> On Jan 31, 2020, at 1:04 PM, Sean Christopherson <sean.j.christopherson@xxxxxxxxx> wrote: > > On Fri, Jan 31, 2020 at 12:57:51PM -0800, Andy Lutomirski wrote: >> >>>> On Jan 31, 2020, at 12:18 PM, Sean Christopherson <sean.j.christopherson@xxxxxxxxx> wrote: >>> >>> This is essentially what I proposed a while back. KVM would allow enabling >>> split-lock #AC in the guest if and only if SMT is disabled or the enable bit >>> is per-thread, *or* the host is in "warn" mode (can live with split-lock #AC >>> being randomly disabled/enabled) and userspace has communicated to KVM that >>> it is pinning vCPUs. >> >> How about covering the actual sensible case: host is set to fatal? In this >> mode, the guest gets split lock detection whether it wants it or not. How do >> we communicate this to the guest? > > KVM doesn't advertise split-lock #AC to the guest and returns -EFAULT to the > userspace VMM if the guest triggers a split-lock #AC. > > Effectively the same behavior as any other userspace process, just that KVM > explicitly returns -EFAULT instead of the process getting a SIGBUS. Which helps how if the guest is actually SLD-aware? I suppose we could make the argument that, if an SLD-aware guest gets #AC at CPL0, it’s a bug, but it still seems rather nicer to forward the #AC to the guest instead of summarily killing it. ISTM, on an SLD-fatal host with an SLD-aware guest, the host should tell the guest “hey, you may not do split locks — SLD is forced on” and the guest should somehow acknowledge it so that it sees the architectural behavior instead of something we made up. Hence my suggestion.
