Kernel KVM virtualization development
 help / color / mirror / Atom feed
* [PATCH 0/2] KVM: x86: Fix and a cleanup for async #PFs
@ 2025-02-15  1:06 Sean Christopherson
  2025-02-15  1:06 ` [PATCH 1/2] KVM: x86: Don't inject PV async #PF if SEND_ALWAYS=0 and guest state is protected Sean Christopherson
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Sean Christopherson @ 2025-02-15  1:06 UTC (permalink / raw)
  To: Sean Christopherson, Paolo Bonzini; +Cc: kvm, linux-kernel

Fix an issue with async #PF and protected guests (which really shouldn't be
using PV asyng #PFs), and clean up naming related to SEND_ALWAYS.

Sean Christopherson (2):
  KVM: x86: Don't inject PV async #PF if SEND_ALWAYS=0 and guest state
    is protected
  KVM: x86: Rename and invert async #PF's send_user_only flag to
    send_always

 arch/x86/include/asm/kvm_host.h | 2 +-
 arch/x86/kvm/x86.c              | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)


base-commit: fed48e2967f402f561d80075a20c5c9e16866e53
-- 
2.48.1.601.g30ceb7b040-goog


^ permalink raw reply	[flat|nested] 4+ messages in thread
* [PATCH 1/2] KVM: x86: Don't inject PV async #PF if SEND_ALWAYS=0 and guest state is protected
  2025-02-15  1:06 [PATCH 0/2] KVM: x86: Fix and a cleanup for async #PFs Sean Christopherson
@ 2025-02-15  1:06 ` Sean Christopherson
  2025-02-15  1:06 ` [PATCH 2/2] KVM: x86: Rename and invert async #PF's send_user_only flag to send_always Sean Christopherson
  2025-02-28 17:06 ` [PATCH 0/2] KVM: x86: Fix and a cleanup for async #PFs Sean Christopherson
  2 siblings, 0 replies; 4+ messages in thread
From: Sean Christopherson @ 2025-02-15  1:06 UTC (permalink / raw)
  To: Sean Christopherson, Paolo Bonzini; +Cc: kvm, linux-kernel

Don't inject PV async #PFs into guests with protected register state, i.e.
SEV-ES and SEV-SNP guests, unless the guest has opted-in to receiving #PFs
at CPL0.  For protected guests, the actual CPL of the guest is unknown.

Note, no sane CoCo guest should enable PV async #PF, but the current state
of Linux-as-a-CoCo-guest isn't entirely sane.

Fixes: add5e2f04541 ("KVM: SVM: Add support for the SEV-ES VMSA")
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/x86.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 58b82d6fd77c..3b67425c3e3d 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -13395,7 +13395,7 @@ static bool kvm_can_deliver_async_pf(struct kvm_vcpu *vcpu)
 		return false;
 
 	if (vcpu->arch.apf.send_user_only &&
-	    kvm_x86_call(get_cpl)(vcpu) == 0)
+	    (vcpu->arch.guest_state_protected || !kvm_x86_call(get_cpl)(vcpu)))
 		return false;
 
 	if (is_guest_mode(vcpu)) {
-- 
2.48.1.601.g30ceb7b040-goog


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [PATCH 2/2] KVM: x86: Rename and invert async #PF's send_user_only flag to send_always
  2025-02-15  1:06 [PATCH 0/2] KVM: x86: Fix and a cleanup for async #PFs Sean Christopherson
  2025-02-15  1:06 ` [PATCH 1/2] KVM: x86: Don't inject PV async #PF if SEND_ALWAYS=0 and guest state is protected Sean Christopherson
@ 2025-02-15  1:06 ` Sean Christopherson
  2025-02-28 17:06 ` [PATCH 0/2] KVM: x86: Fix and a cleanup for async #PFs Sean Christopherson
  2 siblings, 0 replies; 4+ messages in thread
From: Sean Christopherson @ 2025-02-15  1:06 UTC (permalink / raw)
  To: Sean Christopherson, Paolo Bonzini; +Cc: kvm, linux-kernel

Rename send_user_only to avoid "user", because KVM's ABI is to not inject
page faults into CPL0, whereas "user" in x86 is specifically CPL3.  Invert
the polarity to keep the naming simple and unambiguous.  E.g. while KVM
often refers to CPL0 as "kernel", that terminology isn't ubiquitous, and
"send_kernel" could be misconstrued as "send only to kernel".

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/include/asm/kvm_host.h | 2 +-
 arch/x86/kvm/x86.c              | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 3506f497741b..0f1c57006da3 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -999,8 +999,8 @@ struct kvm_vcpu_arch {
 		u64 msr_int_val; /* MSR_KVM_ASYNC_PF_INT */
 		u16 vec;
 		u32 id;
-		bool send_user_only;
 		u32 host_apf_flags;
+		bool send_always;
 		bool delivery_as_pf_vmexit;
 		bool pageready_pending;
 	} apf;
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 3b67425c3e3d..c8e2d905c172 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -3561,7 +3561,7 @@ static int kvm_pv_enable_async_pf(struct kvm_vcpu *vcpu, u64 data)
 					sizeof(u64)))
 		return 1;
 
-	vcpu->arch.apf.send_user_only = !(data & KVM_ASYNC_PF_SEND_ALWAYS);
+	vcpu->arch.apf.send_always = (data & KVM_ASYNC_PF_SEND_ALWAYS);
 	vcpu->arch.apf.delivery_as_pf_vmexit = data & KVM_ASYNC_PF_DELIVERY_AS_PF_VMEXIT;
 
 	kvm_async_pf_wakeup_all(vcpu);
@@ -13394,7 +13394,7 @@ static bool kvm_can_deliver_async_pf(struct kvm_vcpu *vcpu)
 	if (!kvm_pv_async_pf_enabled(vcpu))
 		return false;
 
-	if (vcpu->arch.apf.send_user_only &&
+	if (!vcpu->arch.apf.send_always &&
 	    (vcpu->arch.guest_state_protected || !kvm_x86_call(get_cpl)(vcpu)))
 		return false;
 
-- 
2.48.1.601.g30ceb7b040-goog


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH 0/2] KVM: x86: Fix and a cleanup for async #PFs
  2025-02-15  1:06 [PATCH 0/2] KVM: x86: Fix and a cleanup for async #PFs Sean Christopherson
  2025-02-15  1:06 ` [PATCH 1/2] KVM: x86: Don't inject PV async #PF if SEND_ALWAYS=0 and guest state is protected Sean Christopherson
  2025-02-15  1:06 ` [PATCH 2/2] KVM: x86: Rename and invert async #PF's send_user_only flag to send_always Sean Christopherson
@ 2025-02-28 17:06 ` Sean Christopherson
  2 siblings, 0 replies; 4+ messages in thread
From: Sean Christopherson @ 2025-02-28 17:06 UTC (permalink / raw)
  To: Sean Christopherson, Paolo Bonzini; +Cc: kvm, linux-kernel

On Fri, 14 Feb 2025 17:06:07 -0800, Sean Christopherson wrote:
> Fix an issue with async #PF and protected guests (which really shouldn't be
> using PV asyng #PFs), and clean up naming related to SEND_ALWAYS.
> 
> Sean Christopherson (2):
>   KVM: x86: Don't inject PV async #PF if SEND_ALWAYS=0 and guest state
>     is protected
>   KVM: x86: Rename and invert async #PF's send_user_only flag to
>     send_always
> 
> [...]

Applied to kvm-x86 misc, thanks!

[1/2] KVM: x86: Don't inject PV async #PF if SEND_ALWAYS=0 and guest state is protected
      https://github.com/kvm-x86/linux/commit/b9595d1ddef8
[2/2] KVM: x86: Rename and invert async #PF's send_user_only flag to send_always
      https://github.com/kvm-x86/linux/commit/4fa0efb43a78

--
https://github.com/kvm-x86/linux/tree/next

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2025-02-28 17:06 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-02-15  1:06 [PATCH 0/2] KVM: x86: Fix and a cleanup for async #PFs Sean Christopherson
2025-02-15  1:06 ` [PATCH 1/2] KVM: x86: Don't inject PV async #PF if SEND_ALWAYS=0 and guest state is protected Sean Christopherson
2025-02-15  1:06 ` [PATCH 2/2] KVM: x86: Rename and invert async #PF's send_user_only flag to send_always Sean Christopherson
2025-02-28 17:06 ` [PATCH 0/2] KVM: x86: Fix and a cleanup for async #PFs Sean Christopherson

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox