diff for duplicates of <ZQ3AmLO2SYv3DszH@google.com> diff --git a/a/1.txt b/N1/1.txt index f03ae20..ca028a3 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -63,7 +63,7 @@ event injection by synthesizing a triple fault if (ret != X86EMUL_CONTINUE) { kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu); -There are multiple KVM bugs@play: read_emulate() and write_emulate() incorrectly +There are multiple KVM bugs at play: read_emulate() and write_emulate() incorrectly assume *all* failures should be treated like MMIO, and conversely ->read_std() and ->write_std() don't handle *any* failures as MMIO. @@ -108,9 +108,9 @@ I'll post the below patch as fixup for the guest_memfd series, and work with Ani to massage the attached patch (result of the below being sqaushed) in case his series lands first. -[1] https://lore.kernel.org/all/202309141107.30863e9d-oliver.sang at intel.com -[2] https://lore.kernel.org/all/Y+6iX6a22+GEuH1b at google.com -[3] https://lore.kernel.org/all/ZFFbwOXZ5uI%2Fgdaf at google.com +[1] https://lore.kernel.org/all/202309141107.30863e9d-oliver.sang@intel.com +[2] https://lore.kernel.org/all/Y+6iX6a22+GEuH1b@google.com +[3] https://lore.kernel.org/all/ZFFbwOXZ5uI%2Fgdaf@google.com --- Documentation/virt/kvm/api.rst | 21 +++++++++++++++++++ @@ -248,12 +248,4 @@ index 96fc609459e3..d78e97b527e5 100644 break; base-commit: 67aa951d727ad2715f7ad891929f18b7f2567a0f --- - --------------- next part -------------- -A non-text attachment was scrubbed... -Name: 0001-KVM-Add-KVM_EXIT_MEMORY_FAULT-exit-to-report-faults-.patch -Type: text/x-diff -Size: 9190 bytes -Desc: not available -URL: <http://lists.infradead.org/pipermail/kvm-riscv/attachments/20230922/e8b03c33/attachment.bin> +-- diff --git a/N1/2.hdr b/N1/2.hdr new file mode 100644 index 0000000..48035f9 --- /dev/null +++ b/N1/2.hdr @@ -0,0 +1,3 @@ +Content-Type: text/x-diff; charset=us-ascii +Content-Disposition: attachment; + filename="0001-KVM-Add-KVM_EXIT_MEMORY_FAULT-exit-to-report-faults-.patch" diff --git a/N1/2.txt b/N1/2.txt new file mode 100644 index 0000000..71e7a22 --- /dev/null +++ b/N1/2.txt @@ -0,0 +1,230 @@ +From ca887b5ed3b344562411cf2876a68a82bd0f584b Mon Sep 17 00:00:00 2001 +From: Chao Peng <chao.p.peng@linux.intel.com> +Date: Wed, 13 Sep 2023 18:55:05 -0700 +Subject: [PATCH] KVM: Add KVM_EXIT_MEMORY_FAULT exit to report faults to + userspace + +Add a new KVM exit type to allow userspace to handle memory faults that +KVM cannot resolve, but that userspace *may* be able to handle (without +terminating the guest). + +KVM will initially use KVM_EXIT_MEMORY_FAULT to report implicit +conversions between private and shared memory. With guest private memory, +there will be two kind of memory conversions: + + - explicit conversion: happens when the guest explicitly calls into KVM + to map a range (as private or shared) + + - implicit conversion: happens when the guest attempts to access a gfn + that is configured in the "wrong" state (private vs. shared) + +On x86 (first architecture to support guest private memory), explicit +conversions will be reported via KVM_EXIT_HYPERCALL+KVM_HC_MAP_GPA_RANGE, +but reporting KVM_EXIT_HYPERCALL for implicit conversions is undesriable +as there is (obviously) no hypercall, and there is no guarantee that the +guest actually intends to convert between private and shared, i.e. what +KVM thinks is an implicit conversion "request" could actually be the +result of a guest code bug. + +KVM_EXIT_MEMORY_FAULT will be used to report memory faults that appear to +be implicit conversions. + +Use bit 3 for flagging private memory so that KVM can use bits 0-2 for +capturing RWX behavior if/when userspace needs such information. + +Add a new capability, KVM_CAP_MEMORY_FAULT_INFO, to advertise support for +KVM_EXIT_MEMORY_FAULT. There is at least one other in-flight use case for +using KVM_EXIT_MEMORY_FAULT+memory_fault to resolve faults in userspace, +providing a dedicated capability allows userspace to query KVM support for +annotating faults without having to depend on an unrelated feature, i.e. +the proposed userfault-on-missing functionality shouldn't have to depend +on private memory support. + +Note! To allow for future possibilities where KVM reports +KVM_EXIT_MEMORY_FAULT and fills run->memory_fault on _any_ unresolved +fault, KVM returns "-EFAULT" (-1 with errno == EFAULT from userspace's +perspective), not '0'! Due to historical baggage within KVM, exiting to +userspace with '0' from deep callstacks, e.g. in emulation paths, is +infeasible as doing so would require a near-complete overhaul of KVM, +whereas KVM already propagates -errno return codes to userspace even when +the -errno originated in a low level helper. + +Returning an errno will also allow KVM to differentiate hardware poisoned +memory errors, i.e. by returning with errno=EHWPOISON. + +Link: https://lore.kernel.org/all/20230908222905.1321305-5-amoorthy@google.com +Cc: Anish Moorthy <amoorthy@google.com> +Suggested-by: Sean Christopherson <seanjc@google.com> +Co-developed-by: Yu Zhang <yu.c.zhang@linux.intel.com> +Signed-off-by: Yu Zhang <yu.c.zhang@linux.intel.com> +Signed-off-by: Chao Peng <chao.p.peng@linux.intel.com> +Co-developed-by: Anish Moorthy <amoorthy@google.com> +Signed-off-by: Anish Moorthy <amoorthy@google.com> +Co-developed-by: Sean Christopherson <seanjc@google.com> +Signed-off-by: Sean Christopherson <seanjc@google.com> +--- + Documentation/virt/kvm/api.rst | 45 ++++++++++++++++++++++++++++++++++ + arch/x86/kvm/x86.c | 1 + + include/linux/kvm_host.h | 15 ++++++++++++ + include/uapi/linux/kvm.h | 9 +++++++ + virt/kvm/kvm_main.c | 10 ++++++++ + 5 files changed, 80 insertions(+) + +diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst +index 21a7578142a1..63347d0add3b 100644 +--- a/Documentation/virt/kvm/api.rst ++++ b/Documentation/virt/kvm/api.rst +@@ -6702,6 +6702,30 @@ array field represents return values. The userspace should update the return + values of SBI call before resuming the VCPU. For more details on RISC-V SBI + spec refer, https://github.com/riscv/riscv-sbi-doc. + ++:: ++ ++ /* KVM_EXIT_MEMORY_FAULT */ ++ struct { ++ #define KVM_MEMORY_EXIT_FLAG_PRIVATE (1ULL << 3) ++ __u64 flags; ++ __u64 gpa; ++ __u64 size; ++ } memory; ++ ++KVM_EXIT_MEMORY_FAULT indicates the vCPU has encountered a memory fault that ++could not be resolved by KVM. The 'gpa' and 'size' (in bytes) describe the ++guest physical address range [gpa, gpa + size) of the fault. The 'flags' field ++describes properties of the faulting access that are likely pertinent: ++ ++ - KVM_MEMORY_EXIT_FLAG_PRIVATE - When set, indicates the memory fault occurred ++ on a private memory access. When clear, indicates the fault occurred on a ++ shared access. ++ ++Note! KVM_EXIT_MEMORY_FAULT is unique among all KVM exit reasons in that it ++accompanies a return code of '-1', not '0'! errno will always be set to EFAULT ++or EHWPOISON when KVM exits with KVM_EXIT_MEMORY_FAULT, userspace should assume ++kvm_run.exit_reason is stale/undefined for all other error numbers. ++ + :: + + /* KVM_EXIT_NOTIFY */ +@@ -7736,6 +7760,27 @@ This capability is aimed to mitigate the threat that malicious VMs can + cause CPU stuck (due to event windows don't open up) and make the CPU + unavailable to host or other VMs. + ++7.34 KVM_CAP_MEMORY_FAULT_INFO ++------------------------------ ++ ++:Architectures: x86 ++:Returns: Informational only, -EINVAL on direct KVM_ENABLE_CAP. ++ ++The presence of this capability indicates that KVM_RUN *may* fill ++kvm_run.memory_fault in response to failed guest memory accesses in a vCPU ++context. KVM only guarantees that errors that occur when handling guest page ++fault VM-Exits will be annotated, all other error paths are best effort. ++ ++The information in kvm_run.memory_fault is valid if and only if KVM_RUN returns ++an error with errno=EFAULT or errno=EHWPOISON *and* kvm_run.exit_reason is set ++to KVM_EXIT_MEMORY_FAULT. ++ ++Note: Userspaces which attempt to resolve memory faults so that they can retry ++KVM_RUN are encouraged to guard against repeatedly receiving the same ++error/annotated fault. ++ ++See KVM_EXIT_MEMORY_FAULT for more information. ++ + 8. Other capabilities. + ====================== + +diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c +index 8356907079e1..f58df6efffa4 100644 +--- a/arch/x86/kvm/x86.c ++++ b/arch/x86/kvm/x86.c +@@ -4518,6 +4518,7 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext) + case KVM_CAP_ENABLE_CAP: + case KVM_CAP_VM_DISABLE_NX_HUGE_PAGES: + case KVM_CAP_IRQFD_RESAMPLE: ++ case KVM_CAP_MEMORY_FAULT_INFO: + r = 1; + break; + case KVM_CAP_EXIT_HYPERCALL: +diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h +index 4e741ff27af3..d8c6ce6c8211 100644 +--- a/include/linux/kvm_host.h ++++ b/include/linux/kvm_host.h +@@ -2327,4 +2327,19 @@ static inline void kvm_account_pgtable_pages(void *virt, int nr) + /* Max number of entries allowed for each kvm dirty ring */ + #define KVM_DIRTY_RING_MAX_ENTRIES 65536 + ++static inline void kvm_prepare_memory_fault_exit(struct kvm_vcpu *vcpu, ++ gpa_t gpa, gpa_t size, ++ bool is_write, bool is_exec, ++ bool is_private) ++{ ++ vcpu->run->exit_reason = KVM_EXIT_MEMORY_FAULT; ++ vcpu->run->memory_fault.gpa = gpa; ++ vcpu->run->memory_fault.size = size; ++ ++ /* RWX flags are not (yet) defined or communicated to userspace. */ ++ vcpu->run->memory_fault.flags = 0; ++ if (is_private) ++ vcpu->run->memory_fault.flags |= KVM_MEMORY_EXIT_FLAG_PRIVATE; ++} ++ + #endif +diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h +index bd1abe067f28..5239d3fc1082 100644 +--- a/include/uapi/linux/kvm.h ++++ b/include/uapi/linux/kvm.h +@@ -274,6 +274,7 @@ struct kvm_xen_exit { + #define KVM_EXIT_RISCV_SBI 35 + #define KVM_EXIT_RISCV_CSR 36 + #define KVM_EXIT_NOTIFY 37 ++#define KVM_EXIT_MEMORY_FAULT 38 + + /* For KVM_EXIT_INTERNAL_ERROR */ + /* Emulate instruction failed. */ +@@ -520,6 +521,13 @@ struct kvm_run { + #define KVM_NOTIFY_CONTEXT_INVALID (1 << 0) + __u32 flags; + } notify; ++ /* KVM_EXIT_MEMORY_FAULT */ ++ struct { ++#define KVM_MEMORY_EXIT_FLAG_PRIVATE (1ULL << 3) ++ __u64 flags; ++ __u64 gpa; ++ __u64 size; ++ } memory_fault; + /* Fix the size of the union. */ + char padding[256]; + }; +@@ -1203,6 +1211,7 @@ struct kvm_ppc_resize_hpt { + #define KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE 228 + #define KVM_CAP_ARM_SUPPORTED_BLOCK_SIZES 229 + #define KVM_CAP_USER_MEMORY2 230 ++#define KVM_CAP_MEMORY_FAULT_INFO 231 + + #ifdef KVM_CAP_IRQ_ROUTING + +diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c +index 7c0e38752526..d13b646188e5 100644 +--- a/virt/kvm/kvm_main.c ++++ b/virt/kvm/kvm_main.c +@@ -4184,6 +4184,16 @@ static long kvm_vcpu_ioctl(struct file *filp, + synchronize_rcu(); + put_pid(oldpid); + } ++ ++ /* ++ * Reset the exit reason if the previous userspace exit was due ++ * to a memory fault. Not all -EFAULT exits are annotated, and ++ * so leaving exit_reason set to KVM_EXIT_MEMORY_FAULT could ++ * result in feeding userspace stale information. ++ */ ++ if (vcpu->run->exit_reason == KVM_EXIT_MEMORY_FAULT) ++ vcpu->run->exit_reason = KVM_EXIT_UNKNOWN ++ + r = kvm_arch_vcpu_ioctl_run(vcpu); + trace_kvm_userspace_exit(vcpu->run->exit_reason, r); + break; + +base-commit: 2358793cd9062b068ac25ac9c965c00d685eea92 +-- +2.42.0.515.g380fc7ccd1-goog diff --git a/a/content_digest b/N1/content_digest index b72b6d3..3e1b9a1 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -2,10 +2,37 @@ "ref\020230914015531.1419405-8-seanjc@google.com\0" "ref\0117db856-9aec-e91c-b1d4-db2b90ae563d@intel.com\0" "From\0Sean Christopherson <seanjc@google.com>\0" - "Subject\0[RFC PATCH v12 07/33] KVM: Add KVM_EXIT_MEMORY_FAULT exit to report faults to userspace\0" + "Subject\0Re: [RFC PATCH v12 07/33] KVM: Add KVM_EXIT_MEMORY_FAULT exit to report faults to userspace\0" "Date\0Fri, 22 Sep 2023 09:28:08 -0700\0" - "To\0kvm-riscv@lists.infradead.org\0" - "\00:1\0" + "To\0Xiaoyao Li <xiaoyao.li@intel.com>\0" + "Cc\0Paolo Bonzini <pbonzini@redhat.com>" + Marc Zyngier <maz@kernel.org> + Oliver Upton <oliver.upton@linux.dev> + Huacai Chen <chenhuacai@kernel.org> + Michael Ellerman <mpe@ellerman.id.au> + Anup Patel <anup@brainfault.org> + kvm@vger.kernel.org + kvmarm@lists.linux.dev + kvm-riscv@lists.infradead.org + linux-kernel@vger.kernel.org + Chao Peng <chao.p.peng@linux.intel.com> + Fuad Tabba <tabba@google.com> + Jarkko Sakkinen <jarkko@kernel.org> + Anish Moorthy <amoorthy@google.com> + Yu Zhang <yu.c.zhang@linux.intel.com> + Isaku Yamahata <isaku.yamahata@intel.com> + Xu Yilun <yilun.xu@intel.com> + Vlastimil Babka <vbabka@suse.cz> + Vishal Annapurve <vannapurve@google.com> + Ackerley Tng <ackerleytng@google.com> + Maciej Szmigiero <mail@maciej.szmigiero.name> + David Hildenbrand <david@redhat.com> + Quentin Perret <qperret@google.com> + Michael Roth <michael.roth@amd.com> + Wang <wei.w.wang@intel.com> + Liam Merwick <liam.merwick@oracle.com> + " Isaku Yamahata <isaku.yamahata@gmail.com>\0" + "\01:1\0" "b\0" "Removing non-KVM lists/people from Cc, this is going to get way off the guest_memfd\n" "track...\n" @@ -72,7 +99,7 @@ "\tif (ret != X86EMUL_CONTINUE) {\n" "\t\tkvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu);\n" "\n" - "There are multiple KVM bugs@play: read_emulate() and write_emulate() incorrectly\n" + "There are multiple KVM bugs at play: read_emulate() and write_emulate() incorrectly\n" "assume *all* failures should be treated like MMIO, and conversely ->read_std() and\n" "->write_std() don't handle *any* failures as MMIO.\n" "\n" @@ -117,9 +144,9 @@ "to massage the attached patch (result of the below being sqaushed) in case his\n" "series lands first.\n" "\n" - "[1] https://lore.kernel.org/all/202309141107.30863e9d-oliver.sang at intel.com\n" - "[2] https://lore.kernel.org/all/Y+6iX6a22+GEuH1b at google.com\n" - "[3] https://lore.kernel.org/all/ZFFbwOXZ5uI%2Fgdaf at google.com\n" + "[1] https://lore.kernel.org/all/202309141107.30863e9d-oliver.sang@intel.com\n" + "[2] https://lore.kernel.org/all/Y+6iX6a22+GEuH1b@google.com\n" + "[3] https://lore.kernel.org/all/ZFFbwOXZ5uI%2Fgdaf@google.com\n" "\n" "---\n" " Documentation/virt/kvm/api.rst | 21 +++++++++++++++++++\n" @@ -257,14 +284,239 @@ " \t\tbreak;\n" "\n" "base-commit: 67aa951d727ad2715f7ad891929f18b7f2567a0f\n" - "-- \n" + -- + "\01:2\0" + "fn\00001-KVM-Add-KVM_EXIT_MEMORY_FAULT-exit-to-report-faults-.patch\0" + "b\0" + "From ca887b5ed3b344562411cf2876a68a82bd0f584b Mon Sep 17 00:00:00 2001\n" + "From: Chao Peng <chao.p.peng@linux.intel.com>\n" + "Date: Wed, 13 Sep 2023 18:55:05 -0700\n" + "Subject: [PATCH] KVM: Add KVM_EXIT_MEMORY_FAULT exit to report faults to\n" + " userspace\n" + "\n" + "Add a new KVM exit type to allow userspace to handle memory faults that\n" + "KVM cannot resolve, but that userspace *may* be able to handle (without\n" + "terminating the guest).\n" + "\n" + "KVM will initially use KVM_EXIT_MEMORY_FAULT to report implicit\n" + "conversions between private and shared memory. With guest private memory,\n" + "there will be two kind of memory conversions:\n" + "\n" + " - explicit conversion: happens when the guest explicitly calls into KVM\n" + " to map a range (as private or shared)\n" + "\n" + " - implicit conversion: happens when the guest attempts to access a gfn\n" + " that is configured in the \"wrong\" state (private vs. shared)\n" + "\n" + "On x86 (first architecture to support guest private memory), explicit\n" + "conversions will be reported via KVM_EXIT_HYPERCALL+KVM_HC_MAP_GPA_RANGE,\n" + "but reporting KVM_EXIT_HYPERCALL for implicit conversions is undesriable\n" + "as there is (obviously) no hypercall, and there is no guarantee that the\n" + "guest actually intends to convert between private and shared, i.e. what\n" + "KVM thinks is an implicit conversion \"request\" could actually be the\n" + "result of a guest code bug.\n" + "\n" + "KVM_EXIT_MEMORY_FAULT will be used to report memory faults that appear to\n" + "be implicit conversions.\n" + "\n" + "Use bit 3 for flagging private memory so that KVM can use bits 0-2 for\n" + "capturing RWX behavior if/when userspace needs such information.\n" + "\n" + "Add a new capability, KVM_CAP_MEMORY_FAULT_INFO, to advertise support for\n" + "KVM_EXIT_MEMORY_FAULT. There is at least one other in-flight use case for\n" + "using KVM_EXIT_MEMORY_FAULT+memory_fault to resolve faults in userspace,\n" + "providing a dedicated capability allows userspace to query KVM support for\n" + "annotating faults without having to depend on an unrelated feature, i.e.\n" + "the proposed userfault-on-missing functionality shouldn't have to depend\n" + "on private memory support.\n" + "\n" + "Note! To allow for future possibilities where KVM reports\n" + "KVM_EXIT_MEMORY_FAULT and fills run->memory_fault on _any_ unresolved\n" + "fault, KVM returns \"-EFAULT\" (-1 with errno == EFAULT from userspace's\n" + "perspective), not '0'! Due to historical baggage within KVM, exiting to\n" + "userspace with '0' from deep callstacks, e.g. in emulation paths, is\n" + "infeasible as doing so would require a near-complete overhaul of KVM,\n" + "whereas KVM already propagates -errno return codes to userspace even when\n" + "the -errno originated in a low level helper.\n" + "\n" + "Returning an errno will also allow KVM to differentiate hardware poisoned\n" + "memory errors, i.e. by returning with errno=EHWPOISON.\n" + "\n" + "Link: https://lore.kernel.org/all/20230908222905.1321305-5-amoorthy@google.com\n" + "Cc: Anish Moorthy <amoorthy@google.com>\n" + "Suggested-by: Sean Christopherson <seanjc@google.com>\n" + "Co-developed-by: Yu Zhang <yu.c.zhang@linux.intel.com>\n" + "Signed-off-by: Yu Zhang <yu.c.zhang@linux.intel.com>\n" + "Signed-off-by: Chao Peng <chao.p.peng@linux.intel.com>\n" + "Co-developed-by: Anish Moorthy <amoorthy@google.com>\n" + "Signed-off-by: Anish Moorthy <amoorthy@google.com>\n" + "Co-developed-by: Sean Christopherson <seanjc@google.com>\n" + "Signed-off-by: Sean Christopherson <seanjc@google.com>\n" + "---\n" + " Documentation/virt/kvm/api.rst | 45 ++++++++++++++++++++++++++++++++++\n" + " arch/x86/kvm/x86.c | 1 +\n" + " include/linux/kvm_host.h | 15 ++++++++++++\n" + " include/uapi/linux/kvm.h | 9 +++++++\n" + " virt/kvm/kvm_main.c | 10 ++++++++\n" + " 5 files changed, 80 insertions(+)\n" "\n" - "-------------- next part --------------\n" - "A non-text attachment was scrubbed...\n" - "Name: 0001-KVM-Add-KVM_EXIT_MEMORY_FAULT-exit-to-report-faults-.patch\n" - "Type: text/x-diff\n" - "Size: 9190 bytes\n" - "Desc: not available\n" - URL: <http://lists.infradead.org/pipermail/kvm-riscv/attachments/20230922/e8b03c33/attachment.bin> + "diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst\n" + "index 21a7578142a1..63347d0add3b 100644\n" + "--- a/Documentation/virt/kvm/api.rst\n" + "+++ b/Documentation/virt/kvm/api.rst\n" + "@@ -6702,6 +6702,30 @@ array field represents return values. The userspace should update the return\n" + " values of SBI call before resuming the VCPU. For more details on RISC-V SBI\n" + " spec refer, https://github.com/riscv/riscv-sbi-doc.\n" + " \n" + "+::\n" + "+\n" + "+\t\t/* KVM_EXIT_MEMORY_FAULT */\n" + "+\t\tstruct {\n" + "+ #define KVM_MEMORY_EXIT_FLAG_PRIVATE\t(1ULL << 3)\n" + "+\t\t\t__u64 flags;\n" + "+\t\t\t__u64 gpa;\n" + "+\t\t\t__u64 size;\n" + "+\t\t} memory;\n" + "+\n" + "+KVM_EXIT_MEMORY_FAULT indicates the vCPU has encountered a memory fault that\n" + "+could not be resolved by KVM. The 'gpa' and 'size' (in bytes) describe the\n" + "+guest physical address range [gpa, gpa + size) of the fault. The 'flags' field\n" + "+describes properties of the faulting access that are likely pertinent:\n" + "+\n" + "+ - KVM_MEMORY_EXIT_FLAG_PRIVATE - When set, indicates the memory fault occurred\n" + "+ on a private memory access. When clear, indicates the fault occurred on a\n" + "+ shared access.\n" + "+\n" + "+Note! KVM_EXIT_MEMORY_FAULT is unique among all KVM exit reasons in that it\n" + "+accompanies a return code of '-1', not '0'! errno will always be set to EFAULT\n" + "+or EHWPOISON when KVM exits with KVM_EXIT_MEMORY_FAULT, userspace should assume\n" + "+kvm_run.exit_reason is stale/undefined for all other error numbers.\n" + "+\n" + " ::\n" + " \n" + " /* KVM_EXIT_NOTIFY */\n" + "@@ -7736,6 +7760,27 @@ This capability is aimed to mitigate the threat that malicious VMs can\n" + " cause CPU stuck (due to event windows don't open up) and make the CPU\n" + " unavailable to host or other VMs.\n" + " \n" + "+7.34 KVM_CAP_MEMORY_FAULT_INFO\n" + "+------------------------------\n" + "+\n" + "+:Architectures: x86\n" + "+:Returns: Informational only, -EINVAL on direct KVM_ENABLE_CAP.\n" + "+\n" + "+The presence of this capability indicates that KVM_RUN *may* fill\n" + "+kvm_run.memory_fault in response to failed guest memory accesses in a vCPU\n" + "+context. KVM only guarantees that errors that occur when handling guest page\n" + "+fault VM-Exits will be annotated, all other error paths are best effort.\n" + "+\n" + "+The information in kvm_run.memory_fault is valid if and only if KVM_RUN returns\n" + "+an error with errno=EFAULT or errno=EHWPOISON *and* kvm_run.exit_reason is set\n" + "+to KVM_EXIT_MEMORY_FAULT.\n" + "+\n" + "+Note: Userspaces which attempt to resolve memory faults so that they can retry\n" + "+KVM_RUN are encouraged to guard against repeatedly receiving the same\n" + "+error/annotated fault.\n" + "+\n" + "+See KVM_EXIT_MEMORY_FAULT for more information.\n" + "+\n" + " 8. Other capabilities.\n" + " ======================\n" + " \n" + "diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c\n" + "index 8356907079e1..f58df6efffa4 100644\n" + "--- a/arch/x86/kvm/x86.c\n" + "+++ b/arch/x86/kvm/x86.c\n" + "@@ -4518,6 +4518,7 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)\n" + " \tcase KVM_CAP_ENABLE_CAP:\n" + " \tcase KVM_CAP_VM_DISABLE_NX_HUGE_PAGES:\n" + " \tcase KVM_CAP_IRQFD_RESAMPLE:\n" + "+\tcase KVM_CAP_MEMORY_FAULT_INFO:\n" + " \t\tr = 1;\n" + " \t\tbreak;\n" + " \tcase KVM_CAP_EXIT_HYPERCALL:\n" + "diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h\n" + "index 4e741ff27af3..d8c6ce6c8211 100644\n" + "--- a/include/linux/kvm_host.h\n" + "+++ b/include/linux/kvm_host.h\n" + "@@ -2327,4 +2327,19 @@ static inline void kvm_account_pgtable_pages(void *virt, int nr)\n" + " /* Max number of entries allowed for each kvm dirty ring */\n" + " #define KVM_DIRTY_RING_MAX_ENTRIES 65536\n" + " \n" + "+static inline void kvm_prepare_memory_fault_exit(struct kvm_vcpu *vcpu,\n" + "+\t\t\t\t\t\t gpa_t gpa, gpa_t size,\n" + "+\t\t\t\t\t\t bool is_write, bool is_exec,\n" + "+\t\t\t\t\t\t bool is_private)\n" + "+{\n" + "+\tvcpu->run->exit_reason = KVM_EXIT_MEMORY_FAULT;\n" + "+\tvcpu->run->memory_fault.gpa = gpa;\n" + "+\tvcpu->run->memory_fault.size = size;\n" + "+\n" + "+\t/* RWX flags are not (yet) defined or communicated to userspace. */\n" + "+\tvcpu->run->memory_fault.flags = 0;\n" + "+\tif (is_private)\n" + "+\t\tvcpu->run->memory_fault.flags |= KVM_MEMORY_EXIT_FLAG_PRIVATE;\n" + "+}\n" + "+\n" + " #endif\n" + "diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h\n" + "index bd1abe067f28..5239d3fc1082 100644\n" + "--- a/include/uapi/linux/kvm.h\n" + "+++ b/include/uapi/linux/kvm.h\n" + "@@ -274,6 +274,7 @@ struct kvm_xen_exit {\n" + " #define KVM_EXIT_RISCV_SBI 35\n" + " #define KVM_EXIT_RISCV_CSR 36\n" + " #define KVM_EXIT_NOTIFY 37\n" + "+#define KVM_EXIT_MEMORY_FAULT 38\n" + " \n" + " /* For KVM_EXIT_INTERNAL_ERROR */\n" + " /* Emulate instruction failed. */\n" + "@@ -520,6 +521,13 @@ struct kvm_run {\n" + " #define KVM_NOTIFY_CONTEXT_INVALID\t(1 << 0)\n" + " \t\t\t__u32 flags;\n" + " \t\t} notify;\n" + "+\t\t/* KVM_EXIT_MEMORY_FAULT */\n" + "+\t\tstruct {\n" + "+#define KVM_MEMORY_EXIT_FLAG_PRIVATE\t(1ULL << 3)\n" + "+\t\t\t__u64 flags;\n" + "+\t\t\t__u64 gpa;\n" + "+\t\t\t__u64 size;\n" + "+\t\t} memory_fault;\n" + " \t\t/* Fix the size of the union. */\n" + " \t\tchar padding[256];\n" + " \t};\n" + "@@ -1203,6 +1211,7 @@ struct kvm_ppc_resize_hpt {\n" + " #define KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE 228\n" + " #define KVM_CAP_ARM_SUPPORTED_BLOCK_SIZES 229\n" + " #define KVM_CAP_USER_MEMORY2 230\n" + "+#define KVM_CAP_MEMORY_FAULT_INFO 231\n" + " \n" + " #ifdef KVM_CAP_IRQ_ROUTING\n" + " \n" + "diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c\n" + "index 7c0e38752526..d13b646188e5 100644\n" + "--- a/virt/kvm/kvm_main.c\n" + "+++ b/virt/kvm/kvm_main.c\n" + "@@ -4184,6 +4184,16 @@ static long kvm_vcpu_ioctl(struct file *filp,\n" + " \t\t\t\tsynchronize_rcu();\n" + " \t\t\tput_pid(oldpid);\n" + " \t\t}\n" + "+\n" + "+\t\t/*\n" + "+\t\t * Reset the exit reason if the previous userspace exit was due\n" + "+\t\t * to a memory fault. Not all -EFAULT exits are annotated, and\n" + "+\t\t * so leaving exit_reason set to KVM_EXIT_MEMORY_FAULT could\n" + "+\t\t * result in feeding userspace stale information.\n" + "+\t\t */\n" + "+\t\tif (vcpu->run->exit_reason == KVM_EXIT_MEMORY_FAULT)\n" + "+\t\t\tvcpu->run->exit_reason = KVM_EXIT_UNKNOWN\n" + "+\n" + " \t\tr = kvm_arch_vcpu_ioctl_run(vcpu);\n" + " \t\ttrace_kvm_userspace_exit(vcpu->run->exit_reason, r);\n" + " \t\tbreak;\n" + "\n" + "base-commit: 2358793cd9062b068ac25ac9c965c00d685eea92\n" + "-- \n" + 2.42.0.515.g380fc7ccd1-goog -2c2a37afb20e3c63ea4baceaeca4fb73fcc2034ccc75204540b1558a6b1aa3d1 +8ae7e2e427164f5b552137afe320fd245bce438aee9ee7d8fdbb6a786619ac97
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.