On Fri, Mar 17, 2023 at 2:50 PM Sean Christopherson <seanjc@xxxxxxxxxx> wrote: > I wonder if we can get away with returning -EFAULT, but still filling vcpu->run > with KVM_EXIT_MEMORY_FAULT and all the other metadata. That would likely simplify > the implementation greatly, and would let KVM fill vcpu->run unconditonally. KVM > would still need a capability to advertise support to userspace, but userspace > wouldn't need to opt in. I think this may have been my very original though, and > I just never actually wrote it down... Oh, good to know that's actually an option. I thought of that too, but assumed that returning a negative error code was a no-go for a proper vCPU exit. But if that's not true then I think it's the obvious solution because it precludes any uncaught behavior-change bugs. A couple of notes 1. Since we'll likely miss some -EFAULT returns, we'll need to make sure that the user can check for / doesn't see a stale kvm_run::memory_fault field when a missed -EFAULT makes it to userspace. It's a small and easy-to-fix detail, but I thought I'd point it out. 2. I don't think this would simplify the series that much, since we still need to find the call sites returning -EFAULT to userspace and populate memory_fault only in those spots to avoid populating it for -EFAULTs which don't make it to userspace. We *could* relax that condition and just document that memory_fault should be ignored when KVM_RUN does not return -EFAULT... but I don't think that's a good solution from a coder/maintainer perspective.
