From: Sean Christopherson <seanjc@google.com>
To: Maxim Levitsky <mlevitsk@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
Hou Wenlong <houwenlong.hwl@antgroup.com>,
Kechen Lu <kechenl@nvidia.com>,
Oliver Upton <oliver.upton@linux.dev>,
Binbin Wu <binbin.wu@linux.intel.com>,
Yang Weijiang <weijiang.yang@intel.com>,
Robert Hoo <robert.hoo.linux@gmail.com>
Subject: Re: [PATCH v2 10/49] KVM: x86: Drop now-redundant MAXPHYADDR and GPA rsvd bits from vCPU creation
Date: Mon, 8 Jul 2024 12:53:12 -0700 [thread overview]
Message-ID: <ZoxDqKdh37qpm-HQ@google.com> (raw)
In-Reply-To: <ccbed564392478b3a5bb51b650a102ca474ba7e0.camel@redhat.com>
On Thu, Jul 04, 2024, Maxim Levitsky wrote:
> On Fri, 2024-05-17 at 10:38 -0700, Sean Christopherson wrote:
> > Drop the manual initialization of maxphyaddr and reserved_gpa_bits during
> > vCPU creation now that kvm_arch_vcpu_create() unconditionally invokes
> > kvm_vcpu_after_set_cpuid(), which handles all such CPUID caching.
> >
> > None of the helpers between the existing code in kvm_arch_vcpu_create()
> > and the call to kvm_vcpu_after_set_cpuid() consume maxphyaddr or
> > reserved_gpa_bits (though auditing vmx_vcpu_create() and svm_vcpu_create()
> > isn't exactly easy). And even if that weren't the case, KVM _must_
> > refresh any affected state during kvm_vcpu_after_set_cpuid(), e.g. to
> > correctly handle KVM_SET_CPUID2. In other words, this can't introduce a
> > new bug, only expose an existing bug (of which there don't appear to be
> > any).
>
>
> IMHO the change is not as bulletproof as claimed:
>
> If some code does access the uninitialized state (e.g vcpu->arch.maxphyaddr
> which will be zero, I assume), in between these calls, then even though later
> the correct CPUID will be set and should override the incorrect state set
> earlier, the problem *is* that the mentioned code will have to deal with non
> architecturally possible value (e.g maxphyaddr == 0) which might cause a bug
> in it.
>
> Of course such code currently doesn't exist, so it works but it can fail in
> the future.
Similar to not consuming a null cpuid_entries, any such future bug should never
escape developer testing since this is a very fixed sequence. And practically
speaking, completely closing these holes isn't feasible because it's impossible
to initialize everything simultaneously, i.e. some amount of code will always
need to execute with zero-initialized vCPU state.
> How about we move the call to kvm_vcpu_after_set_cpuid upward?
A drop-in replacement was my preference too, but it doesn't work. :-/
kvm_vcpu_after_set_cpuid() needs to be called after vcpu_load(), e.g. VMX's
hook will do VMWRITE.
next prev parent reply other threads:[~2024-07-08 19:53 UTC|newest]
Thread overview: 185+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-17 17:38 [PATCH v2 00/49] KVM: x86: CPUID overhaul, fixes, and caching Sean Christopherson
2024-05-17 17:38 ` [PATCH v2 01/49] KVM: x86: Do all post-set CPUID processing during vCPU creation Sean Christopherson
2024-07-05 0:48 ` Maxim Levitsky
2024-07-08 18:46 ` Sean Christopherson
2024-07-24 17:24 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 02/49] KVM: x86: Explicitly do runtime CPUID updates "after" initial setup Sean Christopherson
2024-07-05 0:51 ` Maxim Levitsky
2024-07-09 19:46 ` Sean Christopherson
2024-07-24 17:24 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 03/49] KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX Sean Christopherson
2024-07-05 0:55 ` Maxim Levitsky
2024-07-09 19:58 ` Sean Christopherson
2024-07-24 17:28 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 04/49] KVM: selftests: Update x86's set_sregs_test to match KVM's CPUID enforcement Sean Christopherson
2024-07-05 0:55 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 05/49] KVM: selftests: Assert that the @cpuid passed to get_cpuid_entry() is non-NULL Sean Christopherson
2024-07-05 0:58 ` Maxim Levitsky
2024-07-08 19:33 ` Sean Christopherson
2024-07-24 17:28 ` Maxim Levitsky
2024-11-21 18:57 ` Sean Christopherson
2024-05-17 17:38 ` [PATCH v2 06/49] KVM: selftests: Refresh vCPU CPUID cache in __vcpu_get_cpuid_entry() Sean Christopherson
2024-07-05 0:59 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 07/49] KVM: selftests: Verify KVM stuffs runtime CPUID OS bits on CR4 writes Sean Christopherson
2024-07-05 1:02 ` Maxim Levitsky
2024-07-08 19:39 ` Sean Christopherson
2024-05-17 17:38 ` [PATCH v2 08/49] KVM: x86: Move __kvm_is_valid_cr4() definition to x86.h Sean Christopherson
2024-07-05 1:02 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 09/49] KVM: x86/pmu: Drop now-redundant refresh() during init() Sean Christopherson
2024-07-05 1:02 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 10/49] KVM: x86: Drop now-redundant MAXPHYADDR and GPA rsvd bits from vCPU creation Sean Christopherson
2024-07-05 1:13 ` Maxim Levitsky
2024-07-08 19:53 ` Sean Christopherson [this message]
2024-07-24 17:30 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 11/49] KVM: x86: Disallow KVM_CAP_X86_DISABLE_EXITS after " Sean Christopherson
2024-07-05 1:17 ` Maxim Levitsky
2024-07-08 19:43 ` Sean Christopherson
2024-07-24 17:31 ` Maxim Levitsky
2024-07-25 18:07 ` Sean Christopherson
2024-07-12 7:42 ` Xiaoyao Li
2024-05-17 17:38 ` [PATCH v2 12/49] KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed Sean Christopherson
2024-05-22 5:09 ` Binbin Wu
2024-05-28 18:56 ` Sean Christopherson
2024-07-05 1:17 ` Maxim Levitsky
2024-07-12 7:51 ` Xiaoyao Li
2024-07-12 13:31 ` Sean Christopherson
2024-05-17 17:38 ` [PATCH v2 13/49] KVM: selftests: Fix a bad TEST_REQUIRE() in x86's KVM PV test Sean Christopherson
2024-07-05 1:17 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 14/49] KVM: selftests: Update x86's KVM PV test to match KVM's disabling exits behavior Sean Christopherson
2024-07-05 1:17 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 15/49] KVM: x86: Zero out PV features cache when the CPUID leaf is not present Sean Christopherson
2024-07-05 1:17 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 16/49] KVM: x86: Don't update PV features caches when enabling enforcement capability Sean Christopherson
2024-07-05 1:17 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 17/49] KVM: x86: Do reverse CPUID sanity checks in __feature_leaf() Sean Christopherson
2024-07-05 1:17 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 18/49] KVM: x86: Account for max supported CPUID leaf when getting raw host CPUID Sean Christopherson
2024-06-19 6:17 ` Yang, Weijiang
2024-06-19 8:07 ` Yang, Weijiang
2024-07-05 1:17 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 19/49] KVM: x86: Add a macro to init CPUID features that ignore host kernel support Sean Christopherson
2024-07-05 1:21 ` Maxim Levitsky
2024-07-08 20:53 ` Sean Christopherson
2024-07-24 17:39 ` Maxim Levitsky
2024-07-08 22:36 ` Sean Christopherson
2024-07-24 17:40 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 20/49] KVM: x86: Rename kvm_cpu_cap_mask() to kvm_cpu_cap_init() Sean Christopherson
2024-05-22 6:23 ` Binbin Wu
2024-05-28 18:54 ` Sean Christopherson
2024-07-05 1:24 ` Maxim Levitsky
2024-05-17 17:38 ` [PATCH v2 21/49] KVM: x86: Add a macro to init CPUID features that are 64-bit only Sean Christopherson
2024-07-05 1:24 ` Maxim Levitsky
2024-07-17 13:31 ` Xiaoyao Li
2024-05-17 17:38 ` [PATCH v2 22/49] KVM: x86: Add a macro to precisely handle aliased 0x1.EDX CPUID features Sean Christopherson
2024-07-05 1:25 ` Maxim Levitsky
2024-07-08 21:08 ` Sean Christopherson
2024-07-24 17:46 ` Maxim Levitsky
2024-07-25 18:39 ` Sean Christopherson
2024-08-05 11:06 ` mlevitsk
2024-08-05 22:00 ` Sean Christopherson
2024-09-10 20:37 ` Maxim Levitsky
2024-09-11 15:37 ` Sean Christopherson
2024-11-22 3:17 ` Maxim Levitsky
2024-11-27 14:38 ` Sean Christopherson
2024-05-17 17:39 ` [PATCH v2 23/49] KVM: x86: Handle kernel- and KVM-defined CPUID words in a single helper Sean Christopherson
2024-07-05 1:28 ` Maxim Levitsky
2024-07-08 21:18 ` Sean Christopherson
2024-07-17 14:00 ` Xiaoyao Li
2024-07-24 17:51 ` Maxim Levitsky
2024-07-25 19:18 ` Sean Christopherson
2024-08-05 11:07 ` mlevitsk
2024-05-17 17:39 ` [PATCH v2 24/49] KVM: x86: #undef SPEC_CTRL_SSBD in cpuid.c to avoid macro collisions Sean Christopherson
2024-07-05 1:30 ` Maxim Levitsky
2024-07-08 21:29 ` Sean Christopherson
2024-07-24 17:54 ` Maxim Levitsky
2024-07-26 23:34 ` Sean Christopherson
2024-08-05 11:11 ` mlevitsk
2024-08-05 21:35 ` Sean Christopherson
2024-09-10 20:37 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 25/49] KVM: x86: Harden CPU capabilities processing against out-of-scope features Sean Christopherson
2024-07-05 1:31 ` Maxim Levitsky
2024-07-09 18:11 ` Sean Christopherson
2024-07-24 17:55 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 26/49] KVM: x86: Add a macro to init CPUID features that KVM emulates in software Sean Christopherson
2024-07-05 1:59 ` Maxim Levitsky
2024-07-08 22:30 ` Sean Christopherson
2024-07-24 17:58 ` Maxim Levitsky
2024-07-27 0:06 ` Sean Christopherson
2024-08-05 11:16 ` mlevitsk
2024-08-05 19:59 ` Sean Christopherson
2024-09-10 20:41 ` Maxim Levitsky
2024-09-11 16:03 ` Sean Christopherson
2024-11-22 3:28 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 27/49] KVM: x86: Swap incoming guest CPUID into vCPU before massaging in KVM_SET_CPUID2 Sean Christopherson
2024-07-05 1:32 ` Maxim Levitsky
2024-07-08 21:37 ` Sean Christopherson
2024-05-17 17:39 ` [PATCH v2 28/49] KVM: x86: Clear PV_UNHALT for !HLT-exiting only when userspace sets CPUID Sean Christopherson
2024-07-05 1:32 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 29/49] KVM: x86: Remove unnecessary caching of KVM's PV CPUID base Sean Christopherson
2024-07-05 1:51 ` Maxim Levitsky
2024-07-09 19:00 ` Sean Christopherson
2024-07-24 17:59 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 30/49] KVM: x86: Always operate on kvm_vcpu data in cpuid_entry2_find() Sean Christopherson
2024-07-05 1:51 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 31/49] KVM: x86: Move kvm_find_cpuid_entry{,_index}() up near cpuid_entry2_find() Sean Christopherson
2024-07-05 1:51 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 32/49] KVM: x86: Remove all direct usage of cpuid_entry2_find() Sean Christopherson
2024-07-05 1:52 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 33/49] KVM: x86: Advertise TSC_DEADLINE_TIMER in KVM_GET_SUPPORTED_CPUID Sean Christopherson
2024-05-22 9:11 ` Binbin Wu
2024-05-28 15:21 ` Sean Christopherson
2024-07-05 2:04 ` Maxim Levitsky
2024-07-09 19:28 ` Sean Christopherson
2024-07-24 18:00 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 34/49] KVM: x86: Advertise HYPERVISOR " Sean Christopherson
2024-07-05 2:04 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 35/49] KVM: x86: Add a macro to handle features that are fully VMM controlled Sean Christopherson
2024-07-05 2:08 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 36/49] KVM: x86: Rename "governed features" helpers to use "guest_cpu_cap" Sean Christopherson
2024-05-22 14:23 ` Binbin Wu
2024-05-17 17:39 ` [PATCH v2 37/49] KVM: x86: Replace guts of "governed" features with comprehensive cpu_caps Sean Christopherson
2024-06-20 2:20 ` Yang, Weijiang
2024-07-05 2:10 ` Maxim Levitsky
2024-07-09 18:30 ` Sean Christopherson
2024-07-24 18:00 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 38/49] KVM: x86: Initialize guest cpu_caps based on guest CPUID Sean Christopherson
2024-06-20 2:24 ` Yang, Weijiang
2024-07-05 2:13 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 39/49] KVM: x86: Extract code for generating per-entry emulated CPUID information Sean Christopherson
2024-07-05 2:18 ` Maxim Levitsky
2024-07-09 0:13 ` Sean Christopherson
2024-07-24 18:00 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 40/49] KVM: x86: Initialize guest cpu_caps based on KVM support Sean Christopherson
2024-07-05 2:22 ` Maxim Levitsky
2024-07-09 0:10 ` Sean Christopherson
2024-07-24 18:01 ` Maxim Levitsky
2024-07-29 15:34 ` Sean Christopherson
2024-08-05 11:16 ` mlevitsk
2024-05-17 17:39 ` [PATCH v2 41/49] KVM: x86: Avoid double CPUID lookup when updating MWAIT at runtime Sean Christopherson
2024-07-05 2:22 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 42/49] KVM: x86: Drop unnecessary check that cpuid_entry2_find() returns right leaf Sean Christopherson
2024-07-05 2:22 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 43/49] KVM: x86: Update OS{XSAVE,PKE} bits in guest CPUID irrespective of host support Sean Christopherson
2024-07-05 2:22 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 44/49] KVM: x86: Update guest cpu_caps at runtime for dynamic CPUID-based features Sean Christopherson
2024-07-05 2:26 ` Maxim Levitsky
2024-07-09 0:24 ` Sean Christopherson
2024-09-10 20:41 ` Maxim Levitsky
2024-09-11 15:41 ` Sean Christopherson
2024-11-22 2:11 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 45/49] KVM: x86: Shuffle code to prepare for dropping guest_cpuid_has() Sean Christopherson
2024-07-05 2:26 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 46/49] KVM: x86: Replace (almost) all guest CPUID feature queries with cpu_caps Sean Christopherson
2024-07-05 2:34 ` Maxim Levitsky
2024-07-09 19:20 ` Sean Christopherson
2024-07-24 18:01 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 47/49] KVM: x86: Drop superfluous host XSAVE check when adjusting guest XSAVES caps Sean Christopherson
2024-07-05 2:36 ` Maxim Levitsky
2024-07-09 19:15 ` Sean Christopherson
2024-07-24 18:02 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 48/49] KVM: x86: Add a macro for features that are synthesized into boot_cpu_data Sean Christopherson
2024-07-05 2:43 ` Maxim Levitsky
2024-07-09 21:13 ` Sean Christopherson
2024-07-24 18:04 ` Maxim Levitsky
2024-05-17 17:39 ` [PATCH v2 49/49] *** DO NOT APPLY *** KVM: x86: Verify KVM initializes all consumed guest caps Sean Christopherson
2024-05-17 17:54 ` [PATCH v2 00/49] KVM: x86: CPUID overhaul, fixes, and caching Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZoxDqKdh37qpm-HQ@google.com \
--to=seanjc@google.com \
--cc=binbin.wu@linux.intel.com \
--cc=houwenlong.hwl@antgroup.com \
--cc=kechenl@nvidia.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mlevitsk@redhat.com \
--cc=oliver.upton@linux.dev \
--cc=pbonzini@redhat.com \
--cc=robert.hoo.linux@gmail.com \
--cc=vkuznets@redhat.com \
--cc=weijiang.yang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox