Re: [PATCH 1/5] kvm: x86: Add payload to kvm_queued_exception and kvm_vcpu_events

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


> On 15 Oct 2018, at 20:07, Paolo Bonzini <pbonzini@xxxxxxxxxx> wrote:
> 
> On 08/10/2018 20:29, Jim Mattson wrote:
>> Under nested virtualization, the L1 hypervisor may intercept an
>> exception raised during the execution of L2 before the exception
>> is delivered. When the intercepted exception is #PF, the VM-exit
>> to the L1 hypervisor precedes the modification of CR2. When the
>> intercepted exception is #DB, the VM-exit to the L1 hypervisor
>> precedes the modifications of DR6 and DR7 under VMX, but the
>> VM-exit to the L1 hypervisor follows the modifications of DR6 and
>> DR7 under SVM.
>> 
>> At present, CR2 is modified too early under both VMX and SVM. DR6 is
>> modified too early under VMX. DR7 is modified at the appropriate time.
>> Unfortunately, it is possible to exit to userspace with one of these
>> exceptions pending, and userspace may rely on the premature
>> side-effects. It is also possible for userspace to inject one of these
>> exceptions, in which case, userspace will presumably have already
>> processed the side-effects.
>> 
>> To address this problem, a new per-VM capability
>> (KVM_CAP_EXCEPTION_PAYLOAD) will be introduced. When this capability
>> is enabled by userspace, the faulting linear address will be included
>> with the information about a pending #PF in L2, and the "new DR6 bits"
>> will be included with the information about a pending #DB in L2. This
>> ancillary exception information is carried in a new "payload" field.
>> 
>> Reported-by: Jim Mattson <jmattson@xxxxxxxxxx>
>> Suggested-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
>> Signed-off-by: Jim Mattson <jmattson@xxxxxxxxxx>
>> Reviewed-by: Peter Shier <pshier@xxxxxxxxxx>
>> 
> 
> I'm not applying any of the patches yet, but I'd be happy to queue it
> for 4.20 even (slightly) after -rc1.  Once this is done, I think we can
> flip nested=1.
> 
> Paolo

Just out of curiosity, why is this specifically a decision-point for flipping nested=1?
Because this is a break of userspace APIs in case of nVMX workloads?
What are the conditions for flipping it?

If that’s the case, this is also true for the get/set vCPU events IOCTLs.
So they need to also be applied before the flip. 

Don’t get me wrong, I will be happy to see nested=1 by default.
Just wondering…

-Liran
[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux