Re: [RFC PATCH v1 2/4] KVM: SVM: Enable Bus lock threshold exit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 8/26/2024 9:45 PM, Sean Christopherson wrote:
> On Sat, Aug 24, 2024, Manali Shukla wrote:
>>> Actually, we already have a capability, which means there's zero reason for this
>>> module param to exist.  Userspace already has to opt-in to turning on bus lock
>>> detection, i.e. userspace already has the opportunity to provide a different
>>> threshold.
>>>
>>> That said, unless someone specifically needs a threshold other than '0', I vote
>>> to keep the uAPI as-is and simply exit on every bus lock.
>>>  
>>
>> According to APM [1],
>> "The VMCB provides a Bus Lock Threshold enable bit and an unsigned 16-bit Bus
>> Lock Threshold count. On VMRUN, this value is loaded into an internal count
>> register. Before the processor executes a bus lock in the guest, it checks
>> the value of this register. If the value is greater than 0, the processor
>> executes the bus lock successfully and decrements the count. If the value is
>> 0, the bus lock is not executed and a #VMEXIT to the VMM is taken."
>>
>> So, the bus_lock_counter value "0" always results in VMEXIT_BUSLOCK, so the
>> default value of the bus_lock_counter should be greater or equal to "1".
> 
> Ugh, so AMD's bus-lock VM-Exit is fault-like.  That's annoying.

Yeah.

> 
>> I can remove the module parameter and initialize the value of
>> bus_lock_counter as "1" ?
> 
> No, because that will have the effect of detecting every other bus lock, whereas
> the intent is to detect _every_ bus lock.
> 
> I think the only sane approach is to set it to '0' when enabled, and then set it
> to '1' on a bus lock exit _before_ exiting to userspace.  If userspace or the
> guest mucks with RIP or the guest code stream and doesn't immediately trigger the
> bus lock, then so be it.  That only defers the allowed bus lock to a later time,
> so effectively such shenanigans would penalize the guest even more.
> 

When the bus_lock_counter is set to '1' and a bus lock is generated in the guest, 
the counter is decremented to '0', triggering a bus lock exit immediately.
So, bus lock exit is triggered for every generated bus locks in the guest when
bus_lock_counter value is set to '1'.


> We'll need to document that KVM on AMD exits to userspace with RIP pointing at
> the offending instruction, whereas KVM on Intel exits with RIP pointing at the
> instruction after the guilty instruction.

Sure I will document it.

- Manali
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux