From: Liran Alon <LIRAN.ALON@ORACLE.COM>
To: "Jim Mattson" <jmattson@google.com>, "Radim Krčmář" <rkrcmar@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
kvm list <kvm@vger.kernel.org>,
Idan Brown <idan.brown@ORACLE.COM>,
Konrad Rzeszutek Wilk <konrad.wilk@ORACLE.COM>
Subject: Re: [PATCH v2] KVM: nVMX/nSVM: Don't intercept #UD when running L2
Date: Sat, 02 Dec 2017 02:27:03 +0200 [thread overview]
Message-ID: <5A21F357.4080108@ORACLE.COM> (raw)
In-Reply-To: <CALMp9eRxbcDKjNEFRqZkWDrL53GzPdFTe7rvB69p3152iunyNw@mail.gmail.com>
On 02/12/17 01:00, Jim Mattson wrote:
> How does this change interact with commit 84cffe499b94 ("kvm: Emulate MOVBE")?
>
> If the hardware doesn't support MOVBE, but L0 sets CPUID.01H:ECX.MOVBE
> in L1's emulated CPUID information, then L1 is likely to pass that
> CPUID bit through to L2. L2 will expect MOVBE to work, but if L1
> doesn't intercept #UD, then any MOVBE instruction executed in L2 will
> raise #UD, and the exception will be delivered in L2.
>
Nice catch.
When I considered the functionality of the original commit which I
attempted to fix (commit ae1f57670703 ("KVM: nVMX: Do not emulate #UD
while in guest mode")), my patch made sense as a more complete and
better fix.
However, both my patch and the original patch don't seem to consider the
issue you present here. I completely agree.
Maybe it was better just reverting my patch and commit ae1f57670703. I
think the attempt of that patch was to make L0 not simulate behaviour it
simulates for L1 in L2 as-well. but after reading your reply, I think
that it is a desired behaviour...
-Liran
>
> On Fri, Nov 10, 2017 at 1:37 PM, Radim Krčmář <rkrcmar@redhat.com> wrote:
>> 2017-11-06 16:15+0200, Liran Alon:
>>> When running L2, #UD should be intercepted by L1 or just forwarded
>>> directly to L2. It should not reach L0 x86 emulator.
>>> Therefore, set intercept for #UD only based on L1 exception-bitmap.
>>>
>>> Also add WARN_ON_ONCE() on L0 #UD intercept handlers to make sure
>>> it is never reached while running L2.
>>>
>>> This improves commit ae1f57670703 ("KVM: nVMX: Do not emulate #UD while
>>> in guest mode") by removing an unnecessary exit from L2 to L0 on #UD
>>> when L1 doesn't intercept it.
>>>
>>> In addition, SVM L0 #UD intercept handler doesn't handle correctly the
>>> case it is raised from L2. In this case, it should forward the #UD to
>>> guest instead of x86 emulator. As done in VMX #UD intercept handler.
>>> This commit fixes this issue as-well.
>>>
>>> Signed-off-by: Liran Alon <liran.alon@oracle.com>
>>> Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
>>> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
>>> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
>>> ---
>>
>> Applied, thanks.
next prev parent reply other threads:[~2017-12-02 0:27 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-06 14:15 [PATCH v2] KVM: nVMX/nSVM: Don't intercept #UD when running L2 Liran Alon
2017-11-06 14:16 ` Paolo Bonzini
2017-11-07 1:23 ` Wanpeng Li
2017-11-10 21:37 ` Radim Krčmář
2017-12-01 23:00 ` Jim Mattson
2017-12-01 23:08 ` Jim Mattson
2017-12-02 0:27 ` Liran Alon [this message]
2018-01-10 19:56 ` Jim Mattson
-- strict thread matches above, loose matches on Subject: below --
2018-01-10 23:01 Liran Alon
2018-01-11 10:34 ` Paolo Bonzini
2018-01-11 13:29 Liran Alon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5A21F357.4080108@ORACLE.COM \
--to=liran.alon@oracle.com \
--cc=idan.brown@ORACLE.COM \
--cc=jmattson@google.com \
--cc=konrad.wilk@ORACLE.COM \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).