From patchwork Fri Jul 21 22:59:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124169 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp549918vqg; Fri, 21 Jul 2023 17:52:47 -0700 (PDT) X-Google-Smtp-Source: APBJJlGVtbx/lph+jV69duy5JrNHdopNrPIMrOBTzReHA/kQGBJIVoRNIthJozByFIbwPCwAKgEQ X-Received: by 2002:a05:6a20:4a2a:b0:134:7708:49c5 with SMTP id fr42-20020a056a204a2a00b00134770849c5mr2495099pzb.36.1689987167128; Fri, 21 Jul 2023 17:52:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689987167; cv=none; d=google.com; s=arc-20160816; b=er9Oz2QSNCjwdufv1/l97j7lgUOYmZN//cJ4Y3kxiV8nyOfj41a75ZajzKMejqF6Iu m3nEChRm1IC57HVB1ydEqexmhJGe37Rtd9JXYVe+iWvhmog5tkuD+YzgwZuu7Ct3Ns0i G4AFXzmYgNH4LmN2YCPgyIHK8kQShZMLtlraRcgZ0/JUMjM+XACIcIeEWOIBsLYHJWGt 1WwZsSs33urndEdCNObI19RCWIPkmtZufiJ26hzJLArJXKC/JGLiiWMsEZhoMHsJy8Xb 9kU+/BJ0fVNlfIvTXKAN13HBF9WK03/8RfvbokEfuzVDylQnBSXfcNPQliBcmYsav5sK wIUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=zPxDuw7GeJQotzB/CPJITWYq84dGkPo6Sdy7hiPXZfA=; fh=sOnAx2GuCQaI5IJu7Mo1xgLCDrPH4l5HM1pSkvn/pIo=; b=t2YwU4Jehh44Cdp1CUgiVGy4Dko4De2c7gWb/utP8aJ99G+jCHrdnLFSd1pCXyCMx/ wZO4LDCZ5/8vKG3W7RV3dlQ7p4JYvqmAaEYqHS3u9lPHFZ56qcN71fnAR33yCrF1AZox dPTbCLbD7+FDuNF5ya2XbsIZXqX5KHlA0vdVfR1tHRt+Or34ODIM07r2FBdK1lyVJRGL Mooa/eHWUJYI0YPjPFtzMtU8bBvn5KsZ5klHxBwLFPAQ/RQ2W2irXV+dXQmVEz03NPH2 ODlK3Z5EAmO10F2obwc8EGpT148Xyt6qKJpvCXM/Kq7vrhdAgfgeMLrDbmHuHhec82f9 6ecQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=hx05lOSK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m65-20020a632644000000b0054fdb18c873si4025797pgm.645.2023.07.21.17.52.34; Fri, 21 Jul 2023 17:52:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=hx05lOSK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231164AbjGUXAR (ORCPT + 99 others); Fri, 21 Jul 2023 19:00:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48630 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231132AbjGUXAO (ORCPT ); Fri, 21 Jul 2023 19:00:14 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AE84B3A93 for ; Fri, 21 Jul 2023 16:00:12 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id 3f1490d57ef6-c5a479bc2d4so2311570276.1 for ; Fri, 21 Jul 2023 16:00:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689980412; x=1690585212; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=zPxDuw7GeJQotzB/CPJITWYq84dGkPo6Sdy7hiPXZfA=; b=hx05lOSKevEnFTjhQmIFaPmCZWGUtEHn8FPIM5Bki+UcSqPi4IntQeAWTUj+y16Q3C VsMT2vKpEPje3bE2F0xUf0GMW5chsQEeSL/rUzNBHYE0ccg3hQtfK6AT50tUNffQ+8JG 2lay9BL2a9yTqI12d+ssVhmL3OUE4QhP5T2TLWlFFWWHXSAqQObIEcB/e+q7NdsNjEj4 UCEjIIafqyus+s+Yz/Sjnh+LhYRgVyo596begODfAr9zRbpusbnFttvuh4cZFl+MJM9s LeXrJ1BKKbDZ6/OgzBfbvkzPH93TO2gneJJqKXJtvdEHeUxwyOVwVtabahG+/177jK4Z NLSA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689980412; x=1690585212; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=zPxDuw7GeJQotzB/CPJITWYq84dGkPo6Sdy7hiPXZfA=; b=A7ZfkFDWIfS9UqBtNV6HVmtsYJqPPkFny0iK5wyX+y62xwSZ0hUl6cY7r9PWhY6fwc kUEW3o1j1ij6RUdgX0b9/MPXzeD1oUMqrwlJIwfZiDDI/phHdLrTrQZbSPk2PuawgV3l wpWXtfT4hys2z2I46bSyTxxuIwywO2iDx7bu7CK0llQ9f1H07XDG6iPvEIalcqKbcw8z SYhktFjFyGItS3G4YikrGbvIaDIws+0P0RSTcPF9mT1oBnTi5ulubatCx+FEIzmOGLTr sgj8ss401iD62e0H0sPnAwx3YKUNd7xsd5YThniTLgUV6LDHuAhwEmJ29ov6rmPOiwqJ 2bxA== X-Gm-Message-State: ABy/qLa1Dz8WAUjT9oo334FO/OiztQ3kNwfKLfT8mWeljqQGsM/6EpjK xqyLBKwj16j4sl4zqm08G3Mbd5rthTw= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:1388:b0:d05:38ba:b616 with SMTP id x8-20020a056902138800b00d0538bab616mr12927ybu.6.1689980411985; Fri, 21 Jul 2023 16:00:11 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 15:59:58 -0700 In-Reply-To: <20230721230006.2337941-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721230006.2337941-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721230006.2337941-2-seanjc@google.com> Subject: [PATCH v2 1/9] KVM: x86/mmu: Delete rmap_printk() and all its usage From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Mingwei Zhang , David Matlack , Jim Mattson X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772079983392269110 X-GMAIL-MSGID: 1772079983392269110 Delete rmap_printk() so that MMU_WARN_ON() and MMU_DEBUG can be morphed into something that can be regularly enabled for debug kernels. The information provided by rmap_printk() isn't all that useful now that the rmap and unsync code is mature, as the prints are simultaneously too verbose (_lots_ of message) and yet not verbose enough to be helpful for debug (most instances print just the SPTE pointer/value, which is rarely sufficient to root cause anything but trivial bugs). Alternatively, rmap_printk() could be reworked to into tracepoints, but it's not clear there is a real need as rmap bugs rarely escape initial development, and when bugs do escape to production, they are often edge cases and/or reside in code that isn't directly related to the rmaps. In other words, the problems with rmap_printk() being unhelpful also apply to tracepoints. And deleting rmap_printk() doesn't preclude adding tracepoints in the future. Signed-off-by: Sean Christopherson --- arch/x86/kvm/mmu/mmu.c | 12 ------------ arch/x86/kvm/mmu/mmu_internal.h | 2 -- 2 files changed, 14 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index bc24d430db6e..8e36e07719bf 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -941,10 +941,8 @@ static int pte_list_add(struct kvm_mmu_memory_cache *cache, u64 *spte, int count = 0; if (!rmap_head->val) { - rmap_printk("%p %llx 0->1\n", spte, *spte); rmap_head->val = (unsigned long)spte; } else if (!(rmap_head->val & 1)) { - rmap_printk("%p %llx 1->many\n", spte, *spte); desc = kvm_mmu_memory_cache_alloc(cache); desc->sptes[0] = (u64 *)rmap_head->val; desc->sptes[1] = spte; @@ -953,7 +951,6 @@ static int pte_list_add(struct kvm_mmu_memory_cache *cache, u64 *spte, rmap_head->val = (unsigned long)desc | 1; ++count; } else { - rmap_printk("%p %llx many->many\n", spte, *spte); desc = (struct pte_list_desc *)(rmap_head->val & ~1ul); count = desc->tail_count + desc->spte_count; @@ -1018,14 +1015,12 @@ static void pte_list_remove(u64 *spte, struct kvm_rmap_head *rmap_head) pr_err("%s: %p 0->BUG\n", __func__, spte); BUG(); } else if (!(rmap_head->val & 1)) { - rmap_printk("%p 1->0\n", spte); if ((u64 *)rmap_head->val != spte) { pr_err("%s: %p 1->BUG\n", __func__, spte); BUG(); } rmap_head->val = 0; } else { - rmap_printk("%p many->many\n", spte); desc = (struct pte_list_desc *)(rmap_head->val & ~1ul); while (desc) { for (i = 0; i < desc->spte_count; ++i) { @@ -1241,8 +1236,6 @@ static bool spte_write_protect(u64 *sptep, bool pt_protect) !(pt_protect && is_mmu_writable_spte(spte))) return false; - rmap_printk("spte %p %llx\n", sptep, *sptep); - if (pt_protect) spte &= ~shadow_mmu_writable_mask; spte = spte & ~PT_WRITABLE_MASK; @@ -1267,8 +1260,6 @@ static bool spte_clear_dirty(u64 *sptep) { u64 spte = *sptep; - rmap_printk("spte %p %llx\n", sptep, *sptep); - MMU_WARN_ON(!spte_ad_enabled(spte)); spte &= ~shadow_dirty_mask; return mmu_spte_update(sptep, spte); @@ -1480,9 +1471,6 @@ static bool kvm_set_pte_rmap(struct kvm *kvm, struct kvm_rmap_head *rmap_head, restart: for_each_rmap_spte(rmap_head, &iter, sptep) { - rmap_printk("spte %p %llx gfn %llx (%d)\n", - sptep, *sptep, gfn, level); - need_flush = true; if (pte_write(pte)) { diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h index 4f1e4b327f40..9c9dd9340c63 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -11,10 +11,8 @@ #ifdef MMU_DEBUG extern bool dbg; -#define rmap_printk(fmt, args...) do { if (dbg) printk("%s: " fmt, __func__, ## args); } while (0) #define MMU_WARN_ON(x) WARN_ON(x) #else -#define rmap_printk(x...) do { } while (0) #define MMU_WARN_ON(x) do { } while (0) #endif From patchwork Fri Jul 21 22:59:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124141 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp512244vqg; Fri, 21 Jul 2023 16:07:05 -0700 (PDT) X-Google-Smtp-Source: APBJJlFVjmdKJIO6OwczsssIwp+W5xyFU5D3/O5F0+kSf2ZXfFRB+P9tn3IYgrl9gofOYQICoBaH X-Received: by 2002:a05:6512:742:b0:4f8:7528:50b5 with SMTP id c2-20020a056512074200b004f8752850b5mr2132955lfs.14.1689980824801; Fri, 21 Jul 2023 16:07:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689980824; cv=none; d=google.com; s=arc-20160816; b=QyBtOt944e2l5bE4NqWlXetmrhhJKRsAwrmnF1R3AV9Kaq/RKgXuTmqKmyk1ZwI/sQ zlBUlu+4ggEhzYEtFB0vqFqoWE3m8Xj2d7d3QToTGUk4u4upSqqSFmsnTYVxvpiJzege 11KHMHpl3k83EcYE1VP+GKMAKqevzIHYQtX38SuE9bWfiYsVqdbvylsft4HAGbLjrRyx tGUDsy3VpHPfHpv8sop8z91RZjX9zlq21Hl/V4GTid/4CuD+3gt0zHDKqpx7liJKFmhy HWGf1G0Xs3dSAwsDEAJqDwRtbKJ6B0JXa6QNEg6EdCmsQhdKtVmGRo4d7m7R/L7n3zpe qxmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=8LvdkVE4wBNN35/JnHy3xytlSvey6H90m9oi4YFPLDo=; fh=sOnAx2GuCQaI5IJu7Mo1xgLCDrPH4l5HM1pSkvn/pIo=; b=bN5zdtXj1A0mvnqq4BMmpf5X2rdG0V4w1/c6fDWQ9KYtItCtZD4HHQvZWH3TfQqyed w6yz5EuNIBLm4Dms0WnJOcN11zRKfACmvZRLDuCr5XJPK0zcYob9wK++5rzoFcksH6z0 h1NEugoWu5gnaWbhGTxPc1ux8GW/BscRm2NJJDw6Tsm0Qcu7na0pYGLKzHDmLMUKRL4b r7AeQpng/aJOrOtUubC9ZD/c/cdAntMy6IErZmDjktxOkDZOvl2IGXQjsR+rhUVHlL0D Rpk7fo7m/aKodVFI5oJQMRncNL1oYSWNZBslTzjTttMiy3oJdqaMyHNPuYlZ39ziZKqt nwPw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=Fnz97LFP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d3-20020a056402516300b0051dd6214af0si2882904ede.366.2023.07.21.16.06.39; Fri, 21 Jul 2023 16:07:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=Fnz97LFP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231148AbjGUXAT (ORCPT + 99 others); Fri, 21 Jul 2023 19:00:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48642 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231142AbjGUXAP (ORCPT ); Fri, 21 Jul 2023 19:00:15 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4DC4D3A97 for ; Fri, 21 Jul 2023 16:00:14 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-5771e0959f7so25402297b3.3 for ; Fri, 21 Jul 2023 16:00:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689980413; x=1690585213; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=8LvdkVE4wBNN35/JnHy3xytlSvey6H90m9oi4YFPLDo=; b=Fnz97LFPQsOkL23SslhD1HyDQozbiC0iTemf6PytzyfHmiWMkLWDmrnORTlidFilW6 Q1dU/fSVtlP1Gqa8eMttlJq6eZUwnmB5Y8NlHnYcwA0mULuVDp3rO8XjF4yTNQYYy16C 50kD5kw/uOe8RqgFAeYEp5qfy6nV2vcHihVXs2YYbf+jDO6HwW6iEg52Cr+KgxC1Auq0 Bu5iPbYSRPVZ6QRFMTF+mDaRK22Hur/lxqKqp4l7H/hFdfBJap8KzbiE0NWh51EIAjEp k1nM1hJEfkkIvsIdMdrjOyUJR/VF530ZcddIe8/vYZfyUjTKijFdsb+gSNuCX5IraY4t XORw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689980413; x=1690585213; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=8LvdkVE4wBNN35/JnHy3xytlSvey6H90m9oi4YFPLDo=; b=l8361om8pTsjz/6I74x4+bKnym0WkviaICcmnKyy1CQpX48YxJ1GeL+UfHZV6TDMNF qWQq/u6YOTVHDfwSF0Uj0vgfVhhOZJLBucboZq5TgQhDfuFvdCS11lGbwvXEQeggEhD6 l3u4gmwVMhcomcV8KQUQmruFD7/v7y5LYSNShKb8OD0KavokIJ7uQ74mw+wUlhQIbNhh cGMzGm1Vgq/sBF5d6COFJ7ep2ULLJWjqkWSo4EhaxC7uFmalMRs4+BGz+rvOtdk5emjL Xe7nbVQbpXNL05POPltzME+Y0vsbnnNIYYv0u+G9V6+OWInq1hdeiRwPEDAnvjMk6nU2 N4Pg== X-Gm-Message-State: ABy/qLbmHeIBPiGE77recMAC3z/32dU3hg5ax9/QkrmZRP0M92GJtA7F 7wLjsXU0VCo/JjHJGHypUGyY8vc2dMA= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:690c:707:b0:580:841e:a06a with SMTP id bs7-20020a05690c070700b00580841ea06amr13275ywb.2.1689980413619; Fri, 21 Jul 2023 16:00:13 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 15:59:59 -0700 In-Reply-To: <20230721230006.2337941-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721230006.2337941-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721230006.2337941-3-seanjc@google.com> Subject: [PATCH v2 2/9] KVM: x86/mmu: Delete the "dbg" module param From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Mingwei Zhang , David Matlack , Jim Mattson X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772073333141279593 X-GMAIL-MSGID: 1772073333141279593 Delete KVM's "dbg" module param now that its usage in KVM is gone (it used to guard pgprintk() and rmap_printk()). Signed-off-by: Sean Christopherson --- arch/x86/kvm/mmu/mmu.c | 5 ----- arch/x86/kvm/mmu/mmu_internal.h | 2 -- 2 files changed, 7 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 8e36e07719bf..b16092d71d3f 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -115,11 +115,6 @@ static int max_huge_page_level __read_mostly; static int tdp_root_level __read_mostly; static int max_tdp_level __read_mostly; -#ifdef MMU_DEBUG -bool dbg = 0; -module_param(dbg, bool, 0644); -#endif - #define PTE_PREFETCH_NUM 8 #include diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h index 9c9dd9340c63..9ea80e4d463c 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -9,8 +9,6 @@ #undef MMU_DEBUG #ifdef MMU_DEBUG -extern bool dbg; - #define MMU_WARN_ON(x) WARN_ON(x) #else #define MMU_WARN_ON(x) do { } while (0) From patchwork Fri Jul 21 23:00:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124158 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp539743vqg; Fri, 21 Jul 2023 17:19:41 -0700 (PDT) X-Google-Smtp-Source: APBJJlEhs0WpU9TzKL1VA7wYIBJy3VzQTXZ01s7Nq3hMe8ECvQ9h2AJg/qyYZhyFivXvdpBT6/pO X-Received: by 2002:aa7:d74f:0:b0:51e:421e:d209 with SMTP id a15-20020aa7d74f000000b0051e421ed209mr3807095eds.13.1689985180958; Fri, 21 Jul 2023 17:19:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689985180; cv=none; d=google.com; s=arc-20160816; b=anfn2S+K5WSP1l6vNHVAy9CgSebIKqN8dKayBf5aPhYwZIJ2jevcK2VLHRlL3nPkBi ejvePNMjdiNDrMzCOQ5xzuI0qx00gRrYuNF52YRQMsng38x+u/KXyWRB9oOSnKwMJkPJ 1XxNcziXA9fZpTyOzB73L8t0EiPjh5v3YVBtANOLpQ6CaITwkRrihfiRbM9JS5bYR44Z qp6wonQ2YpAjj3EsAD8ROxfBF6fwv/EOjOQ5rDEB0rPRRpQMx53L1f8BFWgVW1Hix83c kZ+y1zHVJeTptlAZmGEXrzrNgLsoaYs1/BtRB6LPcv5sreX1ihe7KOJl7lEqrjnOsFGr +A/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=omheWi+fB4D/RinebRnnTaXxuGsxp/H5OZ8/iJL52gg=; fh=sOnAx2GuCQaI5IJu7Mo1xgLCDrPH4l5HM1pSkvn/pIo=; b=C1opEhpbYUxpytbQuOEzljlFGSAmDUelosmo+sxjG45Ik/YU4igXNtXwNo6015PQNL ETlhS4ZwrkrSLSzMoOb2mNITCTmC2+ZFzuK6SeRtbuJpul0VIwELkGD8c8qs03jeNIHj qG80TYxe/8owP7lL2NCUwCQmEZxdLO3/0hgeqLgwzf9TmCNmWC7z/NdVCsNTIEbyjP9l /nLcWNxEZrAecO8MUX0I0L8CVwrxDzcxQB+oanXAfgbI+Kf6i9mZWO7JQgCRPu0J18Nx SVvES+ixN/lqh0cYRGySk3NsuNS7ZD6hzxEvNXukIDfXKTv7xaeLbNhq8rlxX8II/oIx XGAQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=vbdN8Oct; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j9-20020aa7c409000000b0051ff1fb2631si2949203edq.416.2023.07.21.17.19.16; Fri, 21 Jul 2023 17:19:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=vbdN8Oct; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231202AbjGUXAW (ORCPT + 99 others); Fri, 21 Jul 2023 19:00:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48670 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231159AbjGUXAR (ORCPT ); Fri, 21 Jul 2023 19:00:17 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 373E73A9F for ; Fri, 21 Jul 2023 16:00:16 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-583a058f890so8908667b3.0 for ; Fri, 21 Jul 2023 16:00:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689980415; x=1690585215; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=omheWi+fB4D/RinebRnnTaXxuGsxp/H5OZ8/iJL52gg=; b=vbdN8OctTXpcWhp32zvgNfnvRtfWXnph6+vcUlc57CGOPd/R/4a75ImhrgGJ3xAHn1 HaUh6pk8xronY2t50P13VcHS9megjWcRGLgMyQ7QhQfCyyCR28TJ495s7uhFE9oLDv/v BUKnqDhACAN7T+UUwH5DpfGaHlhnS+WA5TMxO/jxbTNz4qzlhXWxxK5UwaB7GT7i4Jjk MisNKnGlVNq6+vnwALgo0EqgsXSHKXoZErQKj4TAW98IFS+aKdGQZ9cgBSAxem3upUdi wSCmNRxyhGEmgLGpYFwC6/jF6+ThqolhHilmyYC0Q4N9SXDCrO8n4iHEdPaFAavMSBM9 k6SA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689980415; x=1690585215; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=omheWi+fB4D/RinebRnnTaXxuGsxp/H5OZ8/iJL52gg=; b=VK/7l1YXHzdr4UeNWw6amBf2pah7nB+bFX0ff5eYNCucBcHRCfImCYNZQJnxcFaz+i qEkY0rLGygzmC1IKnssjaOTM/eEbLJ19QRwVCqarRoH2p/6AZTjy0BAQwPXXThZgH4v/ t2rFJoY6woaDxdLaIIC+wKR2oesyYdEA0DQmfCQ/liVEWwbskweMyp0n6sCT+s16HCr7 C7eii0xrJRJ9NNPrvDx6MKL1QhKYM5HYFsXrMlkaGQL+wpvLK9GESG56shsoaWIX7Ci6 htjveV1crQgA308SVoh1OtKeQgkLWvpavkzu81RLtLquS5jqLiaWBvyjhGl5pYTmWBtQ H2Hw== X-Gm-Message-State: ABy/qLZtbRZKHu0Bc3ta60HNgy6KFZxZLSqbTes4qk0ntqfoS5h/xEmN k3bm64+kfkX532gnCTXEnMe2Yb3Apns= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:b668:0:b0:56f:f62b:7a11 with SMTP id h40-20020a81b668000000b0056ff62b7a11mr13119ywk.8.1689980415400; Fri, 21 Jul 2023 16:00:15 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 16:00:00 -0700 In-Reply-To: <20230721230006.2337941-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721230006.2337941-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721230006.2337941-4-seanjc@google.com> Subject: [PATCH v2 3/9] KVM: x86/mmu: Rename MMU_WARN_ON() to KVM_MMU_WARN_ON() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Mingwei Zhang , David Matlack , Jim Mattson X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772077901227756452 X-GMAIL-MSGID: 1772077901227756452 Rename MMU_WARN_ON() to make it super obvious that the assertions are all about KVM's MMU, not the primary MMU. Signed-off-by: Sean Christopherson --- arch/x86/kvm/mmu/mmu.c | 4 ++-- arch/x86/kvm/mmu/mmu_internal.h | 4 ++-- arch/x86/kvm/mmu/spte.h | 8 ++++---- arch/x86/kvm/mmu/tdp_mmu.c | 8 ++++---- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index b16092d71d3f..c87539dd1ac0 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -1255,7 +1255,7 @@ static bool spte_clear_dirty(u64 *sptep) { u64 spte = *sptep; - MMU_WARN_ON(!spte_ad_enabled(spte)); + KVM_MMU_WARN_ON(!spte_ad_enabled(spte)); spte &= ~shadow_dirty_mask; return mmu_spte_update(sptep, spte); } @@ -1735,7 +1735,7 @@ static void kvm_unaccount_mmu_page(struct kvm *kvm, struct kvm_mmu_page *sp) static void kvm_mmu_free_shadow_page(struct kvm_mmu_page *sp) { - MMU_WARN_ON(!is_empty_shadow_page(sp->spt)); + KVM_MMU_WARN_ON(!is_empty_shadow_page(sp->spt)); hlist_del(&sp->hash_link); list_del(&sp->link); free_page((unsigned long)sp->spt); diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h index 9ea80e4d463c..bb1649669bc9 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -9,9 +9,9 @@ #undef MMU_DEBUG #ifdef MMU_DEBUG -#define MMU_WARN_ON(x) WARN_ON(x) +#define KVM_MMU_WARN_ON(x) WARN_ON(x) #else -#define MMU_WARN_ON(x) do { } while (0) +#define KVM_MMU_WARN_ON(x) do { } while (0) #endif /* Page table builder macros common to shadow (host) PTEs and guest PTEs. */ diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 1279db2eab44..83e6614f3720 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -265,13 +265,13 @@ static inline bool sp_ad_disabled(struct kvm_mmu_page *sp) static inline bool spte_ad_enabled(u64 spte) { - MMU_WARN_ON(!is_shadow_present_pte(spte)); + KVM_MMU_WARN_ON(!is_shadow_present_pte(spte)); return (spte & SPTE_TDP_AD_MASK) != SPTE_TDP_AD_DISABLED; } static inline bool spte_ad_need_write_protect(u64 spte) { - MMU_WARN_ON(!is_shadow_present_pte(spte)); + KVM_MMU_WARN_ON(!is_shadow_present_pte(spte)); /* * This is benign for non-TDP SPTEs as SPTE_TDP_AD_ENABLED is '0', * and non-TDP SPTEs will never set these bits. Optimize for 64-bit @@ -282,13 +282,13 @@ static inline bool spte_ad_need_write_protect(u64 spte) static inline u64 spte_shadow_accessed_mask(u64 spte) { - MMU_WARN_ON(!is_shadow_present_pte(spte)); + KVM_MMU_WARN_ON(!is_shadow_present_pte(spte)); return spte_ad_enabled(spte) ? shadow_accessed_mask : 0; } static inline u64 spte_shadow_dirty_mask(u64 spte) { - MMU_WARN_ON(!is_shadow_present_pte(spte)); + KVM_MMU_WARN_ON(!is_shadow_present_pte(spte)); return spte_ad_enabled(spte) ? shadow_dirty_mask : 0; } diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c index 512163d52194..f881de40f9ef 100644 --- a/arch/x86/kvm/mmu/tdp_mmu.c +++ b/arch/x86/kvm/mmu/tdp_mmu.c @@ -1548,8 +1548,8 @@ static bool clear_dirty_gfn_range(struct kvm *kvm, struct kvm_mmu_page *root, if (!is_shadow_present_pte(iter.old_spte)) continue; - MMU_WARN_ON(kvm_ad_enabled() && - spte_ad_need_write_protect(iter.old_spte)); + KVM_MMU_WARN_ON(kvm_ad_enabled() && + spte_ad_need_write_protect(iter.old_spte)); if (!(iter.old_spte & dbit)) continue; @@ -1607,8 +1607,8 @@ static void clear_dirty_pt_masked(struct kvm *kvm, struct kvm_mmu_page *root, if (!mask) break; - MMU_WARN_ON(kvm_ad_enabled() && - spte_ad_need_write_protect(iter.old_spte)); + KVM_MMU_WARN_ON(kvm_ad_enabled() && + spte_ad_need_write_protect(iter.old_spte)); if (iter.level > PG_LEVEL_4K || !(mask & (1UL << (iter.gfn - gfn)))) From patchwork Fri Jul 21 23:00:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124157 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp539176vqg; Fri, 21 Jul 2023 17:18:10 -0700 (PDT) X-Google-Smtp-Source: APBJJlH7kQz59v86+0KXKu4qi8qN4YBPjSfp/R59J+itcRau5u3uelE+dRCdpFYVwdrhbB7gA7zy X-Received: by 2002:a17:906:530c:b0:992:a618:c3c4 with SMTP id h12-20020a170906530c00b00992a618c3c4mr3392727ejo.66.1689985090620; Fri, 21 Jul 2023 17:18:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689985090; cv=none; d=google.com; s=arc-20160816; b=xlVdyiz3GzvpmSaNKNFEgOBn1OC1c7N8dWMuUCCW+U3eP3dNeS7zMdaw/nx3+zo0Yk 4+zAuPgLFasAmSTuPSUaiw9GA7/ftloEkNvj6I0baECTQOuOZcKzWlAoK9qWDRxlF8wx w0OkbOd9TiNeRBUvhz8Q/xqDLvnnscE+Jx280wHR2E+le2DiQx7lT83H/AYCOKZD/ln6 5aPluE7TAVfLkY9QwXMqyLqJcPqfPtkZ2EcmjalPkkd1WL/75CaTVqol2a5Pc98M7qtv u+BW2I0ab7dkt7OCWUh6hRSITr9ShoNYVDPWKPs3c3ubDOMcXB2pQWiESjZjm0T9Pk9+ SN2Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=rw5rKXDTTdMh/U/oht/75ukyZlue3elcNBySkPi6QuY=; fh=sOnAx2GuCQaI5IJu7Mo1xgLCDrPH4l5HM1pSkvn/pIo=; b=DPH6WAfOPOmk7FkbtbCtTLYzmpoMu4+2358Z6DvoS/MaoIen2B19YxACmKTESFSaX3 HKDljEt6ur6xFemWWPcg/Vq60cPN+zBr/EwprXoU5D9qfmDJ7Nv1okfHxZtY/TaWWMra dv1bKa3REBjHaaZ8+Mv16avPm23oTIU1ui/d5vTrPderdyOMCSK7E5W68s9vzzwJ0gmp RHsUMl1G3oScCOP4AKHYSEoim2x6BT5XRbIoqaqtp9mfqS4utqND8Df5u0fmbzeVurIr /x81wt57gphkSZurx6zrjpBchzJKFDZ8BOjbmiTiPQFe92l56Nit42bFtNopo8oBlbg+ fl4A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=PpIfeEHZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h13-20020a17090619cd00b00992e22a640csi2755224ejd.547.2023.07.21.17.17.46; Fri, 21 Jul 2023 17:18:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=PpIfeEHZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231222AbjGUXAY (ORCPT + 99 others); Fri, 21 Jul 2023 19:00:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48690 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231179AbjGUXAU (ORCPT ); Fri, 21 Jul 2023 19:00:20 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F3F293A97 for ; Fri, 21 Jul 2023 16:00:17 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-576d63dfc1dso25786387b3.3 for ; Fri, 21 Jul 2023 16:00:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689980417; x=1690585217; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=rw5rKXDTTdMh/U/oht/75ukyZlue3elcNBySkPi6QuY=; b=PpIfeEHZR/3QXYPAgxsIW1BsTi+XN0rYNoHNbHiGRDkddmEvrNVaSoZJIwhjJxmtEo xaVUpZxE606Lcp2pwzz636CIk/9JRNIo2A0kndkVSzvqqbesvJ29EW1s4TlfboxmEa24 z6d5gTQqhb5rti+bL3hGOh3s/f5pl8dnTrVtbua03qm/CRwf37kxYa5IUWItG1L5vBEd +bto1hbOM/g5DlBo/PDGXL3cOyCLecMog3CVEmdWn+m0Un2ntluHD+Qaf5n6xHVFWSdd es1c3mPo8wUrE5Ov4O1Vatv7b6oO1KRtQh4P+LvzBi/Z/FaBn6a037La5MHyN+7y/Rog meWg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689980417; x=1690585217; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=rw5rKXDTTdMh/U/oht/75ukyZlue3elcNBySkPi6QuY=; b=I8xrStzRD49KiclpuxAPokQTMG6JeBVRhec1yB1pREyZQvgbn1eBkhXsbzDo4hRJQZ 1KE8nAEWcQyloQF7tNi4GJVQvjKn6Na2qabauKxE6iNq7bp/7x+BsxBRo4lZivXXi8ex 4MJ3wVPbIOJusR/DDLECo2gq0YGJJgIze+RTr7rNqbwD4rvPFzZlxPbXVIYipEhhcHi6 kv0JnlgX44cVlDHfOCw6+kcGQzLBWQWvtLXV/rE+lwtlOk09lcyb+55Dk9/dXL0dsTb8 JSZMMw6M0dTBTDQjHz7mZ53qObcQUkXVJi/TF288LVskUESfxpi/AFcV8yiSbxeKTT5J myrg== X-Gm-Message-State: ABy/qLat+R+fTLpvIM5eS/QcxRmj744PkeUtwwvTB0TxbOAUbY3o6GKF v84hLKJClFwx3XcS+k7hqW6Ig3GqF28= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:4406:0:b0:577:3b0c:5b85 with SMTP id r6-20020a814406000000b005773b0c5b85mr14328ywa.0.1689980417324; Fri, 21 Jul 2023 16:00:17 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 16:00:01 -0700 In-Reply-To: <20230721230006.2337941-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721230006.2337941-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721230006.2337941-5-seanjc@google.com> Subject: [PATCH v2 4/9] KVM: x86/mmu: Convert "runtime" WARN_ON() assertions to WARN_ON_ONCE() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Mingwei Zhang , David Matlack , Jim Mattson X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772077806837238805 X-GMAIL-MSGID: 1772077806837238805 Convert all "runtime" assertions, i.e. assertions that can be triggered while running vCPUs, from WARN_ON() to WARN_ON_ONCE(). Every WARN in the MMU that is tied to running vCPUs, i.e. not contained to loading and initializing KVM, is likely to fire _a lot_ when it does trigger. E.g. if KVM ends up with a bug that causes a root to be invalidated before the page fault handler is invoked, pretty much _every_ page fault VM-Exit triggers the WARN. If a WARN is triggered frequently, the resulting spam usually causes a lot of damage of its own, e.g. consumes resources to log the WARN and pollutes the kernel log, often to the point where other useful information can be lost. In many case, the damage caused by the spam is actually worse than the bug itself, e.g. KVM can almost always recover from an unexpectedly invalid root. On the flip side, warning every time is rarely helpful for debug and triage, i.e. a single splat is usually sufficient to point a debugger in the right direction, and automated testing, e.g. syzkaller, typically runs with warn_on_panic=1, i.e. will never get past the first WARN anyways. Lastly, when an assertions fails multiple times, the stack traces in KVM are almost always identical, i.e. the full splat only needs to be captured once. And _if_ there is value in captruing information about the failed assert, a ratelimited printk() is sufficient and less likely to rack up a large amount of collateral damage. Signed-off-by: Sean Christopherson --- arch/x86/kvm/mmu/mmu.c | 48 ++++++++++++++++----------------- arch/x86/kvm/mmu/mmu_internal.h | 2 +- arch/x86/kvm/mmu/page_track.c | 16 +++++------ arch/x86/kvm/mmu/paging_tmpl.h | 4 +-- arch/x86/kvm/mmu/spte.c | 4 +-- arch/x86/kvm/mmu/tdp_iter.c | 4 +-- arch/x86/kvm/mmu/tdp_mmu.c | 20 +++++++------- 7 files changed, 49 insertions(+), 49 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index c87539dd1ac0..eb6af9c4cf14 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -485,7 +485,7 @@ static u64 __get_spte_lockless(u64 *sptep) */ static void mmu_spte_set(u64 *sptep, u64 new_spte) { - WARN_ON(is_shadow_present_pte(*sptep)); + WARN_ON_ONCE(is_shadow_present_pte(*sptep)); __set_spte(sptep, new_spte); } @@ -497,7 +497,7 @@ static u64 mmu_spte_update_no_track(u64 *sptep, u64 new_spte) { u64 old_spte = *sptep; - WARN_ON(!is_shadow_present_pte(new_spte)); + WARN_ON_ONCE(!is_shadow_present_pte(new_spte)); check_spte_writable_invariants(new_spte); if (!is_shadow_present_pte(old_spte)) { @@ -510,7 +510,7 @@ static u64 mmu_spte_update_no_track(u64 *sptep, u64 new_spte) else old_spte = __update_clear_spte_slow(sptep, new_spte); - WARN_ON(spte_to_pfn(old_spte) != spte_to_pfn(new_spte)); + WARN_ON_ONCE(spte_to_pfn(old_spte) != spte_to_pfn(new_spte)); return old_spte; } @@ -592,7 +592,7 @@ static u64 mmu_spte_clear_track_bits(struct kvm *kvm, u64 *sptep) * by a refcounted page, the refcount is elevated. */ page = kvm_pfn_to_refcounted_page(pfn); - WARN_ON(page && !page_count(page)); + WARN_ON_ONCE(page && !page_count(page)); if (is_accessed_spte(old_spte)) kvm_set_pfn_accessed(pfn); @@ -807,7 +807,7 @@ static void update_gfn_disallow_lpage_count(const struct kvm_memory_slot *slot, for (i = PG_LEVEL_2M; i <= KVM_MAX_HUGEPAGE_LEVEL; ++i) { linfo = lpage_info_slot(gfn, slot, i); linfo->disallow_lpage += count; - WARN_ON(linfo->disallow_lpage < 0); + WARN_ON_ONCE(linfo->disallow_lpage < 0); } } @@ -1202,7 +1202,7 @@ static void drop_large_spte(struct kvm *kvm, u64 *sptep, bool flush) struct kvm_mmu_page *sp; sp = sptep_to_sp(sptep); - WARN_ON(sp->role.level == PG_LEVEL_4K); + WARN_ON_ONCE(sp->role.level == PG_LEVEL_4K); drop_spte(kvm, sptep); @@ -1461,7 +1461,7 @@ static bool kvm_set_pte_rmap(struct kvm *kvm, struct kvm_rmap_head *rmap_head, u64 new_spte; kvm_pfn_t new_pfn; - WARN_ON(pte_huge(pte)); + WARN_ON_ONCE(pte_huge(pte)); new_pfn = pte_pfn(pte); restart: @@ -1823,7 +1823,7 @@ static int mmu_pages_add(struct kvm_mmu_pages *pvec, struct kvm_mmu_page *sp, static inline void clear_unsync_child_bit(struct kvm_mmu_page *sp, int idx) { --sp->unsync_children; - WARN_ON((int)sp->unsync_children < 0); + WARN_ON_ONCE((int)sp->unsync_children < 0); __clear_bit(idx, sp->unsync_child_bitmap); } @@ -1881,7 +1881,7 @@ static int mmu_unsync_walk(struct kvm_mmu_page *sp, static void kvm_unlink_unsync_page(struct kvm *kvm, struct kvm_mmu_page *sp) { - WARN_ON(!sp->unsync); + WARN_ON_ONCE(!sp->unsync); trace_kvm_mmu_sync_page(sp); sp->unsync = 0; --kvm->stat.mmu_unsync; @@ -2056,11 +2056,11 @@ static int mmu_pages_first(struct kvm_mmu_pages *pvec, if (pvec->nr == 0) return 0; - WARN_ON(pvec->page[0].idx != INVALID_INDEX); + WARN_ON_ONCE(pvec->page[0].idx != INVALID_INDEX); sp = pvec->page[0].sp; level = sp->role.level; - WARN_ON(level == PG_LEVEL_4K); + WARN_ON_ONCE(level == PG_LEVEL_4K); parents->parent[level-2] = sp; @@ -2082,7 +2082,7 @@ static void mmu_pages_clear_parents(struct mmu_page_path *parents) if (!sp) return; - WARN_ON(idx == INVALID_INDEX); + WARN_ON_ONCE(idx == INVALID_INDEX); clear_unsync_child_bit(sp, idx); level++; } while (!sp->unsync_children); @@ -2203,7 +2203,7 @@ static struct kvm_mmu_page *kvm_mmu_find_shadow_page(struct kvm *kvm, if (ret < 0) break; - WARN_ON(!list_empty(&invalid_list)); + WARN_ON_ONCE(!list_empty(&invalid_list)); if (ret > 0) kvm_flush_remote_tlbs(kvm); } @@ -2658,7 +2658,7 @@ static void kvm_mmu_commit_zap_page(struct kvm *kvm, kvm_flush_remote_tlbs(kvm); list_for_each_entry_safe(sp, nsp, invalid_list, link) { - WARN_ON(!sp->role.invalid || sp->root_count); + WARN_ON_ONCE(!sp->role.invalid || sp->root_count); kvm_mmu_free_shadow_page(sp); } } @@ -2853,7 +2853,7 @@ int mmu_try_to_unsync_pages(struct kvm *kvm, const struct kvm_memory_slot *slot, continue; } - WARN_ON(sp->role.level != PG_LEVEL_4K); + WARN_ON_ONCE(sp->role.level != PG_LEVEL_4K); kvm_unsync_page(kvm, sp); } if (locked) @@ -3006,7 +3006,7 @@ static void __direct_pte_prefetch(struct kvm_vcpu *vcpu, u64 *spte, *start = NULL; int i; - WARN_ON(!sp->role.direct); + WARN_ON_ONCE(!sp->role.direct); i = spte_index(sptep) & ~(PTE_PREFETCH_NUM - 1); spte = sp->spt + i; @@ -3552,7 +3552,7 @@ static void mmu_free_root_page(struct kvm *kvm, hpa_t *root_hpa, * SPTE to ensure any non-PA bits are dropped. */ sp = spte_to_child_sp(*root_hpa); - if (WARN_ON(!sp)) + if (WARN_ON_ONCE(!sp)) return; if (is_tdp_mmu_page(sp)) @@ -4167,7 +4167,7 @@ static int handle_mmio_page_fault(struct kvm_vcpu *vcpu, u64 addr, bool direct) return RET_PF_EMULATE; reserved = get_mmio_spte(vcpu, addr, &spte); - if (WARN_ON(reserved)) + if (WARN_ON_ONCE(reserved)) return -EINVAL; if (is_mmio_spte(spte)) { @@ -5502,9 +5502,9 @@ void kvm_mmu_unload(struct kvm_vcpu *vcpu) struct kvm *kvm = vcpu->kvm; kvm_mmu_free_roots(kvm, &vcpu->arch.root_mmu, KVM_MMU_ROOTS_ALL); - WARN_ON(VALID_PAGE(vcpu->arch.root_mmu.root.hpa)); + WARN_ON_ONCE(VALID_PAGE(vcpu->arch.root_mmu.root.hpa)); kvm_mmu_free_roots(kvm, &vcpu->arch.guest_mmu, KVM_MMU_ROOTS_ALL); - WARN_ON(VALID_PAGE(vcpu->arch.guest_mmu.root.hpa)); + WARN_ON_ONCE(VALID_PAGE(vcpu->arch.guest_mmu.root.hpa)); vcpu_clear_mmio_info(vcpu, MMIO_GVA_ANY); } @@ -5708,7 +5708,7 @@ int noinline kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, u64 err int r, emulation_type = EMULTYPE_PF; bool direct = vcpu->arch.mmu->root_role.direct; - if (WARN_ON(!VALID_PAGE(vcpu->arch.mmu->root.hpa))) + if (WARN_ON_ONCE(!VALID_PAGE(vcpu->arch.mmu->root.hpa))) return RET_PF_RETRY; r = RET_PF_INVALID; @@ -6065,7 +6065,7 @@ static void kvm_zap_obsolete_pages(struct kvm *kvm) * pages. Skip the bogus page, otherwise we'll get stuck in an * infinite loop if the page gets put back on the list (again). */ - if (WARN_ON(sp->role.invalid)) + if (WARN_ON_ONCE(sp->role.invalid)) continue; /* @@ -6707,7 +6707,7 @@ void kvm_mmu_zap_all(struct kvm *kvm) write_lock(&kvm->mmu_lock); restart: list_for_each_entry_safe(sp, node, &kvm->arch.active_mmu_pages, link) { - if (WARN_ON(sp->role.invalid)) + if (WARN_ON_ONCE(sp->role.invalid)) continue; if (__kvm_mmu_prepare_zap_page(kvm, sp, &invalid_list, &ign)) goto restart; @@ -6725,7 +6725,7 @@ void kvm_mmu_zap_all(struct kvm *kvm) void kvm_mmu_invalidate_mmio_sptes(struct kvm *kvm, u64 gen) { - WARN_ON(gen & KVM_MEMSLOT_GEN_UPDATE_IN_PROGRESS); + WARN_ON_ONCE(gen & KVM_MEMSLOT_GEN_UPDATE_IN_PROGRESS); gen &= MMIO_SPTE_GEN_MASK; diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h index bb1649669bc9..cfe925fefa68 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -9,7 +9,7 @@ #undef MMU_DEBUG #ifdef MMU_DEBUG -#define KVM_MMU_WARN_ON(x) WARN_ON(x) +#define KVM_MMU_WARN_ON(x) WARN_ON_ONCE(x) #else #define KVM_MMU_WARN_ON(x) do { } while (0) #endif diff --git a/arch/x86/kvm/mmu/page_track.c b/arch/x86/kvm/mmu/page_track.c index 0a2ac438d647..fd16918b3a7a 100644 --- a/arch/x86/kvm/mmu/page_track.c +++ b/arch/x86/kvm/mmu/page_track.c @@ -94,7 +94,7 @@ static void update_gfn_track(struct kvm_memory_slot *slot, gfn_t gfn, val = slot->arch.gfn_track[mode][index]; - if (WARN_ON(val + count < 0 || val + count > USHRT_MAX)) + if (WARN_ON_ONCE(val + count < 0 || val + count > USHRT_MAX)) return; slot->arch.gfn_track[mode][index] += count; @@ -117,11 +117,11 @@ void kvm_slot_page_track_add_page(struct kvm *kvm, enum kvm_page_track_mode mode) { - if (WARN_ON(!page_track_mode_is_valid(mode))) + if (WARN_ON_ONCE(!page_track_mode_is_valid(mode))) return; - if (WARN_ON(mode == KVM_PAGE_TRACK_WRITE && - !kvm_page_track_write_tracking_enabled(kvm))) + if (WARN_ON_ONCE(mode == KVM_PAGE_TRACK_WRITE && + !kvm_page_track_write_tracking_enabled(kvm))) return; update_gfn_track(slot, gfn, mode, 1); @@ -155,11 +155,11 @@ void kvm_slot_page_track_remove_page(struct kvm *kvm, struct kvm_memory_slot *slot, gfn_t gfn, enum kvm_page_track_mode mode) { - if (WARN_ON(!page_track_mode_is_valid(mode))) + if (WARN_ON_ONCE(!page_track_mode_is_valid(mode))) return; - if (WARN_ON(mode == KVM_PAGE_TRACK_WRITE && - !kvm_page_track_write_tracking_enabled(kvm))) + if (WARN_ON_ONCE(mode == KVM_PAGE_TRACK_WRITE && + !kvm_page_track_write_tracking_enabled(kvm))) return; update_gfn_track(slot, gfn, mode, -1); @@ -181,7 +181,7 @@ bool kvm_slot_page_track_is_active(struct kvm *kvm, { int index; - if (WARN_ON(!page_track_mode_is_valid(mode))) + if (WARN_ON_ONCE(!page_track_mode_is_valid(mode))) return false; if (!slot) diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index 7a97f769a7cb..a3fc7c1a7f8d 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -633,7 +633,7 @@ static int FNAME(fetch)(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault, if (FNAME(gpte_changed)(vcpu, gw, top_level)) goto out_gpte_changed; - if (WARN_ON(!VALID_PAGE(vcpu->arch.mmu->root.hpa))) + if (WARN_ON_ONCE(!VALID_PAGE(vcpu->arch.mmu->root.hpa))) goto out_gpte_changed; for_each_shadow_entry(vcpu, fault->addr, it) { @@ -830,7 +830,7 @@ static gpa_t FNAME(get_level1_sp_gpa)(struct kvm_mmu_page *sp) { int offset = 0; - WARN_ON(sp->role.level != PG_LEVEL_4K); + WARN_ON_ONCE(sp->role.level != PG_LEVEL_4K); if (PTTYPE == 32) offset = sp->role.quadrant << SPTE_LEVEL_BITS; diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index 438a86bda9f3..4a599130e9c9 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -61,7 +61,7 @@ static u64 generation_mmio_spte_mask(u64 gen) { u64 mask; - WARN_ON(gen & ~MMIO_SPTE_GEN_MASK); + WARN_ON_ONCE(gen & ~MMIO_SPTE_GEN_MASK); mask = (gen << MMIO_SPTE_GEN_LOW_SHIFT) & MMIO_SPTE_GEN_LOW_MASK; mask |= (gen << MMIO_SPTE_GEN_HIGH_SHIFT) & MMIO_SPTE_GEN_HIGH_MASK; @@ -240,7 +240,7 @@ bool make_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_page *sp, if ((spte & PT_WRITABLE_MASK) && kvm_slot_dirty_track_enabled(slot)) { /* Enforced by kvm_mmu_hugepage_adjust. */ - WARN_ON(level > PG_LEVEL_4K); + WARN_ON_ONCE(level > PG_LEVEL_4K); mark_page_dirty_in_slot(vcpu->kvm, slot, gfn); } diff --git a/arch/x86/kvm/mmu/tdp_iter.c b/arch/x86/kvm/mmu/tdp_iter.c index d2eb0d4f8710..5bb09f8d9fc6 100644 --- a/arch/x86/kvm/mmu/tdp_iter.c +++ b/arch/x86/kvm/mmu/tdp_iter.c @@ -41,8 +41,8 @@ void tdp_iter_start(struct tdp_iter *iter, struct kvm_mmu_page *root, { int root_level = root->role.level; - WARN_ON(root_level < 1); - WARN_ON(root_level > PT64_ROOT_MAX_LEVEL); + WARN_ON_ONCE(root_level < 1); + WARN_ON_ONCE(root_level > PT64_ROOT_MAX_LEVEL); iter->next_last_level_gfn = next_last_level_gfn; iter->root_level = root_level; diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c index f881de40f9ef..b2068c47f78c 100644 --- a/arch/x86/kvm/mmu/tdp_mmu.c +++ b/arch/x86/kvm/mmu/tdp_mmu.c @@ -475,9 +475,9 @@ static void handle_changed_spte(struct kvm *kvm, int as_id, gfn_t gfn, bool is_leaf = is_present && is_last_spte(new_spte, level); bool pfn_changed = spte_to_pfn(old_spte) != spte_to_pfn(new_spte); - WARN_ON(level > PT64_ROOT_MAX_LEVEL); - WARN_ON(level < PG_LEVEL_4K); - WARN_ON(gfn & (KVM_PAGES_PER_HPAGE(level) - 1)); + WARN_ON_ONCE(level > PT64_ROOT_MAX_LEVEL); + WARN_ON_ONCE(level < PG_LEVEL_4K); + WARN_ON_ONCE(gfn & (KVM_PAGES_PER_HPAGE(level) - 1)); /* * If this warning were to trigger it would indicate that there was a @@ -522,9 +522,9 @@ static void handle_changed_spte(struct kvm *kvm, int as_id, gfn_t gfn, * impact the guest since both the former and current SPTEs * are nonpresent. */ - if (WARN_ON(!is_mmio_spte(old_spte) && - !is_mmio_spte(new_spte) && - !is_removed_spte(new_spte))) + if (WARN_ON_ONCE(!is_mmio_spte(old_spte) && + !is_mmio_spte(new_spte) && + !is_removed_spte(new_spte))) pr_err("Unexpected SPTE change! Nonpresent SPTEs\n" "should not be replaced with another,\n" "different nonpresent SPTE, unless one or both\n" @@ -661,7 +661,7 @@ static u64 tdp_mmu_set_spte(struct kvm *kvm, int as_id, tdp_ptep_t sptep, * should be used. If operating under the MMU lock in write mode, the * use of the removed SPTE should not be necessary. */ - WARN_ON(is_removed_spte(old_spte) || is_removed_spte(new_spte)); + WARN_ON_ONCE(is_removed_spte(old_spte) || is_removed_spte(new_spte)); old_spte = kvm_tdp_mmu_write_spte(sptep, old_spte, new_spte, level); @@ -709,7 +709,7 @@ static inline bool __must_check tdp_mmu_iter_cond_resched(struct kvm *kvm, struct tdp_iter *iter, bool flush, bool shared) { - WARN_ON(iter->yielded); + WARN_ON_ONCE(iter->yielded); /* Ensure forward progress has been made before yielding. */ if (iter->next_last_level_gfn == iter->yielded_gfn) @@ -728,7 +728,7 @@ static inline bool __must_check tdp_mmu_iter_cond_resched(struct kvm *kvm, rcu_read_lock(); - WARN_ON(iter->gfn > iter->next_last_level_gfn); + WARN_ON_ONCE(iter->gfn > iter->next_last_level_gfn); iter->yielded = true; } @@ -1241,7 +1241,7 @@ static bool set_spte_gfn(struct kvm *kvm, struct tdp_iter *iter, u64 new_spte; /* Huge pages aren't expected to be modified without first being zapped. */ - WARN_ON(pte_huge(range->pte) || range->start + 1 != range->end); + WARN_ON_ONCE(pte_huge(range->pte) || range->start + 1 != range->end); if (iter->level != PG_LEVEL_4K || !is_shadow_present_pte(iter->old_spte)) From patchwork Fri Jul 21 23:00:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124161 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp544436vqg; Fri, 21 Jul 2023 17:34:05 -0700 (PDT) X-Google-Smtp-Source: APBJJlH2H4hmIXuxhleabNOmKHsKEYRmLdeskHwhfhp4PjhxFSfGdX7dkSm+ejgRWzGPI6dky2N3 X-Received: by 2002:a17:90b:4b07:b0:261:cce:d1c2 with SMTP id lx7-20020a17090b4b0700b002610cced1c2mr5534622pjb.11.1689986045022; Fri, 21 Jul 2023 17:34:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689986045; cv=none; d=google.com; s=arc-20160816; b=HeBfnV1DmN2jZYtI+dtWLszcaknrAveL8sghNuLRBIyafwYEV4NIHi6JJpeJ2iaAKl bf8X2B+s25Q9nkW3n5FpiAHs2K7fAi+BIZYJXvvmonmzpeNnOXfysfJ38Xs7mfrpxohu FaCWr+i+aE/6vY6W5FgCncOvX9eIuf8ad2pk3TWmMtgHXXVDbNlv6S/lFKOibxBd2/T2 iYUbFul1uLr3QKvLa+2uFDNlHT6kiegoEl/aMOJXR1W/Enw0dfilz/UjzNvLL9ld6ZuO A+RnD5AV5ON6uubU1rr5Z0mwL68RfAE/oUun2dd28uBOcX1Kl1mHcbJ6P0Ku/sOyhwwE W7pg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=Hf66Tg9z6eVGNOq7lITDvOc5Z8kagkKjdF0cIF19+es=; fh=sOnAx2GuCQaI5IJu7Mo1xgLCDrPH4l5HM1pSkvn/pIo=; b=m3XzC8qw6tfBwmoxslMmo+VlC/LAGmh7cZroya8Y370WgmS432aG9fren1XUDIuvDQ s/ZAq5vgRTLM+NwuqiC5jTLfVHXMNma4FinWEFQrwoUBMu6hRF84/srTUNW9Vpa4cFYs hWHYWkDpVSqYXKT645sn4Swqg0IVg0uBk4cSceThfb5pFEH4OILpsCaZ9dafgSzz3t3t cNbaOslwHlxeKWyPcIXSfw9qsTZOfZeZpKQ+6A3l6N0weq7NCmWpw5aaDusXUt1FkOzp RxZMEekV8e+xcnyWG67AyjK881OgWF+HfWKzThmBjwreCtleH6aiBmakW27xC9mIjwI4 uuFw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=gWGRlaTk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id fu8-20020a17090ad18800b00263bf1c6dc0si6495004pjb.102.2023.07.21.17.33.52; Fri, 21 Jul 2023 17:34:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=gWGRlaTk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231256AbjGUXA2 (ORCPT + 99 others); Fri, 21 Jul 2023 19:00:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48738 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231190AbjGUXAV (ORCPT ); Fri, 21 Jul 2023 19:00:21 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DFF5E3AA3 for ; Fri, 21 Jul 2023 16:00:19 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id d9443c01a7336-1b8a7734734so14247045ad.2 for ; Fri, 21 Jul 2023 16:00:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689980419; x=1690585219; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=Hf66Tg9z6eVGNOq7lITDvOc5Z8kagkKjdF0cIF19+es=; b=gWGRlaTkn5NiQLzTFkJJKM2s4Vv0wJGMneYaEHOeICGvTQoBJES+ZxeOaxEYUZZ8H/ aLgB8W2eVwNHUj+L5gE16Bl9H4JCMo1jGVfETz9hdyOEhIOdqK4qUaEnHiyFgT3I5xvw 5T05h3Lp3sUtvhTNneKrxTx1I6X497FTCSBHT4zPNmNGobPrsW5GniH4Q83Wpsg84klB BoNg3UF4Ix1V+9TO5Vo7EA8b8WvxG0sO4gwmvOZvacxW6B3glGXlVviCggBB5PUN470T AxanZ4SsftqURjvz+fPuPucWNINaeTK/YOLjg38HJr+MNi6DcmrliLE9v0nUEQxlvldR Td2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689980419; x=1690585219; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Hf66Tg9z6eVGNOq7lITDvOc5Z8kagkKjdF0cIF19+es=; b=hB86obYvpZ89OkgucrOSIPYnojPS8f9iFUTyqaN6+kdSSnFh8NnzF13OVMoDqrf357 QPX/KkhN+ylJplzbixXX1XN3xgiAFhOATpgggvn+FLp4pot6O0sQtEHrdJldxoyHiXu5 7jQjwM+AV4fl5KdIPJ3MGx298ZL3tOGJ348ozLluuIobjwgtW8zUNbYqo8XWId4Zqhs/ dufimSB5xFlEANUzxlGg8qDAAHohHzduhgOiSw5Py635inX4Y5BEFTwDwRWKLuOGdSwR ji5P6iZ585Sgq/lha5+tM1UOsqWgzuF9tgQhOcJ1p7mO/p2ubQ/kSWDYxUD/N6M4hTHH k/0A== X-Gm-Message-State: ABy/qLbO4ZC9dn2fg3lsfbEsWI5zgm8IwynsgbqJf1n2cUlz4PHk/hu7 EKLkinW8AB706Ubzp5+HZZPp0KJDWLc= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:dad2:b0:1b8:5541:9d4d with SMTP id q18-20020a170902dad200b001b855419d4dmr13969plx.6.1689980419181; Fri, 21 Jul 2023 16:00:19 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 16:00:02 -0700 In-Reply-To: <20230721230006.2337941-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721230006.2337941-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721230006.2337941-6-seanjc@google.com> Subject: [PATCH v2 5/9] KVM: x86/mmu: Bug the VM if a vCPU ends up in long mode without PAE enabled From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Mingwei Zhang , David Matlack , Jim Mattson X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772078807206041060 X-GMAIL-MSGID: 1772078807206041060 Promote the ASSERT(), which is quite dead code in KVM, into a KVM_BUG_ON() for KVM's sanity check that CR4.PAE=1 if the vCPU is in long mode when performing a walk of guest page tables. The sanity is quite cheap since neither EFER nor CR4.PAE requires a VMREAD, especially relative to the cost of walking the guest page tables. More importantly, the sanity check would have prevented the true badness fixed by commit 112e66017bff ("KVM: nVMX: add missing consistency checks for CR0 and CR4"). The missed consistency check resulted in some versions of KVM corrupting the on-stack guest_walker structure due to KVM thinking there are 4/5 levels of page tables, but wiring up the MMU hooks to point at the paging32 implementation, which only allocates space for two levels of page tables in "struct guest_walker32". Queue a page fault for injection if the assertion fails, as both callers, FNAME(gva_to_gpa) and FNAME(walk_addr_generic), assume that walker.fault contains sane info on a walk failure. E.g. not populating the fault info could result in KVM consuming and/or exposing uninitialized stack data before the vCPU is kicked out to userspace, which doesn't happen until KVM checks for KVM_REQ_VM_DEAD on the next enter. Move the check below the initialization of "pte_access" so that the aforementioned to-be-injected page fault doesn't consume uninitialized stack data. The information _shouldn't_ reach the guest or userspace, but there's zero downside to being paranoid in this case. Signed-off-by: Sean Christopherson --- arch/x86/kvm/mmu/paging_tmpl.h | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index a3fc7c1a7f8d..f8d358226ac6 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -338,7 +338,6 @@ static int FNAME(walk_addr_generic)(struct guest_walker *walker, } #endif walker->max_level = walker->level; - ASSERT(!(is_long_mode(vcpu) && !is_pae(vcpu))); /* * FIXME: on Intel processors, loads of the PDPTE registers for PAE paging @@ -348,6 +347,17 @@ static int FNAME(walk_addr_generic)(struct guest_walker *walker, nested_access = (have_ad ? PFERR_WRITE_MASK : 0) | PFERR_USER_MASK; pte_access = ~0; + + /* + * Queue a page fault for injection if this assertion fails, as callers + * assume that walker.fault contains sane info on a walk failure. I.e. + * avoid making the situation worse by inducing even worse badness + * between when the assertion fails and when KVM kicks the vCPU out to + * userspace (because the VM is bugged). + */ + if (KVM_BUG_ON(is_long_mode(vcpu) && !is_pae(vcpu), vcpu->kvm)) + goto error; + ++walker->level; do { From patchwork Fri Jul 21 23:00:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124152 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp535069vqg; Fri, 21 Jul 2023 17:07:38 -0700 (PDT) X-Google-Smtp-Source: APBJJlHwORqTqIRSZb2xR8IHF1fgOZVFj6LXuv/X6o8RAyzAhHUox64DIBeNGhZXn9Xuv9nbGjAK X-Received: by 2002:aa7:c54e:0:b0:51d:9905:6f60 with SMTP id s14-20020aa7c54e000000b0051d99056f60mr2426487edr.41.1689984458683; Fri, 21 Jul 2023 17:07:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689984458; cv=none; d=google.com; s=arc-20160816; b=rT+US2EHRrBTpZFwjgx11jNNZhYBi6q2TQBsh98ZL1jEOqPwVLSJqjs2FO8vZEwHOU rDIqU+O5TYEXhtI1cR6yrll3k9nV2nglcYRCZPM1MT+/YsWPiAL+XO99IR1G59inTKkN jlXyHwKo73VWW2QKuVc4hMZI0p9cBgslcSMwAX2b/uTU8ZG7/MycdCXpHfstVZW83455 cJnVK5sJ1ULMwilaRo32+SXsCbLOaOeL4ZSpq0qRHhG2TkN6IYFQATNAbl1Wlx71q+lo r1gSSliG+RBCJ7KPYE/Dk4XtkHdsPrzcL+msvSGj38MmEclbPkDzwosAAdGmmEdyw3iZ N7Gg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=X/oIShHlu0RWHnSfFLoqzSAF9H1dCTHQouzdEN73lD8=; fh=sOnAx2GuCQaI5IJu7Mo1xgLCDrPH4l5HM1pSkvn/pIo=; b=ksh7VdgSNJ1V6vz0i1jzwF3VS+FB2vKJUwV5hgWUVCwWDp4N+/xVms7kVOgW20fh6Z t3wQHU7y1bhvPPI2V/yWXASIigEZXEOG3p0IfiyTy8IJkDHzwwMXqmJ91aNbBNZh8Pr4 0YDZHGbtGtA4AaRLQHaVqSXNU2ANLR93w1OPnH2Srmew1ob8g4l+al0/9Ac6dw0IDrvg vsmY6MEZsLnduu1la8sUmo+/vbQ206rdQtI6FtppXPuF1qMDhntWM5jX6d6L69i4DQ6k G5FXkl6/6ZlVnPmvGqNjULI2/31FGvtYNWCPAyKDy7mgfv4Jx8dHXoIe/AnhvXp4eZup +9gA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=pwTqHKWT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s13-20020a056402164d00b0051df75a5cb3si3034957edx.472.2023.07.21.17.07.13; Fri, 21 Jul 2023 17:07:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=pwTqHKWT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231295AbjGUXAk (ORCPT + 99 others); Fri, 21 Jul 2023 19:00:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48752 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231179AbjGUXA1 (ORCPT ); Fri, 21 Jul 2023 19:00:27 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4DD5E3A9E for ; Fri, 21 Jul 2023 16:00:22 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-5704991ea05so25109677b3.1 for ; Fri, 21 Jul 2023 16:00:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689980421; x=1690585221; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=X/oIShHlu0RWHnSfFLoqzSAF9H1dCTHQouzdEN73lD8=; b=pwTqHKWTE0X3bdnmjOpODVldyzk1dIzpF7+/KwNuUcq64cH0kstCCEWs/DVZKzzEcQ UIYI4y3o0dgHuY00MGLBeSShDY9DK9C+Vfe4LhtztHr1nAl9wCZc6nU2bDk/liPtPPYx eAE7ePKu5VeqX1llGnUpHdkCH0Naz8m2VAO2fa1k9qT0yn88NXpzEGgopXRvGimnBP79 cCyS3p/HCCNaTaVR6tDiHh7Jk/rUY4F9H9aVkv+jM+VqiQSGK7B7d2bMKDH9A9eDIub9 sJnTzFf4aggrhXC+PkV0I/dQ1oj5ueL69wIDEM+TJnL9gSTW5M1DReAyvT+tQK2kt83X SGPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689980421; x=1690585221; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=X/oIShHlu0RWHnSfFLoqzSAF9H1dCTHQouzdEN73lD8=; b=ja9kvnyLJpeaxO+fXqeZtICdVHs0WNUtMP8bhMDTulDHVA1DSJ5o4OjULmRsav62EM RKLBUBN4YdN3IqIxrKcJH7cSa2f+FeO1hH2EzvVjzeq/fq3hQOASyRWYFaJ5nTOhLXas rHDN2RCuvE7jrQsfaZWGPaG8+ZwvkppyN67qPvG0vi5a1LoScqnbCW66AXuBLgsIZnAV h6S+lCce45ADJopLbJz2emOEr8Zg5AU/0OCHWUY7s5lgB4uEFcd0HYzGcdKwtak0uZmv Dl0EycuTvRjnPR6j4p38OjfIKCzNZDFs5RqL0xDabGT8nbJkghoG+C3Lrn6+ZkuRggQR IcAw== X-Gm-Message-State: ABy/qLYJVhXLgFXm9OaQDfst2EgYJ87Zfp6Al5L2eGyazU8ai1iIKH3v mYJkv50Dx/r5qw8Y904HsMrWaZlEypg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:ae18:0:b0:577:4540:905a with SMTP id m24-20020a81ae18000000b005774540905amr12452ywh.7.1689980421153; Fri, 21 Jul 2023 16:00:21 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 16:00:03 -0700 In-Reply-To: <20230721230006.2337941-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721230006.2337941-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721230006.2337941-7-seanjc@google.com> Subject: [PATCH v2 6/9] KVM: x86/mmu: Replace MMU_DEBUG with proper KVM_PROVE_MMU Kconfig From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Mingwei Zhang , David Matlack , Jim Mattson X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772077143571806999 X-GMAIL-MSGID: 1772077143571806999 Replace MMU_DEBUG, which requires manually modifying KVM to enable the macro, with a proper Kconfig, KVM_PROVE_MMU. Now that pgprintk() and rmap_printk() are gone, i.e. the macro guards only KVM_MMU_WARN_ON() and won't flood the kernel logs, enabling the option for debug kernels is both desirable and feasible. Signed-off-by: Sean Christopherson --- arch/x86/kvm/Kconfig | 13 +++++++++++++ arch/x86/kvm/mmu/mmu.c | 4 ++-- arch/x86/kvm/mmu/mmu_internal.h | 4 +--- 3 files changed, 16 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 89ca7f4c1464..4e5a282cc518 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -138,6 +138,19 @@ config KVM_XEN If in doubt, say "N". +config KVM_PROVE_MMU + bool "Prove KVM MMU correctness" + depends on DEBUG_KERNEL + depends on KVM + depends on EXPERT + help + Enables runtime assertions in KVM's MMU that are too costly to enable + in anything remotely resembling a production environment, e.g. this + gates code that verifies a to-be-freed page table doesn't have any + present SPTEs. + + If in doubt, say "N". + config KVM_EXTERNAL_WRITE_TRACKING bool diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index eb6af9c4cf14..933e48a73a9a 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -1693,7 +1693,7 @@ bool kvm_test_age_gfn(struct kvm *kvm, struct kvm_gfn_range *range) return young; } -#ifdef MMU_DEBUG +#ifdef CONFIG_KVM_PROVE_MMU static int is_empty_shadow_page(u64 *spt) { u64 *pos; @@ -1707,7 +1707,7 @@ static int is_empty_shadow_page(u64 *spt) } return 1; } -#endif +#endif /* CONFIG_KVM_PROVE_MMU */ /* * This value is the sum of all of the kvm instances's diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h index cfe925fefa68..40e74db6a7d5 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -6,9 +6,7 @@ #include #include -#undef MMU_DEBUG - -#ifdef MMU_DEBUG +#ifdef CONFIG_KVM_PROVE_MMU #define KVM_MMU_WARN_ON(x) WARN_ON_ONCE(x) #else #define KVM_MMU_WARN_ON(x) do { } while (0) From patchwork Fri Jul 21 23:00:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124163 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp545812vqg; Fri, 21 Jul 2023 17:38:24 -0700 (PDT) X-Google-Smtp-Source: APBJJlG3w47RlWQR7JJH1a2RJOFf+wdH39g2hIetneX/UygoIywPZzsLWGddaJ51axCQGLqnwR0d X-Received: by 2002:aa7:cb4b:0:b0:51a:5a25:6631 with SMTP id w11-20020aa7cb4b000000b0051a5a256631mr2901629edt.3.1689986304375; Fri, 21 Jul 2023 17:38:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689986304; cv=none; d=google.com; s=arc-20160816; b=uh2JLtQJRt7vgBfKoiOPHuzF0eT4t4Ci6YsETcfHWbvv0rjccpqNo3cOZGubhBtwws EmXi0DKJoWTEXkKnRxFEl7dvOSO42LbEqJWl/iUVbFySPHfHtjMCPMsyzQ6RMmdIqo7i 6Uoja4z9KS2t1lApLEbIpgaovWTZkGbbRiRg1j0m47IjNYoVxUqrQ485QtXS2Kcsh4U2 k/+JPfistQiv1fQYJUXUJ2ccFoB35aCGNf+iPn5qOHgu1VwbBmvrjF8NLK7JS4K5GXe2 I/dOyrbhiF6UODaML7os8L81NUWNOiKF3PoppdujkXwE7F6Qt1BlF2cxfZT+5PWrG/RV +24g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=N+/CFCalnN5xPq+FJCMcppiU8/rhXPIN/0hig0msSo8=; fh=sOnAx2GuCQaI5IJu7Mo1xgLCDrPH4l5HM1pSkvn/pIo=; b=Wub8AwawIWgTNvA5gFngitR8B0lrk99Q87KY8GhkR+5tzLBdX7WgJD4CWN5oFN71TQ 37DSipPVhmk/pWxA5+zsO22jxB9DWpzdsAxubYxE8Z7bWcTNSXhLEHn7QA0TG7OPISMs ha8SQ5n9ZGnvlwqj9t4KJ1qY0wWJipVxRNjTmCVpCRM40QQ8aOk7WfLm4IkgJ2M41nkn nzFWQATMwzXMPvQAReaNqoT3hmByqClUu7xe/S1FoCpYRsrPNjoXI2n/J9Z9cGcnsLrm GZTnCBz/d+SwwJt/ds7lcJgPoZpDKB5uOEr8+latQVWRbmWM1xnplvOMxwm9B3ZL959B 8d2w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=O+6lv7D0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y7-20020aa7d507000000b0051ddc36463dsi2853549edq.629.2023.07.21.17.38.01; Fri, 21 Jul 2023 17:38:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=O+6lv7D0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231327AbjGUXAm (ORCPT + 99 others); Fri, 21 Jul 2023 19:00:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48908 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231252AbjGUXA2 (ORCPT ); Fri, 21 Jul 2023 19:00:28 -0400 Received: from mail-pl1-x649.google.com (mail-pl1-x649.google.com [IPv6:2607:f8b0:4864:20::649]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 488383C0D for ; Fri, 21 Jul 2023 16:00:24 -0700 (PDT) Received: by mail-pl1-x649.google.com with SMTP id d9443c01a7336-1bb7b0b8315so5024525ad.1 for ; Fri, 21 Jul 2023 16:00:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689980423; x=1690585223; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=N+/CFCalnN5xPq+FJCMcppiU8/rhXPIN/0hig0msSo8=; b=O+6lv7D05Q0OUUA9ynt/KcA/czw0nVCmbf+DG+BCK0K9Z7aCmw2tgEyYalVuedspq8 piJatN1AxWJYSYEWXCgEWV6Lj9WRMaYOQpNFZf/D6YxBGvXXC9sxFeWVnYSsh9PgdALK TI08rE9tC6B2sbC+Jjczj0KDs710pw7/X1Q1ffZt9W4t0WnhvXUr1aVaNL8cXazRCmS1 C0EhZctoNOm/7wdzAXrff4qAVIbwy2Z8bb+Wn7hr5Vao+gofADZJgTNphVeN4r5pIW46 fLax9V/1g5GZUDnUccR06p1tDp+XdU1R4e6QA1byPUciyCipHt9n184iwnlMoLNkuP/D gFtw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689980423; x=1690585223; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=N+/CFCalnN5xPq+FJCMcppiU8/rhXPIN/0hig0msSo8=; b=kc85QfgtXFe3pKuaHl/HW6zHMTYXo7Bg4wmkvzHFa/lQiOjbfHzEa4plksgpwhF23k vwMtg9E+VBpQ4EQk53aPSs7zvD9cmq5MMraWpBdrspninCxPWRNnsHdYaSZctQxvEpti ua8i5tTVhpf58+wQZ26G5WlRCRHByNG1jC7bZt3MmGE7NWJ36akRGzo3kKRrUN7qbJ0G UiCG83lF6EOX9s+1HebZP+cagZBdmlPL193/M4lPlDQIbKTz+L9NPN0MZPags9xbKrfs LetpOpt4/Zzf4wWoQPUW/NXEQDZoy8u+HeeK03rx5rZcCPqZtVyGtLFR2XImwjdKgmLK djDg== X-Gm-Message-State: ABy/qLaO23uKa7hGOS+ZKGCvZaa0kwI2Y31X121ns4+knQmd9c/dXQpY tSSPZnhhsShgYevherDjYbIHETf+MHE= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:e74a:b0:1b8:b7fc:9aa1 with SMTP id p10-20020a170902e74a00b001b8b7fc9aa1mr13677plf.1.1689980423625; Fri, 21 Jul 2023 16:00:23 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 16:00:04 -0700 In-Reply-To: <20230721230006.2337941-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721230006.2337941-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721230006.2337941-8-seanjc@google.com> Subject: [PATCH v2 7/9] KVM: x86/mmu: Use BUILD_BUG_ON_INVALID() for KVM_MMU_WARN_ON() stub From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Mingwei Zhang , David Matlack , Jim Mattson X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772079079230278978 X-GMAIL-MSGID: 1772079079230278978 Use BUILD_BUG_ON_INVALID() instead of an empty do-while loop to stub out KVM_MMU_WARN_ON() when CONFIG_KVM_PROVE_MMU=n, that way _some_ build issues with the usage of KVM_MMU_WARN_ON() will be dected even if the kernel is using the stubs, e.g. basic syntax errors will be detected. Signed-off-by: Sean Christopherson --- arch/x86/kvm/mmu/mmu_internal.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h index 40e74db6a7d5..f1ef670058e5 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -9,7 +9,7 @@ #ifdef CONFIG_KVM_PROVE_MMU #define KVM_MMU_WARN_ON(x) WARN_ON_ONCE(x) #else -#define KVM_MMU_WARN_ON(x) do { } while (0) +#define KVM_MMU_WARN_ON(x) BUILD_BUG_ON_INVALID(x) #endif /* Page table builder macros common to shadow (host) PTEs and guest PTEs. */ From patchwork Fri Jul 21 23:00:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124147 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp516718vqg; Fri, 21 Jul 2023 16:17:53 -0700 (PDT) X-Google-Smtp-Source: APBJJlG/BJMCn4YGGUQ740cKYyTicuPc+zRpl0QU9NQ+KfC1hxSHqxHAjrbu22Boi6A9aKYCx6SJ X-Received: by 2002:a05:6358:889:b0:131:94f:b4ff with SMTP id m9-20020a056358088900b00131094fb4ffmr1862887rwj.5.1689981472856; Fri, 21 Jul 2023 16:17:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689981472; cv=none; d=google.com; s=arc-20160816; b=IKgZY4AB0f7BYrBcqcbD4tjo209ciCQW799bPYLDYMedMN+mELtpISpGAC1cty8vlV SbTlQMf0LR42l6YIW+MDNFz1HNMRN3aNWHn1eDBrJ7zOxN99BXG0LLEbFKWZoBsVpEy/ vEjNF5UhU9iVTjqVFi6usWnBsQSw5i3jLwH8I334HLC7tjvi0zBpNh7OEWjvNrtvYoHZ iV7XxUaPBU4QE5irh7VT3JOLVzZRbII93+hG1PTOFmaa8nkA6Vl7l02QEGm+PJ//MYgF ixYjdRnIuSfaqzNp+YUeFl/2/0H562OVq0eL+J3q9QwrNZwbchhgc7Mz9lPlmYX2lqYI xdAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=PLkSwB6tRh7JnFVgr30kOLaNRpwq5sUpwdYDiH0NxiY=; fh=sOnAx2GuCQaI5IJu7Mo1xgLCDrPH4l5HM1pSkvn/pIo=; b=xLI2DVxBNRChdt5TZnwITbH7L33iHsPAaf9zPHQPaltz1SC7mXWFq1PvQSA41XrDjs IOnYSbp4Yi8XMPbuFfHQPKULn9eSh/VtJ+srilch+X+PDxVAYKUYqPuSMlNpsbqgk4De umCKJ4xm9QCcgGdS+iYdYpKWIAh8I3wYnbfvh9HuoeGMtAjdyiLffBq9xErcZOMOJlk2 41uXNBmj7+Tr1RPDW/7uQ63cWyD6GRlD4TN/OlFTNQ2kiUk/AadDdbfCHxf4+b+S/p4t 7jvfluUMZtkAb8rBItY7rRtyPX2yvsxwr9SwBmAB5YWjXHBnvHL16vXUQxStKs29Ta4q KLkw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=et21q4jW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i12-20020a633c4c000000b0055adfd71daesi2415775pgn.663.2023.07.21.16.17.40; Fri, 21 Jul 2023 16:17:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=et21q4jW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231246AbjGUXAv (ORCPT + 99 others); Fri, 21 Jul 2023 19:00:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48870 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231239AbjGUXAk (ORCPT ); Fri, 21 Jul 2023 19:00:40 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 73B723C1F for ; Fri, 21 Jul 2023 16:00:26 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id d9443c01a7336-1bb7b0b8315so5024705ad.1 for ; Fri, 21 Jul 2023 16:00:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689980425; x=1690585225; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=PLkSwB6tRh7JnFVgr30kOLaNRpwq5sUpwdYDiH0NxiY=; b=et21q4jW2oI5WQNLlFaRkxQCMVyGGgcs4+y24fpzOsPzXRNvf7yEdkMT1oeo7ANhvJ 89Igf1qRGyAKQ6P0v/Jsy786tsOFF6zbVcyHrXg2hQPuH3ZFAM0n0EnkRHve6v6YLzeu sHbdwQAgnkWG/389w1nyDBEF/mC9ixug2JbmyK+nHF3Fln+QoNT0mJkUVcEcSSArQSk2 y9Lk5hkiRTxoY6rvX3KGaT5EXH7jrlvsGYgBxuDkkrVrUGWoUXc//TypGfz2EmoutoDZ 93WB8lzAm7xfjQzIHUqmH+26nAi1+D0aZWE1PFbuG6EqifzZxZEZXJT9cTXkxzO9cLFC OcSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689980425; x=1690585225; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=PLkSwB6tRh7JnFVgr30kOLaNRpwq5sUpwdYDiH0NxiY=; b=So6W8hta/z0o90/7yPmwU+ZtA15K4eLD2q22KaVUprXPM7FrzRzmk71+ozviOTfxf/ /QSQG2OJlb/8zI1W0H9T+dtUqzfC4l/S6gWRsQ+Vq21oAE3swGrPX2EE0w7Ha9vrpXAC G+3eNE/VFYZjlfVL0mqaq5oeRAzTheBNwHAJiASSD7L535c0WN8pC18PKVmvfFS89X4c +yU1P5o5LiKePTx0cVH3YaMUVQ6B08PbrIn4/mK5ooWypjtv0odWTRUJ1SIi9eB9EDHc OwyIvtiayZrK5w6eHchyfZ5IHHXvYBme1rCvjix4Dv2hXAbmfPdpgehNnk5kOa7r10wt 54Xw== X-Gm-Message-State: ABy/qLYKIST5I6tonMSbZJitaYhypNjq3uszKHQESSM7ul2A2h4Pij0G dSeHweZHk6ZGHjnZa7tPIFEcTUj7caE= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:f684:b0:1b8:a552:c8c9 with SMTP id l4-20020a170902f68400b001b8a552c8c9mr14093plg.13.1689980425184; Fri, 21 Jul 2023 16:00:25 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 16:00:05 -0700 In-Reply-To: <20230721230006.2337941-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721230006.2337941-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721230006.2337941-9-seanjc@google.com> Subject: [PATCH v2 8/9] KVM: x86/mmu: Plumb "struct kvm" all the way to pte_list_remove() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Mingwei Zhang , David Matlack , Jim Mattson X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772074012973210999 X-GMAIL-MSGID: 1772074012973210999 From: Mingwei Zhang Plumb "struct kvm" all the way to pte_list_remove() to allow the usage of KVM_BUG() and/or KVM_BUG_ON(). This will allow killing only the offending VM instead of doing BUG() if the kernel is built with CONFIG_BUG_ON_DATA_CORRUPTION=n, i.e. does NOT want to BUG() if KVM's data structures (rmaps) appear to be corrupted. Signed-off-by: Mingwei Zhang [sean: tweak changelog] Signed-off-by: Sean Christopherson --- arch/x86/kvm/mmu/mmu.c | 33 ++++++++++++++++++--------------- 1 file changed, 18 insertions(+), 15 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 933e48a73a9a..b6cc261d7748 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -965,7 +965,8 @@ static int pte_list_add(struct kvm_mmu_memory_cache *cache, u64 *spte, return count; } -static void pte_list_desc_remove_entry(struct kvm_rmap_head *rmap_head, +static void pte_list_desc_remove_entry(struct kvm *kvm, + struct kvm_rmap_head *rmap_head, struct pte_list_desc *desc, int i) { struct pte_list_desc *head_desc = (struct pte_list_desc *)(rmap_head->val & ~1ul); @@ -1001,7 +1002,8 @@ static void pte_list_desc_remove_entry(struct kvm_rmap_head *rmap_head, mmu_free_pte_list_desc(head_desc); } -static void pte_list_remove(u64 *spte, struct kvm_rmap_head *rmap_head) +static void pte_list_remove(struct kvm *kvm, u64 *spte, + struct kvm_rmap_head *rmap_head) { struct pte_list_desc *desc; int i; @@ -1020,7 +1022,8 @@ static void pte_list_remove(u64 *spte, struct kvm_rmap_head *rmap_head) while (desc) { for (i = 0; i < desc->spte_count; ++i) { if (desc->sptes[i] == spte) { - pte_list_desc_remove_entry(rmap_head, desc, i); + pte_list_desc_remove_entry(kvm, rmap_head, + desc, i); return; } } @@ -1035,7 +1038,7 @@ static void kvm_zap_one_rmap_spte(struct kvm *kvm, struct kvm_rmap_head *rmap_head, u64 *sptep) { mmu_spte_clear_track_bits(kvm, sptep); - pte_list_remove(sptep, rmap_head); + pte_list_remove(kvm, sptep, rmap_head); } /* Return true if at least one SPTE was zapped, false otherwise */ @@ -1110,7 +1113,7 @@ static void rmap_remove(struct kvm *kvm, u64 *spte) slot = __gfn_to_memslot(slots, gfn); rmap_head = gfn_to_rmap(gfn, sp->role.level, slot); - pte_list_remove(spte, rmap_head); + pte_list_remove(kvm, spte, rmap_head); } /* @@ -1758,16 +1761,16 @@ static void mmu_page_add_parent_pte(struct kvm_mmu_memory_cache *cache, pte_list_add(cache, parent_pte, &sp->parent_ptes); } -static void mmu_page_remove_parent_pte(struct kvm_mmu_page *sp, +static void mmu_page_remove_parent_pte(struct kvm *kvm, struct kvm_mmu_page *sp, u64 *parent_pte) { - pte_list_remove(parent_pte, &sp->parent_ptes); + pte_list_remove(kvm, parent_pte, &sp->parent_ptes); } -static void drop_parent_pte(struct kvm_mmu_page *sp, +static void drop_parent_pte(struct kvm *kvm, struct kvm_mmu_page *sp, u64 *parent_pte) { - mmu_page_remove_parent_pte(sp, parent_pte); + mmu_page_remove_parent_pte(kvm, sp, parent_pte); mmu_spte_clear_no_track(parent_pte); } @@ -2482,7 +2485,7 @@ static void validate_direct_spte(struct kvm_vcpu *vcpu, u64 *sptep, if (child->role.access == direct_access) return; - drop_parent_pte(child, sptep); + drop_parent_pte(vcpu->kvm, child, sptep); kvm_flush_remote_tlbs_sptep(vcpu->kvm, sptep); } } @@ -2500,7 +2503,7 @@ static int mmu_page_zap_pte(struct kvm *kvm, struct kvm_mmu_page *sp, drop_spte(kvm, spte); } else { child = spte_to_child_sp(pte); - drop_parent_pte(child, spte); + drop_parent_pte(kvm, child, spte); /* * Recursively zap nested TDP SPs, parentless SPs are @@ -2531,13 +2534,13 @@ static int kvm_mmu_page_unlink_children(struct kvm *kvm, return zapped; } -static void kvm_mmu_unlink_parents(struct kvm_mmu_page *sp) +static void kvm_mmu_unlink_parents(struct kvm *kvm, struct kvm_mmu_page *sp) { u64 *sptep; struct rmap_iterator iter; while ((sptep = rmap_get_first(&sp->parent_ptes, &iter))) - drop_parent_pte(sp, sptep); + drop_parent_pte(kvm, sp, sptep); } static int mmu_zap_unsync_children(struct kvm *kvm, @@ -2576,7 +2579,7 @@ static bool __kvm_mmu_prepare_zap_page(struct kvm *kvm, ++kvm->stat.mmu_shadow_zapped; *nr_zapped = mmu_zap_unsync_children(kvm, sp, invalid_list); *nr_zapped += kvm_mmu_page_unlink_children(kvm, sp, invalid_list); - kvm_mmu_unlink_parents(sp); + kvm_mmu_unlink_parents(kvm, sp); /* Zapping children means active_mmu_pages has become unstable. */ list_unstable = *nr_zapped; @@ -2934,7 +2937,7 @@ static int mmu_set_spte(struct kvm_vcpu *vcpu, struct kvm_memory_slot *slot, u64 pte = *sptep; child = spte_to_child_sp(pte); - drop_parent_pte(child, sptep); + drop_parent_pte(vcpu->kvm, child, sptep); flush = true; } else if (pfn != spte_to_pfn(*sptep)) { drop_spte(vcpu->kvm, sptep); From patchwork Fri Jul 21 23:00:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124148 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp524195vqg; Fri, 21 Jul 2023 16:37:14 -0700 (PDT) X-Google-Smtp-Source: APBJJlHJuZ1kn+O8aTfdcp385OCytv+QZKD3WqdZ3tD+39jVxOMnLT8uyNKjowMNsfy04HdU7RJC X-Received: by 2002:a17:906:7686:b0:973:fd02:a41f with SMTP id o6-20020a170906768600b00973fd02a41fmr2944528ejm.40.1689982633814; Fri, 21 Jul 2023 16:37:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689982633; cv=none; d=google.com; s=arc-20160816; b=HeN2RZgNiC0yWqzf/S9WQg8BZuVudFdz9hgdn6CuJq82JEXqUTXVg/6SqjBug7VNiZ eYoUEPAyJ0i9iunxQ38ATjQR+lWasTWEut0t1tw3fqK+rfCrI3pBNfEkIUt25FSr69wr zRSPE73QnapoZxnie6nCm6TebbsZiISLuW8HkUYzDlBK8XB3ROcaC2BPg6xPCtcL/Pt7 CVOCA7nttFq1Q3OAqehySa5nsgLasngx549JcjHwAeLAeU+fKhHKHOYBMM3IiB0W0ve8 aGAMlqlQI6dveQXinZcoE0BWimYR95xHgZFm/fhjMQFlyKahuIo3iTR9v+p/RP6pR5rj k8Ng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=usSK3yeb2+dbKuXeDCW9x7zKGJjv9CPmyUgQidtHNNE=; fh=sOnAx2GuCQaI5IJu7Mo1xgLCDrPH4l5HM1pSkvn/pIo=; b=KkgWs46h+JT8+PKugAspnuV6JmlwVVB827DirzZO+WhhQwp7wR53vLLYLeREhiWSZ/ GK7mJ3FVe2Yc6V+34+Rx23ooOkwfqemW75Hs0SJNMDTqQ8Z2UhIUt5Rkw+AIHPQM8MOJ jQMA1KqWSkg2iG/7LPXVf/JdhZCgXKWCP610rBrbFN7mGsdJruL6hwHnRp1e7B+PVBp4 OY8jrEuf+BWUdsGYR+MUY+oWk6hTxp94H3QnLh9HffPaIDUxPeekjKyqHEb9iFWsOLUx +X5+c2y5v/bRmh6lzubs/lLPwIFSuJOxn1kQZqYorug9d98VRsul0zc2H+5XywbhA3bM tT1Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b="y1ewr/kb"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p26-20020a170906141a00b00993664a9970si2887083ejc.873.2023.07.21.16.36.45; Fri, 21 Jul 2023 16:37:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b="y1ewr/kb"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231312AbjGUXAy (ORCPT + 99 others); Fri, 21 Jul 2023 19:00:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49124 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231316AbjGUXAl (ORCPT ); Fri, 21 Jul 2023 19:00:41 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 848323C3D for ; Fri, 21 Jul 2023 16:00:28 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-569e7aec37bso28215937b3.2 for ; Fri, 21 Jul 2023 16:00:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689980427; x=1690585227; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=usSK3yeb2+dbKuXeDCW9x7zKGJjv9CPmyUgQidtHNNE=; b=y1ewr/kbrOutA8ZR9xcOf7OlMOdxw6k07Xh+KfWIE5JsL+KhmTlZRyCEhNpAHfv87x ie7QOITXavYjalaAjDKeXxQMwYjdQPvh7z+EaFByJvIgPz+DmyjSWp6GSdvQriAwM0Lf p+nf/mRt4XJCGhhorw6p3qGCi5tF/q/MSoiOaW4ofuVk7Hjpw4Z5Myh8bQ87UgCzU6Yc aQLyGCcnbkLKU0sBEkRgdd/xkiOJjKj/Qj/zWLX8yde8ERQtkxMVF/GAz4EnSPdHF0jQ yDpY/QJ4hCBXtx6pyOpZ/f6fjGbs1EKXZQ6ROP6h5PsdVYKo5B7DY+Vzfh+v998P/MiR 0kTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689980427; x=1690585227; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=usSK3yeb2+dbKuXeDCW9x7zKGJjv9CPmyUgQidtHNNE=; b=GzpnhZ6kuKg36R0XU4IV9tDg4K5iPqGZCKKKAG/+TJb+Nx97yhESLg0313tvkiAY4y 3QOmT6QDD0n8j46qP8rA4PMXH/NmAw65FbgGqVwrUWu6lMc0bvXfK6w2w3NnQbGeDAtl HNueWwFfeYUBjlDgmSeIU/9UQQXRi6mC2OXfzcSRCxHO7EvEemigYLEaEORBAXwPTZNa Jg8ReTeCnXOXQ4T/5G2hZGOkebh7ueqcG4H+eHA27lhdEOlB1WnqpZKdLV74EWkrNvpX mO4nMUWncZJa3lYCrb15aiGLLNoeQRdCEKI1Yj85tWO/swk5WND0C5CWEO9TQFYH5T+l C+8g== X-Gm-Message-State: ABy/qLa96rzJ7u/duXe/HjBkGGhPW7Ce+GT/WRS+M8A0RGXx3YwfyrTp 0rGkKM6DXwTKr0jELV85w30nzsPu8U4= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a5b:bc2:0:b0:ce9:64b3:80dc with SMTP id c2-20020a5b0bc2000000b00ce964b380dcmr21029ybr.1.1689980427316; Fri, 21 Jul 2023 16:00:27 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 16:00:06 -0700 In-Reply-To: <20230721230006.2337941-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721230006.2337941-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721230006.2337941-10-seanjc@google.com> Subject: [PATCH v2 9/9] KVM: x86/mmu: BUG() in rmap helpers iff CONFIG_BUG_ON_DATA_CORRUPTION=y From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Mingwei Zhang , David Matlack , Jim Mattson X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772075230005640234 X-GMAIL-MSGID: 1772075230005640234 Introduce KVM_BUG_ON_DATA_CORRUPTION() and use it in the low-level rmap helpers to convert the existing BUG()s to WARN_ON_ONCE() when the kernel is built with CONFIG_BUG_ON_DATA_CORRUPTION=n, i.e. does NOT want to BUG() on corruption of host kernel data structures. Environments that don't have infrastructure to automatically capture crash dumps, i.e. aren't likely to enable CONFIG_BUG_ON_DATA_CORRUPTION=y, are typically better served overall by WARN-and-continue behavior (for the kernel, the VM is dead regardless), as a BUG() while holding mmu_lock all but guarantees the _best_ case scenario is a panic(). Make the BUG()s conditional instead of removing/replacing them entirely as there's a non-zero chance (though by no means a guarantee) that the damage isn't contained to the target VM, e.g. if no rmap is found for a SPTE then KVM may be double-zapping the SPTE, i.e. has already freed the memory the SPTE pointed at and thus KVM is reading/writing memory that KVM no longer owns. Link: https://lore.kernel.org/all/20221129191237.31447-1-mizhang@google.com Suggested-by: Mingwei Zhang Cc: David Matlack Cc: Jim Mattson Reviewed-by: Mingwei Zhang Signed-off-by: Sean Christopherson --- arch/x86/kvm/mmu/mmu.c | 21 ++++++++++----------- include/linux/kvm_host.h | 19 +++++++++++++++++++ 2 files changed, 29 insertions(+), 11 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index b6cc261d7748..69f65f7b6158 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -977,7 +977,7 @@ static void pte_list_desc_remove_entry(struct kvm *kvm, * when adding an entry and the previous head is full, and heads are * removed (this flow) when they become empty. */ - BUG_ON(j < 0); + KVM_BUG_ON_DATA_CORRUPTION(j < 0, kvm); /* * Replace the to-be-freed SPTE with the last valid entry from the head @@ -1008,14 +1008,13 @@ static void pte_list_remove(struct kvm *kvm, u64 *spte, struct pte_list_desc *desc; int i; - if (!rmap_head->val) { - pr_err("%s: %p 0->BUG\n", __func__, spte); - BUG(); - } else if (!(rmap_head->val & 1)) { - if ((u64 *)rmap_head->val != spte) { - pr_err("%s: %p 1->BUG\n", __func__, spte); - BUG(); - } + if (KVM_BUG_ON_DATA_CORRUPTION(!rmap_head->val, kvm)) + return; + + if (!(rmap_head->val & 1)) { + if (KVM_BUG_ON_DATA_CORRUPTION((u64 *)rmap_head->val != spte, kvm)) + return; + rmap_head->val = 0; } else { desc = (struct pte_list_desc *)(rmap_head->val & ~1ul); @@ -1029,8 +1028,8 @@ static void pte_list_remove(struct kvm *kvm, u64 *spte, } desc = desc->more; } - pr_err("%s: %p many->many\n", __func__, spte); - BUG(); + + KVM_BUG_ON_DATA_CORRUPTION(true, kvm); } } diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 9d3ac7720da9..cb86108c624d 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -865,6 +865,25 @@ static inline void kvm_vm_bugged(struct kvm *kvm) unlikely(__ret); \ }) +/* + * Note, "data corruption" refers to corruption of host kernel data structures, + * not guest data. Guest data corruption, suspected or confirmed, that is tied + * and contained to a single VM should *never* BUG() and potentially panic the + * host, i.e. use this variant of KVM_BUG() if and only if a KVM data structure + * is corrupted and that corruption can have a cascading effect to other parts + * of the hosts and/or to other VMs. + */ +#define KVM_BUG_ON_DATA_CORRUPTION(cond, kvm) \ +({ \ + bool __ret = !!(cond); \ + \ + if (IS_ENABLED(CONFIG_BUG_ON_DATA_CORRUPTION)) \ + BUG_ON(__ret); \ + else if (WARN_ON_ONCE(__ret && !(kvm)->vm_bugged)) \ + kvm_vm_bugged(kvm); \ + unlikely(__ret); \ +}) + static inline void kvm_vcpu_srcu_read_lock(struct kvm_vcpu *vcpu) { #ifdef CONFIG_PROVE_RCU