From nobody Fri Dec 19 16:44:51 2025 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CC67141C92 for ; Sat, 15 Feb 2025 01:06:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739581575; cv=none; b=sPj8Wim9q3fndDVohZ8FpkeLitfpbtrtKxrXE0/qunboiWbZYHslo/y0DVXIhlI1WJHKtoXhkJz3T2Dj7VNkL99vKdgKo9J5J5v9uO7mT7W7alA4l0Gl+KiKI3K7a6cRIdWaHGWPVB/gqJu+EkzPQT2raos4+Qm6Ac50ImcjOic= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739581575; c=relaxed/simple; bh=5wliXWDYsrFCwme0bU8BDoFYLmTGBwCFoyuhP4vduys=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=IJVXOdN51ntcMwgH/Mm9TZYwgTPoLZNWRGO7qClS8cKBOPOP8ZhwBKBbK2F4+FcNW0nnQMqQhUt2sgIDLk7H+9izYYeUpFOsIFQQDoCTDil9nt/taxjJGKathIv7j3auzzrWTsWRZegRIPc7W1e1N0HeFiJ7AQUbVLrjnsuLW7c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Om+ngLa3; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Om+ngLa3" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-220fb031245so18000225ad.3 for ; Fri, 14 Feb 2025 17:06:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1739581573; x=1740186373; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=gnHrxG87g2zrpNznbUWyypfRtpr7va7BhlbJAw1+aOQ=; b=Om+ngLa3jxTKgaX7Canh3KrefjMF9f9R+pxKqw1qMdfYuVfPoVaPM6YaDh8Hyb5iDM UhN03+GRWOS7q/aDkQFRHaXpeN86Zxzjvb344yehazSmn/YkJlIWFil2ZbBa+x6iGhCw Qm0nNnmuh3citPrsn6yhuwaP+HMBObp3hUmSnmziF+NfXviXyislWG9G19A+amZLwpQO 0iucd3nGaBBK6jxkc736S3WhXBbZTV2mq0oJEYM69AFY6YCWUap4ZeGLrumthlZ30e5q 7T/+dtdwWBxu5xOQa3teEMxF/mt/PSb7F6x0aptw8JM2hb36QSM5oiCBjyXBCguTPWqj PDHg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739581573; x=1740186373; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=gnHrxG87g2zrpNznbUWyypfRtpr7va7BhlbJAw1+aOQ=; b=OaGTF5GOZ/a+4EVj9CylsCcXN4YBZPfV+HSLmvDtk5oBxCd45Bzn3YXAKQmWH7o+Y9 k8gd5VhR7WQrntctFXP2G6MrX0jPbT0BP2WJhz/pjZOj1V4gJ6/ZXo+S1aIehS7nk2hp m5b9vNpLwOA8LTYgbN8TO/L0GTwVNF4sqtumpxpa0vk26XcYJZ7cSaF6UiPMn0i0/NGZ 7xdik/w8ZhGvCWLvv4pBjTi4BBaWlWwFYXXwGl74ISJSqBLk0MqWkLyCQRCDGKaBquQp tZzvjhS9UiJjehqJiAUQKjYLZdA8lw59PVS4rb8iii7FzY0LPIqt2XUSsRljol5rg/Vc 3fHA== X-Forwarded-Encrypted: i=1; AJvYcCVA98+3DQAH6ZWPRH+Nw94ZxMGGhgQsLTmL7Y44sP8PDwPke72VcMXB60YCGDi/dbuASkHQxFrRG8qWCyg=@vger.kernel.org X-Gm-Message-State: AOJu0Yxld5Wlb/xKaTe4ywZlL0v47CblD+SvNBCDdUrQOBxxc1L9vuOG PwSWaUJvCvqjla5MmHa9BIG6jEo8UvilFSxKxErMKsVaF525Wv8y1wbNvdN5vQiFGy/TpdwsySt bQQ== X-Google-Smtp-Source: AGHT+IFqpbcx0eksJgzswjg2oejQ8+iZ+7K9CjQZzR/co/7jmMUA3+1XjLY7h+QZJ+aWbZridj68BiDJaJg= X-Received: from pjbpd11.prod.google.com ([2002:a17:90b:1dcb:b0:2fa:27e2:a64d]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:dac5:b0:216:7ee9:2227 with SMTP id d9443c01a7336-221040a8e62mr21822595ad.36.1739581573052; Fri, 14 Feb 2025 17:06:13 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 14 Feb 2025 17:06:08 -0800 In-Reply-To: <20250215010609.1199982-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250215010609.1199982-1-seanjc@google.com> X-Mailer: git-send-email 2.48.1.601.g30ceb7b040-goog Message-ID: <20250215010609.1199982-2-seanjc@google.com> Subject: [PATCH 1/2] KVM: x86: Don't inject PV async #PF if SEND_ALWAYS=0 and guest state is protected From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Don't inject PV async #PFs into guests with protected register state, i.e. SEV-ES and SEV-SNP guests, unless the guest has opted-in to receiving #PFs at CPL0. For protected guests, the actual CPL of the guest is unknown. Note, no sane CoCo guest should enable PV async #PF, but the current state of Linux-as-a-CoCo-guest isn't entirely sane. Fixes: add5e2f04541 ("KVM: SVM: Add support for the SEV-ES VMSA") Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 58b82d6fd77c..3b67425c3e3d 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -13395,7 +13395,7 @@ static bool kvm_can_deliver_async_pf(struct kvm_vcp= u *vcpu) return false; =20 if (vcpu->arch.apf.send_user_only && - kvm_x86_call(get_cpl)(vcpu) =3D=3D 0) + (vcpu->arch.guest_state_protected || !kvm_x86_call(get_cpl)(vcpu))) return false; =20 if (is_guest_mode(vcpu)) { --=20 2.48.1.601.g30ceb7b040-goog From nobody Fri Dec 19 16:44:51 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6C041126C10 for ; Sat, 15 Feb 2025 01:06:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739581576; cv=none; b=kMXt5n23uIX80lQ+ocVHWTVwJae2shMCcGB3APw0jNKcGhAQyNl0ZiCPPZdDx9R9hgqFyfU3x0tCO99NSzp1uL+6WK3d0IS0PhucSILo8l8/W9lvEBJjOGhjNU6RPCUmPp2QWKUBt0LVcNFynmYOKAsvCEcBF/uFHKOrNmUKIuU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739581576; c=relaxed/simple; bh=bSuqZiuVhGn+R3CBW88ZrNQnYfX6dqIbqMfitjYCmLM=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=u8lL1gj7vtEZXyoTy5My76i1Xsw9KcSjPlQ2N7o0PDBNQPk9KXafZTVGqBDwytkwRhDW9RmgoAWgwzI2aZSmiOnUDT+lk4zJt//V0hnLH7anBoZQEBV8GWvgro9L4nrQkPUqGHMOmOWEV5CgsUVQad8OJRap/1izWNSV/q9owq8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=JUMYj2e8; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="JUMYj2e8" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-2fc46431885so70558a91.2 for ; Fri, 14 Feb 2025 17:06:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1739581574; x=1740186374; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=zn5CjaOI/LVKyc7fUHXaWbf0DV9/drzUj0wLJyxdr5U=; b=JUMYj2e8ztRB9wvmZJVlppjf51+uPL+5ng/JYFX0Hvn1agTnbFH00Ec/JtXPLJxV2l 689JmXF7zvRlYOqXYAKHKs8z0Qvcwla2aNXgN6qlmV6IbzT3sMg6DFf8MsIqBnIsc6h6 Tse6QyqgUOwsoIgR5ggzN5aAFRAchNsND1+jbY6gQCrWtLiXZU08AutYA2Qg6C20eeEr Zo4fb3i/qZaz6A0vzgzTIKxi6MNDebPO9ZlxqIM8378I4j3Si4ouTeF7embzUrq9Hzcn JhyiAEeRdcXsrD6HGoLpT8cwAJlZFmOveYbkr7L8qVIQfNNN+TUFI0ae4IUU+piuildv 3QgA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739581574; x=1740186374; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=zn5CjaOI/LVKyc7fUHXaWbf0DV9/drzUj0wLJyxdr5U=; b=ZLTVZ2v/eyXsUuPfI2ZTtJ0gS+WFWusAKtk7XfYecxin4xHwjt+MlK91raWqTqF8Jh fGl0zJotU+iSATN3pgI5umS3/G8arBgdeSrrcoGydB2RVOjGQT+8Peq+uWfzUaU9ejXL Sj/CZhgjzoRzmxTNN7LBkSiQdYwrt6sX3qObywn13u8DA0CBKCFY8COIw2Ackt4Y8SRR Iba1UvCHo6b31Oad5EQj1qByVVP8sJ4B3Q5JsUFSdiGNqb9eqSFGRhvlUP2O6IyKfC/0 L/jJjynzQULeOarKqRHptegk5pVF2gutRIuGsgIWQy4dWAkghoMfcx3c+aGv82LDmeyZ vPhA== X-Forwarded-Encrypted: i=1; AJvYcCVnrb/Wi9gi2Iq8sTSWe2fxhO6B+gcnrhYZSSj5CTwaQUTCr5q1+Zop8AE0L7fr9v+ldfrL+T7NxPhU3Cw=@vger.kernel.org X-Gm-Message-State: AOJu0YzpuVf+NE2xO5Y6rpw2vSv2WDKiHpkIPFwf9zIFU4jqkua1sLk9 7WhISd8yM2WWLQ1TqHy7uS6DN4ApxvpdLLmkaotxdGvhg9j4I9jFkyuFnkO2oNaDZriiIN3pZTU 69w== X-Google-Smtp-Source: AGHT+IFIwMKT3tvPATCPjCIoh5AEF4qKbxWAMxjW2j21dZojwEmwm8bNWQma8rcOLanXENnhrxNv4XpJxno= X-Received: from pjbpq11.prod.google.com ([2002:a17:90b:3d8b:b0:2ea:5469:76c2]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:380f:b0:2fa:ba3:5451 with SMTP id 98e67ed59e1d1-2fc4115089fmr1816354a91.35.1739581574696; Fri, 14 Feb 2025 17:06:14 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 14 Feb 2025 17:06:09 -0800 In-Reply-To: <20250215010609.1199982-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250215010609.1199982-1-seanjc@google.com> X-Mailer: git-send-email 2.48.1.601.g30ceb7b040-goog Message-ID: <20250215010609.1199982-3-seanjc@google.com> Subject: [PATCH 2/2] KVM: x86: Rename and invert async #PF's send_user_only flag to send_always From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Rename send_user_only to avoid "user", because KVM's ABI is to not inject page faults into CPL0, whereas "user" in x86 is specifically CPL3. Invert the polarity to keep the naming simple and unambiguous. E.g. while KVM often refers to CPL0 as "kernel", that terminology isn't ubiquitous, and "send_kernel" could be misconstrued as "send only to kernel". Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/x86.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 3506f497741b..0f1c57006da3 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -999,8 +999,8 @@ struct kvm_vcpu_arch { u64 msr_int_val; /* MSR_KVM_ASYNC_PF_INT */ u16 vec; u32 id; - bool send_user_only; u32 host_apf_flags; + bool send_always; bool delivery_as_pf_vmexit; bool pageready_pending; } apf; diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 3b67425c3e3d..c8e2d905c172 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3561,7 +3561,7 @@ static int kvm_pv_enable_async_pf(struct kvm_vcpu *vc= pu, u64 data) sizeof(u64))) return 1; =20 - vcpu->arch.apf.send_user_only =3D !(data & KVM_ASYNC_PF_SEND_ALWAYS); + vcpu->arch.apf.send_always =3D (data & KVM_ASYNC_PF_SEND_ALWAYS); vcpu->arch.apf.delivery_as_pf_vmexit =3D data & KVM_ASYNC_PF_DELIVERY_AS_= PF_VMEXIT; =20 kvm_async_pf_wakeup_all(vcpu); @@ -13394,7 +13394,7 @@ static bool kvm_can_deliver_async_pf(struct kvm_vcp= u *vcpu) if (!kvm_pv_async_pf_enabled(vcpu)) return false; =20 - if (vcpu->arch.apf.send_user_only && + if (!vcpu->arch.apf.send_always && (vcpu->arch.guest_state_protected || !kvm_x86_call(get_cpl)(vcpu))) return false; =20 --=20 2.48.1.601.g30ceb7b040-goog