From: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 9/9] KVM: x86: Disable KVM_INTEL_PROVE_VE by default
Date: Tue, 21 May 2024 11:18:28 -0700 [thread overview]
Message-ID: <ZkzldN0SwEhstwEB@google.com> (raw)
In-Reply-To: <CABgObfYo3jR7b4ZkkuwKWbon-xAAn+Lvfux7ifQUXpDWJds1hg@mail.gmail.com>
On Tue, May 21, 2024, Paolo Bonzini wrote:
> On Sat, May 18, 2024 at 2:04 AM Sean Christopherson <seanjc@google.com> wrote:
> > Disable KVM's "prove #VE" support by default, as it provides no functional
> > value, and even its sanity checking benefits are relatively limited. I.e.
> > it should be fully opt-in even on debug kernels, especially since EPT
> > Violation #VE suppression appears to be buggy on some CPUs.
>
> More #VE trapping than #VE suppression.
>
> I wouldn't go so far as making it *depend* on DEBUG_KERNEL. EXPERT
> plus the scary help message is good enough.
Works for me.
>
> What about this:
>
> diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig
> index b6831e17ec31..2864608c7016 100644
> --- a/arch/x86/kvm/Kconfig
> +++ b/arch/x86/kvm/Kconfig
> @@ -97,14 +97,15 @@ config KVM_INTEL
>
> config KVM_INTEL_PROVE_VE
> bool "Check that guests do not receive #VE exceptions"
> - depends on KVM_INTEL && DEBUG_KERNEL && EXPERT
> + depends on KVM_INTEL && EXPERT
> help
> Checks that KVM's page table management code will not incorrectly
> let guests receive a virtualization exception. Virtualization
> exceptions will be trapped by the hypervisor rather than injected
> in the guest.
>
> - This should never be enabled in a production environment.
> + Note that #VE trapping appears to be buggy on some CPUs.
I see where you're coming from, but I don't think "trapping" is much better,
e.g. it suggests there's something broken with the interception of #VEs. Ah,
the entire help text is weird.
This?
config KVM_INTEL_PROVE_VE
bool "Verify guests do not receive unexpected EPT Violation #VEs"
depends on KVM_INTEL && EXPERT
help
Enable EPT Violation #VEs (when supported) for all VMs, to verify
that KVM's EPT management code will not incorrectly result in a #VE
(KVM is supposed to supress #VEs by default). Unexpected #VEs will
be intercepted by KVM and will trigger a WARN, but are otherwise
transparent to the guest.
Note, EPT Violation #VE support appears to be buggy on some CPUs.
This should never be enabled in a production environment!
If unsure, say N.
next prev parent reply other threads:[~2024-05-21 18:18 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-18 0:04 [PATCH 0/9] KVM: x86: Fixes for KVM_INTEL_PROVE_VE Sean Christopherson
2024-05-18 0:04 ` [PATCH 1/9] KVM: x86/mmu: Use SHADOW_NONPRESENT_VALUE for atomic zap in TDP MMU Sean Christopherson
2024-05-20 12:38 ` Huang, Kai
2024-05-21 7:21 ` Isaku Yamahata
2024-05-18 0:04 ` [PATCH 2/9] KVM: nVMX: Initialize #VE info page for vmcs02 when proving #VE support Sean Christopherson
2024-05-20 23:09 ` Huang, Kai
2024-05-20 23:22 ` Sean Christopherson
2024-05-20 23:49 ` Huang, Kai
2024-05-21 0:21 ` Sean Christopherson
2024-05-21 0:42 ` Huang, Kai
2024-05-21 1:02 ` Sean Christopherson
2024-05-18 0:04 ` [PATCH 3/9] KVM: nVMX: Always handle #VEs in L0 (never forward #VEs from L2 to L1) Sean Christopherson
2024-05-18 0:04 ` [PATCH 4/9] KVM: x86/mmu: Add sanity checks that KVM doesn't create EPT #VE SPTEs Sean Christopherson
2024-05-18 0:04 ` [PATCH 5/9] KVM: VMX: Dump VMCS on unexpected #VE Sean Christopherson
2024-05-18 0:04 ` [PATCH 6/9] KVM: x86/mmu: Print SPTEs " Sean Christopherson
2024-05-18 0:04 ` [PATCH 7/9] KVM: VMX: Don't kill the VM on an " Sean Christopherson
2024-05-18 0:04 ` [PATCH 8/9] KVM: VMX: Enumerate EPT Violation #VE support in /proc/cpuinfo Sean Christopherson
2024-05-18 0:04 ` [PATCH 9/9] KVM: x86: Disable KVM_INTEL_PROVE_VE by default Sean Christopherson
2024-05-21 17:36 ` Paolo Bonzini
2024-05-21 18:18 ` Sean Christopherson [this message]
2024-05-21 20:25 ` Paolo Bonzini
2024-05-22 0:29 ` Sean Christopherson
2024-05-23 16:41 ` [PATCH 0/9] KVM: x86: Fixes for KVM_INTEL_PROVE_VE Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZkzldN0SwEhstwEB@google.com \
--to=seanjc@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.