com [IPv6:2607:f8b0:4864:20::52d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4Hw85P0BRhz2ynQ for ; Fri, 19 Nov 2021 05:51:02 +1100 (AEDT) Received: by mail-pg1-x52d.google.com with SMTP id 28so6207184pgq.8 for ; Thu, 18 Nov 2021 10:51:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=zAr8G8m6HwrPqqoGdIArvc5MN7TTOd03aeCBtzrDy6c=; b=rbZpSNPBshLLEgA/oYmPUPBbBkHwOg37klgFkMWXqRk+AzrmyZ/M8ccKC2y8hmj5XX PLpPwnUPPnPUTd02kdHoVA+HzFD/83CjjC3Xbl8iUzGpDaC5IgVnhNZp/tysG3KqErGy 5NHK+nazoYp2JBbWoBCcZ90G56QCBVHGDC2bRvtFDuQptjhoIwkzkNewqtOfKXf5uclO DhLKIN93hjB32b8vl6mql00pPTkF1CnjBXdgyjfBHRSJU7IHYoN8ZQlZWFAH1r/9oUd0 jnvQBNIOdWFfAc3UrHP8NU5X0ygb/qQXibVUtpmNCElsCb3HlLNAGjLYo0jNbS4Fc47o oIdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to; bh=zAr8G8m6HwrPqqoGdIArvc5MN7TTOd03aeCBtzrDy6c=; b=voFAcSZWpmQ1wyHtQjYozzHV6MWQbiwtPE2/dsl4sEHfsvA4+srUoPCluppjhj/6Uh B5fDksRl7TziIOhUfeoMZW5vxqLF5RcZiE7XTH3jmp1kZXswDSNFnh9PhMtZ045RlSkD AArYuSz+c4Jv2j238tC1bnZB8i0nJG0kcP1fmeBy3b1I7EOisEIq/SEi9X8OoGQXXcMg pFll+UABVPA17zxgq4ZihtqB49UI4Xoq2eqNugBdpF0bHkIYh2tsmCdtXj0DrTkbYRTj cmCt/IcY7k9NXVtA+vL7eDnSgWB01o1APcBsibEuZ8Mm6iGAzq9OdVKOT+zrZi3WDFg3 NHwQ== X-Gm-Message-State: AOAM530vx2vERKLrPaHNCLUDr7YYnBqD21QDIPkd4dcgebsd+Sl54pE7 lOADzs1XKKMIVuW9DUoCdk5Qvg== X-Google-Smtp-Source: ABdhPJwrEgdsIYmbNbF+vA4sWC6GNXtBMPWh0SewfV4Te7mVM91SE0D0KPe2RQ2SZU3Fb1o23V6Nkg== X-Received: by 2002:a05:6a00:b49:b0:49f:bad2:bd7c with SMTP id p9-20020a056a000b4900b0049fbad2bd7cmr58136547pfo.64.1637261459650; Thu, 18 Nov 2021 10:50:59 -0800 (PST) Received: from google.com (157.214.185.35.bc.googleusercontent.com. [35.185.214.157]) by smtp.gmail.com with ESMTPSA id y18sm306696pgh.18.2021.11.18.10.50.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Nov 2021 10:50:59 -0800 (PST) Date: Thu, 18 Nov 2021 18:50:55 +0000 From: Sean Christopherson To: David Woodhouse Subject: Re: [PATCH v3 08/12] KVM: Propagate vcpu explicitly to mark_page_dirty_in_slot() Message-ID: References: <20211117174003.297096-1-dwmw2@infradead.org> <20211117174003.297096-9-dwmw2@infradead.org> <85d9fec17f32c3eb9e100e56b91af050.squirrel@twosheds.infradead.org> <4c48546b-eb4a-dff7-cc38-5df54f73f5d4@redhat.com> <20b5952e76c54a3a5dfe5a898e3b835404ac6fb1.camel@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Anup Patel , "wanpengli @ tencent . com" , kvm , Joao Martins , Will Deacon , kvmarm@lists.cs.columbia.edu, linux-s390@vger.kernel.org, "joro @ 8bytes . org" , Huacai Chen , Christian Borntraeger , Aleksandar Markovic , karahmed@amazon.com, Catalin Marinas , Suzuki K Poulose , Boris Ostrovsky , Alexandru Elisei , linux-arm-kernel , "jmattson @ google . com" , "mtosatti @ redhat . com" , linux-mips@vger.kernel.org, James Morse , kvm-riscv@lists.infradead.org, Marc Zyngier , Paolo Bonzini , "vkuznets @ redhat . com" , linuxppc-dev@lists.ozlabs.org Errors-To: linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Sender: "Linuxppc-dev" On Thu, Nov 18, 2021, Sean Christopherson wrote: > On Thu, Nov 18, 2021, David Woodhouse wrote: > > That leaves the one in TDP MMU handle_changed_spte_dirty_log() which > > AFAICT can trigger the same crash seen by butt3rflyh4ck — can't that > > happen from a thread where kvm_get_running_vcpu() is NULL too? For that > > one I'm not sure. > > I think could be trigger in the TDP MMU via kvm_mmu_notifier_release() > -> kvm_mmu_zap_all(), e.g. if the userspace VMM exits while dirty logging is > enabled. That should be easy to (dis)prove via a selftest. Scratch that, the dirty log update is guarded by the new_spte being present, so zapping of any kind won't trigger it. Currently, I believe the only path that would create a present SPTE without an active vCPU is mmu_notifer.change_pte, but that squeaks by because its required to be wrapped with invalidate_range_{start,end}(MMU_NOTIFY_CLEAR), and KVM zaps in that situation. Ben's series to promote pages on disabling of dirty logging will also sqeuak by because dirty logging is obviously disabled. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A83BBC433EF for ; Thu, 18 Nov 2021 18:53:25 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 7756B61A8A for ; Thu, 18 Nov 2021 18:53:25 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 7756B61A8A Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=yEmk71yaW0dlJeJFr86DEaEClCLSNmd7vtr7H0Pkbwg=; b=KRazxpxsxT4wAQ Zi205KHuDIuoDt/QhYBDugOlOpt+n4m/WNxSI/fo4RGL7EAmhUsi4+3wGaqOdAWe8SB4idfMh0Fm3 d4OZDIdqh/n3bdYj3E2FA5Miabf0MUrA+SLdEROuI9RfinmV8t2VqNH2P86BqhiLvpTDiKz6hEmpE VQATQr/aIdPfv0wgXuK+Jn34lUvm/drsXgVJxR798k38e6df9JRjaFA82sjgjohLVs4cnz8IbGLLb MHiCqcWFmpGlyI61T/1Ph1sN1gm9HEiMbsMZpcDkD1o07WwmhTViOzLgZ2THkfMC7kjdEofTXtCVs rms4cnndV1qh7iLGXQ+g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mnmVd-008f7p-3p; Thu, 18 Nov 2021 18:51:46 +0000 Received: from mail-pg1-x531.google.com ([2607:f8b0:4864:20::531]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mnmUu-008elf-Vi for linux-arm-kernel@lists.infradead.org; Thu, 18 Nov 2021 18:51:02 +0000 Received: by mail-pg1-x531.google.com with SMTP id r132so6209191pgr.9 for ; Thu, 18 Nov 2021 10:51:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=zAr8G8m6HwrPqqoGdIArvc5MN7TTOd03aeCBtzrDy6c=; b=rbZpSNPBshLLEgA/oYmPUPBbBkHwOg37klgFkMWXqRk+AzrmyZ/M8ccKC2y8hmj5XX PLpPwnUPPnPUTd02kdHoVA+HzFD/83CjjC3Xbl8iUzGpDaC5IgVnhNZp/tysG3KqErGy 5NHK+nazoYp2JBbWoBCcZ90G56QCBVHGDC2bRvtFDuQptjhoIwkzkNewqtOfKXf5uclO DhLKIN93hjB32b8vl6mql00pPTkF1CnjBXdgyjfBHRSJU7IHYoN8ZQlZWFAH1r/9oUd0 jnvQBNIOdWFfAc3UrHP8NU5X0ygb/qQXibVUtpmNCElsCb3HlLNAGjLYo0jNbS4Fc47o oIdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to; bh=zAr8G8m6HwrPqqoGdIArvc5MN7TTOd03aeCBtzrDy6c=; b=RBN8d9wvRxazG8B7yh92c1Gdfcz08xaoiq5UidS0nD5k+VbtPuIZzMr3SoFHi0CS2x HHISZp2bwCgNtHNO18HTYZ5p8ZMeZyih6zujw6GPZ+4fQTmbbuW9FqjbXNvlQktv1cju NBeVl8WdfS1m7zuoCZx4Skb9I/Wf2RQv8b+6CD5c/zma8jSgZa6AA/HPsK0+C8SvFYhr RAgitFIjDTmwXT90tGWqf4f00UODUFiNkYclJ7ofuQm34Wze+EIjotfhYmNH6iRFUPAq pVRJSghU+4A5YuoWCgtWUesmyDdMJ9ALIHhL+LASmtCim4KpNakwp8KuUpt/95WrW+Os /4nQ== X-Gm-Message-State: AOAM530Jm3udp7rmdV7MgegAM1v/k+CWHy5ZRYurTyaRV8WdvcFkCbLZ KOXYRDilyJUYnBdHy1Fd+RLmlw== X-Google-Smtp-Source: ABdhPJwrEgdsIYmbNbF+vA4sWC6GNXtBMPWh0SewfV4Te7mVM91SE0D0KPe2RQ2SZU3Fb1o23V6Nkg== X-Received: by 2002:a05:6a00:b49:b0:49f:bad2:bd7c with SMTP id p9-20020a056a000b4900b0049fbad2bd7cmr58136547pfo.64.1637261459650; Thu, 18 Nov 2021 10:50:59 -0800 (PST) Received: from google.com (157.214.185.35.bc.googleusercontent.com. [35.185.214.157]) by smtp.gmail.com with ESMTPSA id y18sm306696pgh.18.2021.11.18.10.50.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Nov 2021 10:50:59 -0800 (PST) Date: Thu, 18 Nov 2021 18:50:55 +0000 From: Sean Christopherson To: David Woodhouse Cc: Paolo Bonzini , kvm , Boris Ostrovsky , Joao Martins , "jmattson @ google . com" , "wanpengli @ tencent . com" , "vkuznets @ redhat . com" , "mtosatti @ redhat . com" , "joro @ 8bytes . org" , karahmed@amazon.com, Marc Zyngier , James Morse , Alexandru Elisei , Suzuki K Poulose , Catalin Marinas , Will Deacon , Huacai Chen , Aleksandar Markovic , Michael Ellerman , Benjamin Herrenschmidt , Anup Patel , Christian Borntraeger , kvmarm@lists.cs.columbia.edu, linux-arm-kernel , linux-mips@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, kvm-riscv@lists.infradead.org, linux-s390@vger.kernel.org Subject: Re: [PATCH v3 08/12] KVM: Propagate vcpu explicitly to mark_page_dirty_in_slot() Message-ID: References: <20211117174003.297096-1-dwmw2@infradead.org> <20211117174003.297096-9-dwmw2@infradead.org> <85d9fec17f32c3eb9e100e56b91af050.squirrel@twosheds.infradead.org> <4c48546b-eb4a-dff7-cc38-5df54f73f5d4@redhat.com> <20b5952e76c54a3a5dfe5a898e3b835404ac6fb1.camel@infradead.org> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20211118_105101_082530_4A543BE7 X-CRM114-Status: GOOD ( 12.83 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org T24gVGh1LCBOb3YgMTgsIDIwMjEsIFNlYW4gQ2hyaXN0b3BoZXJzb24gd3JvdGU6Cj4gT24gVGh1 LCBOb3YgMTgsIDIwMjEsIERhdmlkIFdvb2Rob3VzZSB3cm90ZToKPiA+IFRoYXQgbGVhdmVzIHRo ZSBvbmUgaW4gVERQIE1NVSBoYW5kbGVfY2hhbmdlZF9zcHRlX2RpcnR5X2xvZygpIHdoaWNoCj4g PiBBRkFJQ1QgY2FuIHRyaWdnZXIgdGhlIHNhbWUgY3Jhc2ggc2VlbiBieSBidXR0M3JmbHloNGNr IOKAlCBjYW4ndCB0aGF0Cj4gPiBoYXBwZW4gZnJvbSBhIHRocmVhZCB3aGVyZSBrdm1fZ2V0X3J1 bm5pbmdfdmNwdSgpIGlzIE5VTEwgdG9vPyBGb3IgdGhhdAo+ID4gb25lIEknbSBub3Qgc3VyZS4K PiAKPiBJIHRoaW5rIGNvdWxkIGJlIHRyaWdnZXIgaW4gdGhlIFREUCBNTVUgdmlhIGt2bV9tbXVf bm90aWZpZXJfcmVsZWFzZSgpCj4gLT4ga3ZtX21tdV96YXBfYWxsKCksIGUuZy4gaWYgdGhlIHVz ZXJzcGFjZSBWTU0gZXhpdHMgd2hpbGUgZGlydHkgbG9nZ2luZyBpcwo+IGVuYWJsZWQuICBUaGF0 IHNob3VsZCBiZSBlYXN5IHRvIChkaXMpcHJvdmUgdmlhIGEgc2VsZnRlc3QuCgpTY3JhdGNoIHRo YXQsIHRoZSBkaXJ0eSBsb2cgdXBkYXRlIGlzIGd1YXJkZWQgYnkgdGhlIG5ld19zcHRlIGJlaW5n IHByZXNlbnQsIHNvCnphcHBpbmcgb2YgYW55IGtpbmQgd29uJ3QgdHJpZ2dlciBpdC4KCkN1cnJl bnRseSwgSSBiZWxpZXZlIHRoZSBvbmx5IHBhdGggdGhhdCB3b3VsZCBjcmVhdGUgYSBwcmVzZW50 IFNQVEUgd2l0aG91dCBhbgphY3RpdmUgdkNQVSBpcyBtbXVfbm90aWZlci5jaGFuZ2VfcHRlLCBi dXQgdGhhdCBzcXVlYWtzIGJ5IGJlY2F1c2UgaXRzIHJlcXVpcmVkCnRvIGJlIHdyYXBwZWQgd2l0 aCBpbnZhbGlkYXRlX3JhbmdlX3tzdGFydCxlbmR9KE1NVV9OT1RJRllfQ0xFQVIpLCBhbmQgS1ZN IHphcHMKaW4gdGhhdCBzaXR1YXRpb24uCgpCZW4ncyBzZXJpZXMgdG8gcHJvbW90ZSBwYWdlcyBv biBkaXNhYmxpbmcgb2YgZGlydHkgbG9nZ2luZyB3aWxsIGFsc28gc3FldWFrIGJ5CmJlY2F1c2Ug ZGlydHkgbG9nZ2luZyBpcyBvYnZpb3VzbHkgZGlzYWJsZWQuCgpfX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fXwpsaW51eC1hcm0ta2VybmVsIG1haWxpbmcgbGlz dApsaW51eC1hcm0ta2VybmVsQGxpc3RzLmluZnJhZGVhZC5vcmcKaHR0cDovL2xpc3RzLmluZnJh ZGVhZC5vcmcvbWFpbG1hbi9saXN0aW5mby9saW51eC1hcm0ta2VybmVsCg==