From patchwork Wed Sep 13 11:03:22 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Wanpeng Li X-Patchwork-Id: 9951071 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id B5D4860360 for ; Wed, 13 Sep 2017 11:03:38 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A98B928E01 for ; Wed, 13 Sep 2017 11:03:38 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9E88028E13; Wed, 13 Sep 2017 11:03:38 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5627528E01 for ; Wed, 13 Sep 2017 11:03:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752235AbdIMLDc (ORCPT ); Wed, 13 Sep 2017 07:03:32 -0400 Received: from mail-pg0-f68.google.com ([74.125.83.68]:37278 "EHLO mail-pg0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751148AbdIMLDa (ORCPT ); Wed, 13 Sep 2017 07:03:30 -0400 Received: by mail-pg0-f68.google.com with SMTP id v5so7480912pgn.4; Wed, 13 Sep 2017 04:03:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=7Hldg1e0PJmuRqZlZGZaJo//KdGuipDRiM23xAY7vY8=; b=CSKUNuxgmTDRAAa+yLcbaKug8elhR9dG+g2u2MJkHOVWIfg9q7GOXQYL4bT3xnG0Op t57YwEquMHAUdc1lLMzwVnsGSHiDfKKOZiqNIrZZAcP6caz3iXCLvNV4Jt7d7BiO7uHT cbFjR95wfxshpLah1B2ku1+zwZJNz+rn4EZ43VoDlbo9/4FPDg5RMtcpnG/gvpxlD7QS sHXKcV+YF+X+1JRMf5tGyPkHwAMJDgU529z8P1E9+XeuxWxkVCnf29N5VX1endM6q/Uq 71aPD8CcdPSYCIu/UZjP511YOcoa5ZHM8PL7iknXY3PXmRyIzesFsUZ5pL2Fp/ncr8ah RNHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=7Hldg1e0PJmuRqZlZGZaJo//KdGuipDRiM23xAY7vY8=; b=AYCL11GmHX5ly/I87VhvdznRaJD6Hd+jZjj5rEvstaK7FVYvUXM/WhmQ4U1zjlrxwa F5mBXvKfMJ5ZbrI+Y9OHsmscTl0NZ2Bsi6gjrhkv7KrTqHHDCSm6MxNZ7e9Edb5CNKso Z8GNW6H0BcNk2qn8BV8bnFC72xtWRns5HlKIt9mAhhDmx88+esP53bj6yGfGg0MKW7ec ndKsFLDob0A99sCCTOH5v8KltIgSJVInYa4bjipT2FqWvQapamqT/dPzuBKwJ92tgGsW 4IfEPDBlBfcyXL8YU40YYkCODhlw5B5Wc9KTUm/tGfhW+pdl4wtKqt1P2gyQrmACYry/ oeTA== X-Gm-Message-State: AHPjjUguIWcq8/6QrOkEH8b83s0khEhRe+1MYvDk0A37UBovisrNEQD4 C15vOjDfMDCOH9/N X-Google-Smtp-Source: ADKCNb5oyuNeZ294ZmZqLWNKMSD8FqGtp6rGbkoDucW63kCK+ie4bi0xd68gMaweNGS7CarUcm3Vgg== X-Received: by 10.101.93.145 with SMTP id f17mr17377429pgt.50.1505300609791; Wed, 13 Sep 2017 04:03:29 -0700 (PDT) Received: from localhost ([203.205.141.123]) by smtp.gmail.com with ESMTPSA id z69sm24894860pfl.86.2017.09.13.04.03.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 13 Sep 2017 04:03:29 -0700 (PDT) From: Wanpeng Li X-Google-Original-From: Wanpeng Li To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Wanpeng Li Subject: [PATCH 1/2] KVM: nVMX: Fix nested #PF intends to break L1's vmlauch/vmresume Date: Wed, 13 Sep 2017 04:03:22 -0700 Message-Id: <1505300602-7236-1-git-send-email-wanpeng.li@hotmail.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Wanpeng Li ------------[ cut here ]------------ WARNING: CPU: 4 PID: 5280 at /home/kernel/linux/arch/x86/kvm//vmx.c:11394 nested_vmx_vmexit+0xc2b/0xd70 [kvm_intel] CPU: 4 PID: 5280 Comm: qemu-system-x86 Tainted: G W OE 4.13.0+ #17 RIP: 0010:nested_vmx_vmexit+0xc2b/0xd70 [kvm_intel] Call Trace: ? emulator_read_emulated+0x15/0x20 [kvm] ? segmented_read+0xae/0xf0 [kvm] vmx_inject_page_fault_nested+0x60/0x70 [kvm_intel] ? vmx_inject_page_fault_nested+0x60/0x70 [kvm_intel] x86_emulate_instruction+0x733/0x810 [kvm] vmx_handle_exit+0x2f4/0xda0 [kvm_intel] ? kvm_arch_vcpu_ioctl_run+0xd2f/0x1c60 [kvm] kvm_arch_vcpu_ioctl_run+0xdab/0x1c60 [kvm] ? kvm_arch_vcpu_load+0x62/0x230 [kvm] kvm_vcpu_ioctl+0x340/0x700 [kvm] ? kvm_vcpu_ioctl+0x340/0x700 [kvm] ? __fget+0xfc/0x210 do_vfs_ioctl+0xa4/0x6a0 ? __fget+0x11d/0x210 SyS_ioctl+0x79/0x90 entry_SYSCALL_64_fastpath+0x23/0xc2 A nested #PF is triggered during L0 emulating instruction for L2. However, it doesn't consider we should not break L1's vmlauch/vmresme. This patch fixes it by queuing the #PF exception instead ,requesting an immediate VM exit from L2 and keeping the exception for L1 pending for a subsequent nested VM exit. Cc: Paolo Bonzini Cc: Radim Krčmář Signed-off-by: Wanpeng Li --- arch/x86/kvm/vmx.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 4253ade..fda9dd6 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -9829,7 +9829,8 @@ static void vmx_inject_page_fault_nested(struct kvm_vcpu *vcpu, WARN_ON(!is_guest_mode(vcpu)); - if (nested_vmx_is_page_fault_vmexit(vmcs12, fault->error_code)) { + if (nested_vmx_is_page_fault_vmexit(vmcs12, fault->error_code) && + !to_vmx(vcpu)->nested.nested_run_pending) { vmcs12->vm_exit_intr_error_code = fault->error_code; nested_vmx_vmexit(vcpu, EXIT_REASON_EXCEPTION_NMI, PF_VECTOR | INTR_TYPE_HARD_EXCEPTION |