From: Sean Christopherson <seanjc@google.com>
To: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: Sagi Shahar <sagis@google.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Kiryl Shutsemau <kas@kernel.org>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
Thomas Gleixner <tglx@kernel.org>,
Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>,
x86@kernel.org, kvm@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-coco@lists.linux.dev,
Vishal Annapurve <vannapurve@google.com>,
Michael Roth <michael.roth@amd.com>
Subject: Re: [PATCH] KVM: TDX: Allow userspace to return errors to guest for MAPGPA
Date: Wed, 14 Jan 2026 13:48:05 -0800 [thread overview]
Message-ID: <aWgPFQOQRr3xcMjh@google.com> (raw)
In-Reply-To: <aWe8zESCJ0ZeAOT3@google.com>
+Mike
On Wed, Jan 14, 2026, Sean Christopherson wrote:
> On Wed, Jan 14, 2026, Xiaoyao Li wrote:
> > On 1/14/2026 8:30 AM, Sagi Shahar wrote:
> > So it needs to be
> >
> > if (vcpu->run->hypercall.ret == -EBUSY)
> > tdvmcall_set_return_code(vcpu, TDVMCALL_STATUS_RETRY);
> > else
> > tdvmcall_set_return_code(vcpu, TDVMCALL_STATUS_INVALID_OPERAND);
>
> No, because assuming everything except -EBUSY translates to
> TDVMCALL_STATUS_INVALID_OPERAND paints KVM back into the same corner its already
> in. What I care most about is eliminating KVM's assumption that a non-zero
> hypercall.ret means TDVMCALL_STATUS_INVALID_OPERAND.
>
> For the new ABI, I see two options:
>
> 1. Translate -errno as done in this patch.
> 2. Propagate hypercall.ret directly to the TDVMCALL return code, i.e. let
> userspace set any return code it wants.
>
> #1 has the downside of needing KVM changes and new uAPI every time a new return
> code is supported.
>
> #2 has the downside of preventing KVM from establishing its own ABI around the
> return code, and making the return code vendor specific. E.g. if KVM ever wanted
> to do something in response to -EBUSY beyond propagating the error to the guest,
> then we can't reasonably do that with #2.
>
> Whatever we do, I want to change snp_complete_psc_msr() and snp_complete_one_psc()
> in the same patch, so that whatever ABI we establish is common to TDX and SNP.
>
> See also https://lore.kernel.org/all/Zn8YM-s0TRUk-6T-@google.com.
Aha! Finally. I *knew* we had discussed this more recently. The SNP series to
add KVM_EXIT_SNP_REQ_CERTS uses a similar pattern. Note its intentional use of
positive values, because that's what userspace sees in errno. This code should
do the same. Oh, and we need to choose between EAGAIN and EBUSY...
switch (READ_ONCE(vcpu->run->snp_req_certs.ret)) {
case 0:
return snp_handle_guest_req(svm, control->exit_info_1,
control->exit_info_2);
case ENOSPC:
vcpu->arch.regs[VCPU_REGS_RBX] = vcpu->run->snp_req_certs.npages;
return snp_req_certs_err(svm, SNP_GUEST_VMM_ERR_INVALID_LEN);
case EAGAIN:
return snp_req_certs_err(svm, SNP_GUEST_VMM_ERR_BUSY);
case EIO:
return snp_req_certs_err(svm, SNP_GUEST_VMM_ERR_GENERIC);
default:
break;
}
https://lore.kernel.org/all/20260109231732.1160759-2-michael.roth@amd.com
next prev parent reply other threads:[~2026-01-14 21:48 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-14 0:30 [PATCH] KVM: TDX: Allow userspace to return errors to guest for MAPGPA Sagi Shahar
2026-01-14 2:59 ` Xiaoyao Li
2026-01-14 9:32 ` Binbin Wu
2026-01-14 15:57 ` Sean Christopherson
2026-01-14 21:48 ` Sean Christopherson [this message]
2026-01-15 1:22 ` Sagi Shahar
2026-01-15 1:21 ` Sagi Shahar
2026-01-15 7:47 ` Xiaoyao Li
2026-01-15 16:54 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aWgPFQOQRr3xcMjh@google.com \
--to=seanjc@google.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=kas@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=michael.roth@amd.com \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=sagis@google.com \
--cc=tglx@kernel.org \
--cc=vannapurve@google.com \
--cc=x86@kernel.org \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox