From patchwork Tue Dec 13 06:09:05 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 2895 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp2657383wrr; Mon, 12 Dec 2022 22:10:30 -0800 (PST) X-Google-Smtp-Source: AA0mqf6NI47zpxvlygTPegYaffnnV3OVh7TRfHdv7JJuIdd3RgFwO54tFnT+S8txD/bMI8+8kBEC X-Received: by 2002:a17:906:194b:b0:7c0:cfb2:40bc with SMTP id b11-20020a170906194b00b007c0cfb240bcmr17620452eje.15.1670911830093; Mon, 12 Dec 2022 22:10:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670911830; cv=none; d=google.com; s=arc-20160816; b=JWP4uY/sas6COjfl3DJQLVrjIdvsGFwu0sCVq1m5VlPevWfT8/sAwaNrZUq3OqPoJO ro49fXZ+hn6APd3M+chToyu+3Rzx1YJ0ClEtR4SkttYtEQc2TRCqW4EF76Rds2IDnhlS 8jJ54D4uoTrOKpaPXvSECR/AyDomF7cyEy3hUXigQtZz0kplBnh4Di4IF0yR0M7UnaDS vNbAQaSigJ4rXOLwb6O/xudo07OQ3w2dM5QPmTyLwUtPww8L3uNlcTnmu1gDP+ypVpls O3rOqpBA8cEXbYsYTSs1kQ4ZcshsqJGTpIVqO9j/2lCWS7088/Ofqec/VEcWcSNNrZmh t3BA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:mime-version:date :reply-to:dkim-signature; bh=00eaw7kjaxrGW1SYs5Ps4MIsZuAaNvLwF151/5eMIQ0=; b=badVZKD42KD2moEfMd9pDifdyETTBGAXt05xERoET7tl6Ra0xbv6kc3XCBwCBRVXk2 0PLl8sDjHpj7Subm/lVn7GV5qeHbzB5OnQcB/tSX+l7QtLNLeUk95ittHBr9hI/4VyUP CfsgQAfK3SfPtH2OsZzYtZDJLe01mPAGe8ENy2NofoOFK7DlIKVYIrr6JeltHgHVIj21 UJOMWt7It/SLUcq3/xmWdnGZAkKo7011zODA3Z4+sZFcm8DXQd/alg928rnfxOuZjrRU EHsInGF2CeubzUlr5M6T/UuvD5M0aPpUK1KbBmlFtdYsWbWZKTJdL/ZSWQBzeQPEPYDE iQLw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=ZiDwtQdu; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gs13-20020a1709072d0d00b007c10ac9ca41si9682752ejc.95.2022.12.12.22.10.07; Mon, 12 Dec 2022 22:10:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=ZiDwtQdu; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234357AbiLMGJV (ORCPT + 99 others); Tue, 13 Dec 2022 01:09:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46182 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233998AbiLMGJS (ORCPT ); Tue, 13 Dec 2022 01:09:18 -0500 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 774EC1A3A0 for ; Mon, 12 Dec 2022 22:09:17 -0800 (PST) Received: by mail-pj1-x104a.google.com with SMTP id b6-20020a17090acc0600b0021a1a90a3e0so1358922pju.0 for ; Mon, 12 Dec 2022 22:09:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:mime-version:date:reply-to:from:to:cc :subject:date:message-id:reply-to; bh=00eaw7kjaxrGW1SYs5Ps4MIsZuAaNvLwF151/5eMIQ0=; b=ZiDwtQduj6UUgneRNrcM2q4j5Rp8B7OEOpXLD8GMpb8pIJEX/XAi9SMo2TYub345DW EbeUkka48R8J9ziaRCV5GAJWNfzM8FlId8NpQhRKtNjKur9X6xkKjiGm4PmLQcqztGg8 rAqNrgOqEmIFy+LQKqNqLzal1HIx3PgINz1ARCBOHbJRreasrZZDqm4SR2ltzSqfLZ01 bM0+juSyLOsF9jU1ZRpZxsQmpud770K0vDljEu/QJHKEJBeeV2uXh+oKPqYwcc1sbrTI XRTJ0wZN+z6HGSGSzVi7ueYdoACrEhAhBfPBUzvzur6HUhN1ycPY45dAD0VCc92EK2/D wZFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:mime-version:date:reply-to :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=00eaw7kjaxrGW1SYs5Ps4MIsZuAaNvLwF151/5eMIQ0=; b=i1Lmk2iCFWsb6PwZb6E3WTQ1FoOO+2CbH+jdJrURXEiI4dpp6N6jTf/Mwqi+U0uvUY 1kz9JG1yLc2HyK1epDSeYp4OW8UJR1jaeF3nDqsjAr5yhM5DBsyk81l2puvWv0811/MC ScpPvfQq4mJvk42r+Qp7puVT1RJBIPV5sCzun6vq/SM1sSQAKeUTQem7QscRcPMW6je4 21kLA19gkdKgDGRsM+Vonv05nwctYU0QzvF5ogwX/3rgTG55qIBj0TeWG9kDTGRv5lbS itoX88EufXmmmIIXxksOdWMf5CRcXZjNXubUuvaWxuwUUOKbdW010rBsczfKihR6l7Gv u6JQ== X-Gm-Message-State: ANoB5pmbNz1khqb9FrS1I1ye+znnOF6pMPRELOLYZzjtqblMnsme9wH5 2Z9ikq/tOUUrqudhkuktMadn6iYCM4Y= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90b:1010:b0:219:1d0a:34a6 with SMTP id gm16-20020a17090b101000b002191d0a34a6mr22501pjb.1.1670911756751; Mon, 12 Dec 2022 22:09:16 -0800 (PST) Reply-To: Sean Christopherson Date: Tue, 13 Dec 2022 06:09:05 +0000 Mime-Version: 1.0 X-Mailer: git-send-email 2.39.0.rc1.256.g54fd8350bd-goog Message-ID: <20221213060912.654668-1-seanjc@google.com> Subject: [PATCH 0/7] KVM: VMX: Handle NMI VM-Exits in noinstr section From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Peter Zijlstra , Andy Lutomirski , Thomas Gleixner X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1752078043311139408?= X-GMAIL-MSGID: =?utf-8?q?1752078043311139408?= Move NMI VM-Exit handling into vmx_vcpu_enter_exit() to fix a (mostly benign?) bug where NMIs can be unblocked prior to servicing the NMI that triggered the VM-Exit, e.g. if instrumentation triggers a fault and thus an IRET. I deliberately didn't tag any of these for stable@ as the odds of me screwing something up or of a backport going sideways seems higher than out-of-order NMIs causing major problems. The bulk of this series is just getting various helpers/paths ready for noinstr usage. I kept the use of a direct call to a dedicated entry point for NMIs (doubled down really). AFAICT, there are no issues with the direct call in the current code, and I don't know enough about FRED to know if using INT $2 would be better or worse, i.e. less churn seemed like the way to go. And if reverting to INT $2 in the future is desirable, splitting NMI and IRQ handling makes it quite easy to do so as all the relevant code that needs to be ripped out is isolated. Sean Christopherson (7): KVM: x86: Make vmx_get_exit_qual() and vmx_get_intr_info() noinstr-friendly KVM: VMX: Allow VM-Fail path of VMREAD helper to be instrumented KVM: VMX: Always inline eVMCS read/write helpers KVM: VMX: Always inline to_vmx() and to_kvm_vmx() x86/entry: KVM: Use dedicated VMX NMI entry for 32-bit kernels too KVM: VMX: Provide separate subroutines for invoking NMI vs. IRQ handlers KVM: VMX: Handle NMI VM-Exits in noinstr region arch/x86/include/asm/idtentry.h | 16 +++----- arch/x86/kernel/nmi.c | 8 ++-- arch/x86/kvm/kvm_cache_regs.h | 12 ++++++ arch/x86/kvm/vmx/hyperv.h | 20 ++++----- arch/x86/kvm/vmx/vmcs.h | 4 +- arch/x86/kvm/vmx/vmenter.S | 72 ++++++++++++++++++--------------- arch/x86/kvm/vmx/vmx.c | 55 +++++++++++++------------ arch/x86/kvm/vmx/vmx.h | 18 ++++----- arch/x86/kvm/vmx/vmx_ops.h | 2 + arch/x86/kvm/x86.h | 6 +-- 10 files changed, 117 insertions(+), 96 deletions(-) base-commit: 208f1c64e255fe3a29083880818e010ebdf585c6 Acked-by: Peter Zijlstra (Intel)