From: Sean Christopherson <seanjc@google.com>
To: Yao Yuan <yaoyuan0329os@gmail.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
x86@kernel.org, stable@vger.kernel.org
Subject: Re: [PATCH 1/4] x86/fpu: Clear XSTATE_BV[i] in save state whenever XFD[i]=1
Date: Mon, 5 Jan 2026 09:31:05 -0800 [thread overview]
Message-ID: <aVv1WTR9Zsx2FpZ0@google.com> (raw)
In-Reply-To: <aig6cfdj7vxmm5yt6lvfsyqwlnavrcl2n4z3gzomqydce5suxm@ydomfhhmwd7y>
On Sat, Jan 03, 2026, Yao Yuan wrote:
> On Thu, Jan 01, 2026 at 10:05:13AM +0100, Paolo Bonzini wrote:
> > diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c
> > index da233f20ae6f..166c380b0161 100644
> > --- a/arch/x86/kernel/fpu/core.c
> > +++ b/arch/x86/kernel/fpu/core.c
> > @@ -319,10 +319,29 @@ EXPORT_SYMBOL_FOR_KVM(fpu_enable_guest_xfd_features);
> > #ifdef CONFIG_X86_64
> > void fpu_update_guest_xfd(struct fpu_guest *guest_fpu, u64 xfd)
> > {
> > + struct fpstate *fpstate = guest_fpu->fpstate;
> > +
> > fpregs_lock();
> > - guest_fpu->fpstate->xfd = xfd;
> > - if (guest_fpu->fpstate->in_use)
> > - xfd_update_state(guest_fpu->fpstate);
> > +
> > + /*
> > + * KVM's guest ABI is that setting XFD[i]=1 *can* immediately revert
> > + * the save state to initialized. Likewise, KVM_GET_XSAVE does the
> > + * same as XSAVE and returns XSTATE_BV[i]=0 whenever XFD[i]=1.
> > + *
> > + * If the guest's FPU state is in hardware, just update XFD: the XSAVE
> > + * in fpu_swap_kvm_fpstate will clear XSTATE_BV[i] whenever XFD[i]=1.
> > + *
> > + * If however the guest's FPU state is NOT resident in hardware, clear
> > + * disabled components in XSTATE_BV now, or a subsequent XRSTOR will
> > + * attempt to load disabled components and generate #NM _in the host_.
> > + */
>
> Hi Sean and Paolo,
>
> > + if (xfd && test_thread_flag(TIF_NEED_FPU_LOAD))
> > + fpstate->regs.xsave.header.xfeatures &= ~xfd;
> > +
> > + fpstate->xfd = xfd;
> > + if (fpstate->in_use)
> > + xfd_update_state(fpstate);
>
> I see a *small* window that the Host IRQ can happen just after above
> TIF_NEED_FPU_LOAD checking, which could set TIF_NEED_FPU_LOAD
Only if the code using FPU from IRQ context is buggy. More below.
> but w/o clear the xfd from fpstate->regs.xsave.header.xfeatures.
>
> But there's WARN in in kernel_fpu_begin_mask():
>
> WARN_ON_FPU(!irq_fpu_usable());
>
> irq_fpu_usable()
> {
> ...
> /*
> * In hard interrupt context it's safe when soft interrupts
> * are enabled, which means the interrupt did not hit in
> * a fpregs_lock()'ed critical region.
> */
> return !softirq_count();
> }
>
> Looks we are relying on this to catch the above *small* window
> yet, we're in fpregs_lock() region yet.
Kernel use of FPU from (soft) IRQ context is required to check irq_fpu_usable()
(e.g. via may_use_simd()), i.e. calling fpregs_lock() protects against the kernel
using the FPU and thus setting TIF_NEED_FPU_LOAD.
The WARN in kernel_fpu_begin_mask() is purely a sanity check to help detect and
debug buggy users.
next prev parent reply other threads:[~2026-01-05 17:31 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20260101090516.316883-1-pbonzini@redhat.com>
2026-01-01 9:05 ` [PATCH 1/4] x86/fpu: Clear XSTATE_BV[i] in save state whenever XFD[i]=1 Paolo Bonzini
2026-01-03 2:06 ` Yao Yuan
2026-01-05 17:31 ` Sean Christopherson [this message]
2026-01-06 5:25 ` Yao Yuan
2026-01-06 0:54 ` Jim Mattson
2026-01-06 1:17 ` Sean Christopherson
2026-01-06 17:56 ` Jim Mattson
2026-01-15 16:07 ` Dave Hansen
2026-01-15 16:12 ` Paolo Bonzini
2026-01-15 16:27 ` Dave Hansen
2026-01-07 0:28 ` Chang S. Bae
2026-01-07 22:33 ` Paolo Bonzini
2026-01-08 3:06 ` Binbin Wu
2026-01-08 16:26 ` Paolo Bonzini
2026-01-15 15:54 ` Dave Hansen
2026-01-15 16:22 ` Paolo Bonzini
2026-01-01 9:05 ` [PATCH 2/4] selftests: kvm: replace numbered sync points with actions Paolo Bonzini
2026-01-06 0:02 ` Sean Christopherson
2026-01-07 22:28 ` Paolo Bonzini
2026-01-08 20:26 ` Sean Christopherson
2026-01-01 9:05 ` [PATCH 3/4] selftests: kvm: try getting XFD and XSAVE state out of sync Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aVv1WTR9Zsx2FpZ0@google.com \
--to=seanjc@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=stable@vger.kernel.org \
--cc=x86@kernel.org \
--cc=yaoyuan0329os@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox