From patchwork Sat Jan 11 01:24:46 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13935699 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F2EA310E9 for ; Sat, 11 Jan 2025 01:24:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1736558696; cv=none; b=sAp957A8E0FwpEtPQV5Gp75XXTxjFeGHMLGWlO/mZg8rLvJ6DxgoLuD6uk9h4Qgk9klcVJKhv0KX6tuD7//sR1J9ussZWYktN2TUUijLdM4dyhBrrevxcXxkBt8jqMRbYcU72ZhTCX7vgeFEdTR4/ZYyUedbvdfXmFJ9Eyupdbk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1736558696; c=relaxed/simple; bh=lQwpsShXHQI91s1IhBjcEI9cJsgfBQq8tkKtVM0oTIo=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=isEysPAAvsYHSDftQvDCAW6rZ41UQ/QoiKPXdRt0ddCkDMdJ3/eeKTT3er46tK/W01J3h2hvIM4qWjyQdSJ6qDpShJJyiW/qVxlROR1xKHCNxiPgB23A+HYgPTFYRYq1jrbKiZpgFUuJR5q1UUwbZMy74Btj4aVW2dt2z/7371g= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=3Io+Rw6K; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="3Io+Rw6K" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2eeeb5b7022so4818705a91.0 for ; Fri, 10 Jan 2025 17:24:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736558694; x=1737163494; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=L3TyIoxqzKbU5TOqXbLBWWXwSPvFkN5kGJBIZi+nPuA=; b=3Io+Rw6K2bNrLYWzMlSc1+4sKSWu2VHMo5TUJ9dQeQmtIAO/PFmeRT5tvOaDiArJKK wqMZpRLXYFaIXiZAkXqJOw+r8Shr7dV2JxLKYvjBqGiaB7UufRLsV91K7gOWwngEBBzp l7eeewXX+ztpoExeS8q7F+MB0W4/PNPof1pwj1cMCArZNoewBSyUOhww/ZUUNw7jNh3F pv/HbkYAbmP9AmkoiaP9lA63uVAa6jSFGB6Nn0Q2Q3HMm6Rh3BZY1hSulfKqb+XGofxM pyqLyd8awV2K14EVTxH1V+lKkic6aYz15oT5Hvr3JKuSdRJhi/XnH/JkYOIbxWpeZY3M 2+CA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736558694; x=1737163494; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=L3TyIoxqzKbU5TOqXbLBWWXwSPvFkN5kGJBIZi+nPuA=; b=Qt2DggjdPf4aYMfZYHvvpl+QQBnpiNHZJbjLp7dYdeB/gkdWSwfTZAPfI6XxwfoW/5 i9Ythi/jZu3VNB2RAi4A5ZoXNlaOMc/0TwYh5gUpPVJK4LyaybKxg3x7BgYbDiGTgbix G6Xr09BvtJmNWSX9imFVlAbWsHEMWZonTsVmglqZ1SPUwHbbKZApS7QQ6hFkNu5P6ujS ux31j2+ibqtrixME3xBvG+tmyfqGqdo7RACWRSvdL5eD5BxoQQ/k9ls7E+7jpeueYVG2 K4ppXYREUvKqQWTNv5KlnH5uLueLYx8yMVb2OhItybliqFsdzv90bIKOLhbVBGANvgCv 7Dig== X-Gm-Message-State: AOJu0YxcMTM/pFErb5685jFauwsH0RnnKS658F81WcaIyw+99mVXtefY SJ3Q8dvyJFmXXU206F1vtfpHHFOrj9RDYdwbriIzc/tBiVKME3IYgbtnqkSgy8C6EtBqgARvpZS 0Rw== X-Google-Smtp-Source: AGHT+IHQFtnrz9Qz4G4DVM+w+HCWHLq9SWFcOY5MsmF5EmSUkf18xpdPguK9lOowTA48c954eXDA8ByTfJE= X-Received: from pfld20.prod.google.com ([2002:a05:6a00:1994:b0:728:b3dd:ba8c]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:114e:b0:728:f337:a721 with SMTP id d2e1a72fcca58-72d21f29214mr17702842b3a.7.1736558694264; Fri, 10 Jan 2025 17:24:54 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 10 Jan 2025 17:24:46 -0800 In-Reply-To: <20250111012450.1262638-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250111012450.1262638-1-seanjc@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20250111012450.1262638-2-seanjc@google.com> Subject: [PATCH 1/5] KVM: x86: Document that KVM_EXIT_HYPERCALL requires completion From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Michael Ellerman , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org Update KVM's documentation to call out that KVM_EXIT_HYPERCALL requires userspace to do KVM_RUN before state save/restore, so that KVM can skip the hypercall instruction, otherwise resuming the vCPU after restore will restart the instruction and potentially lead to a spurious MAP_GPA_RANGE. Fixes: 0dbb11230437 ("KVM: X86: Introduce KVM_HC_MAP_GPA_RANGE hypercall") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson --- Documentation/virt/kvm/api.rst | 39 +++++++++++++++++----------------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index 454c2aaa155e..c92c8d4e8779 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -6615,13 +6615,29 @@ The 'data' member contains, in its first 'len' bytes, the value as it would appear if the VCPU performed a load or store of the appropriate width directly to the byte array. +It is strongly recommended that userspace use ``KVM_EXIT_IO`` (x86) or +``KVM_EXIT_MMIO`` (all except s390) to implement functionality that +requires a guest to interact with host userspace. + +.. note:: KVM_EXIT_IO is significantly faster than KVM_EXIT_MMIO. + + /* KVM_EXIT_HYPERCALL */ + struct { + __u64 nr; + __u64 args[6]; + __u64 ret; + __u64 flags; + } hypercall; + + .. note:: For KVM_EXIT_IO, KVM_EXIT_MMIO, KVM_EXIT_OSI, KVM_EXIT_PAPR, KVM_EXIT_XEN, - KVM_EXIT_EPR, KVM_EXIT_X86_RDMSR and KVM_EXIT_X86_WRMSR the corresponding - operations are complete (and guest state is consistent) only after userspace - has re-entered the kernel with KVM_RUN. The kernel side will first finish - incomplete operations and then check for pending signals. + KVM_EXIT_EPR, KVM_EXIT_X86_RDMSR, KVM_EXIT_X86_WRMSR, and KVM_EXIT_HYPERCALL + the corresponding operations are complete (and guest state is consistent) + only after userspace has re-entered the kernel with KVM_RUN. The kernel + side will first finish incomplete operations and then check for pending + signals. The pending state of the operation is not preserved in state which is visible to userspace, thus userspace should ensure that the operation is @@ -6632,21 +6648,6 @@ to the byte array. :: - /* KVM_EXIT_HYPERCALL */ - struct { - __u64 nr; - __u64 args[6]; - __u64 ret; - __u64 flags; - } hypercall; - - -It is strongly recommended that userspace use ``KVM_EXIT_IO`` (x86) or -``KVM_EXIT_MMIO`` (all except s390) to implement functionality that -requires a guest to interact with host userspace. - -.. note:: KVM_EXIT_IO is significantly faster than KVM_EXIT_MMIO. - For arm64: ---------- From patchwork Sat Jan 11 01:24:47 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13935700 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A9C5F1799F for ; Sat, 11 Jan 2025 01:24:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1736558698; cv=none; b=GE8YdDfvgqJvfVthzxKkpdJJfc8fF5EKVBpMWV135LeKpqj4Z5BFKMVEW+Iuu4tJh9P8Ec4sWij0BDeucfo9G7NM9QR6lZmNcGOr/N/gaYUDwPkiH3T6lb8cn1mvYaTVkIb2ed+wtRviAZrDfFjJF/j2iaaqTITWdh0mL71tG8Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1736558698; c=relaxed/simple; bh=AVYzQUQrTSkLUbewlYjOO2i8641BAIJsb+Od5cW5JHI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=s1FK3fmMWgcCJLBUATobofzraHiBukVqURD7T9rm5X7eyzc4LKqljCPO1gRxccc4f7zzRgxSelSEK+eWKqJ9hvP9V9HatzPYT8ar7yXPxAGkKGO2+QTz+FsSde8SArbho0lf8JZM59M3TqtldvjJCz1C1/geQ192+IqNDVh99Co= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Q8Y7e8YM; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Q8Y7e8YM" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-21631cbf87dso48905965ad.3 for ; Fri, 10 Jan 2025 17:24:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736558696; x=1737163496; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=yPMtRfEi+Y38oJbaqxUUwsgL1BiiO9TX2S4BZFXkjhs=; b=Q8Y7e8YMGaMWRrJI/bc+6Q9utLAG0x/9ky0pb/1mZi4Wn36cgq3AZCHnatSP4I22yo FomfwZiUHgQ6O/FgMku8rHIhW3f2HLwmw3VjQ7z6diypN2cEc1UrhjJOOPh9+/PNuJnk piVRtF9zGKjsaHQBsCTyCgG0InWRHlLFwK9y4ekBNoj+RmoFArku7rg5zk3KQps/nDfF Qkaiz1JMZACJhS+vxe4tePSdwRH59nRQU35fDS+p7T8P2A3NgAHDUHY5ARMkhQyPSQdN 90F+J6J6266ANAqi65QJ2KOQduQNGCdWn0elOZUsovc/auTJlAmdjmLKzRAafI69UM56 j0FQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736558696; x=1737163496; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=yPMtRfEi+Y38oJbaqxUUwsgL1BiiO9TX2S4BZFXkjhs=; b=mLyygOjwXHriI7O3N4phAYKgH90gvVzS/AlBFRP3fnU88QkJH4e55k9BKK0xK8274P OFnsTwovnbErmc78Hcvz1E4bdtWzrfum0xKhyeYQKF/1WGKHwdCVzkHfWC2CVl1Zapmt CMkfKN+SvtbH+2NEd3jWSLMWbzUjdTqhyOY5TstGgSgnGILTT0LjF8UPn63vixM0EC2j u8ZbJH/53NeJr1drtyW8iOe2RQDXaDxvpd9uCms5DNc1u7GJ6gQ6T2kaftmknw+MNeEa vntd/bXN86h51azWPsj60/cMerEjdirjnpqNfcW5zC6d0+ivvEy7s3ibkDUYjbU0Jpjz ugJw== X-Gm-Message-State: AOJu0Yy/FMRDp9Q2bvz1SVjWrPo1PYrTnQwmeR8payFP8FtO1vd23R88 LvlbRz+sxjdT4q4kVL/FWtuCRhdv3gUiPCs3FFL4gBpEcdr/aCiuhREaKsdG6T08b/yxYkcKbLv UJQ== X-Google-Smtp-Source: AGHT+IFD3f0YjwZz/pTHPUxUy4yfVqFt92VRSC3L2LvrexSYRapcV9Xo2L4A2CKFVBcFdjD8/mn4jkTqU/U= X-Received: from pgkp11.prod.google.com ([2002:a63:f44b:0:b0:7fc:fac3:7df6]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:4325:b0:1e1:b062:f3fa with SMTP id adf61e73a8af0-1e88d1dba97mr25121737637.34.1736558695870; Fri, 10 Jan 2025 17:24:55 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 10 Jan 2025 17:24:47 -0800 In-Reply-To: <20250111012450.1262638-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250111012450.1262638-1-seanjc@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20250111012450.1262638-3-seanjc@google.com> Subject: [PATCH 2/5] KVM: Clear vcpu->run->flags at start of KVM_RUN for all architectures From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Michael Ellerman , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org Clear kvm_run.flags at the start of KVM_RUN for all architectures to minimize the probability of leaving a stale flag set. Signed-off-by: Sean Christopherson --- arch/arm64/kvm/arm.c | 1 - arch/arm64/kvm/handle_exit.c | 2 +- arch/powerpc/kvm/book3s_hv.c | 4 +--- arch/x86/kvm/x86.c | 1 - virt/kvm/kvm_main.c | 3 +++ 5 files changed, 5 insertions(+), 6 deletions(-) diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c index a102c3aebdbc..925fa010bb7b 100644 --- a/arch/arm64/kvm/arm.c +++ b/arch/arm64/kvm/arm.c @@ -1128,7 +1128,6 @@ int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu) ret = 1; run->exit_reason = KVM_EXIT_UNKNOWN; - run->flags = 0; while (ret > 0) { /* * Check conditions before entering the guest diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c index d7c2990e7c9e..63692c254a07 100644 --- a/arch/arm64/kvm/handle_exit.c +++ b/arch/arm64/kvm/handle_exit.c @@ -186,7 +186,7 @@ static int kvm_handle_guest_debug(struct kvm_vcpu *vcpu) run->exit_reason = KVM_EXIT_DEBUG; run->debug.arch.hsr = lower_32_bits(esr); run->debug.arch.hsr_high = upper_32_bits(esr); - run->flags = KVM_DEBUG_ARCH_HSR_HIGH_VALID; + run->flags |= KVM_DEBUG_ARCH_HSR_HIGH_VALID; switch (ESR_ELx_EC(esr)) { case ESR_ELx_EC_WATCHPT_LOW: diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c index 25429905ae90..b253f7372774 100644 --- a/arch/powerpc/kvm/book3s_hv.c +++ b/arch/powerpc/kvm/book3s_hv.c @@ -1704,9 +1704,7 @@ static int kvmppc_handle_exit_hv(struct kvm_vcpu *vcpu, /* Exit to guest with KVM_EXIT_NMI as exit reason */ run->exit_reason = KVM_EXIT_NMI; run->hw.hardware_exit_reason = vcpu->arch.trap; - /* Clear out the old NMI status from run->flags */ - run->flags &= ~KVM_RUN_PPC_NMI_DISP_MASK; - /* Now set the NMI status */ + /* Note, run->flags is cleared at the start of KVM_RUN. */ if (vcpu->arch.mce_evt.disposition == MCE_DISPOSITION_RECOVERED) run->flags |= KVM_RUN_PPC_NMI_DISP_FULLY_RECOV; else diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 1b04092ec76a..a8aa12e0911d 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -11465,7 +11465,6 @@ int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu) vcpu_load(vcpu); kvm_sigset_activate(vcpu); - kvm_run->flags = 0; kvm_load_guest_fpu(vcpu); kvm_vcpu_srcu_read_lock(vcpu); diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index de2c11dae231..7d2076439081 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -4336,6 +4336,9 @@ static long kvm_vcpu_ioctl(struct file *filp, put_pid(oldpid); } + + vcpu->run->flags = 0; + vcpu->wants_to_run = !READ_ONCE(vcpu->run->immediate_exit__unsafe); r = kvm_arch_vcpu_ioctl_run(vcpu); vcpu->wants_to_run = false; From patchwork Sat Jan 11 01:24:48 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13935701 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E570480BEC for ; Sat, 11 Jan 2025 01:24:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1736558699; cv=none; b=ceT8wkzVeXdzL59/LcaBwJpT0yPN94utTpds1DMOX9in85U7oz8Qndk8vJD/ZlgTeQuSFGGTrvBpYfS0/Jcbm/Nn4HtDyFPAP6XfkG5g5hVSlGJUm8V7umOYPZKFtPIB9UUyP4XDwn99KScaPyYUKlLH7zQOUENjXvXfXbNQlHI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1736558699; c=relaxed/simple; bh=ebhXzjuhiBSQLHFdDAh0Hry7B//ArQHXD+U9PtMyNuA=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Lmfd2sC3Jc0LV4thet3aMeUAUvQmzoBFGlsphF4cIwsxGwtNFh9IzDShpgXUFHWF5CiYxTSoVcirFD3ACsyGpVQ1qRY2CNDnNwqR+YeXNoXoV2yJ1MkvvgPBUTUiI03khH3DIAbQ/hrjROnCyHhry74/HOoaOiTqa+8P7+jfim8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=bxujoOFI; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="bxujoOFI" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2eeeb5b7022so4818724a91.0 for ; Fri, 10 Jan 2025 17:24:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736558697; x=1737163497; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=eb/3+mKu6t8Zhrqra/tibkxSDkT7W4OQb1wzc5Zn/9I=; b=bxujoOFI24l2z30LwCLSVr70vtlILCLaOZE5ET8rjuBzj4mAclUiRpd2N1FioOeaVO GPs3U7B+GihwmDdtvCU+o0HzQI564eRRxXx8n8f5726TCtCb4MsSq9CYXGskjOtHIa5V T2Cr3mIIVOPGGDRq9TBIJ814fG/IITGw/y6w5W+Cp728As15EITQXWJ6ScQSsHLtY5Zi T8J+paUrvB+XBZa52gVgZ8B/f/Bx913fQru6/QDDxBziV6R+elg7DBlHnSIjgNnjKfes HA7BGjc73YP8fBbuLc2GIk1mmV2awybJ5wwis0VdIZOXGTVdeEFfuD8dbQFIUB2umxQu ryWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736558697; x=1737163497; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=eb/3+mKu6t8Zhrqra/tibkxSDkT7W4OQb1wzc5Zn/9I=; b=jzJOkvII2osOgTduzdbGs9XSKgWWa89JqsZa3aYNwlzMuvWgJAjVlFJFhPEL02iSMN Pdt4XyL2XVBuCY3UN1YhXQsrh5DMWcKr9awRTT8yWeYjzdQsBecHT+E4dKO690P6rXXx gB5d74OMOhHOpRQ25Q+ufoBcopCVDcPOkkh0kFMsflyqZrLoGmNKGyj9BKz7okK1OgpE ZugQ79Ib6p5AUptL33iWSwqm/khlbQa3QR80vbGE8084TcZX2TS9kwvpSVboetcaXffw Ir/elB89JLMBRWkM7Rw13rfr56RQLrHBWvnmAbWAZ0oYMKAkfSg7Qh2sUEBkLyN8d9Lt MyFA== X-Gm-Message-State: AOJu0YyP21ZX0gaBIgUfZZUdXeQOwumB5Yqs5bozyAvbPGjzSP3xkzUu H2B7tLdulczxv97Fwm6nQ4wmxWKDWVa45PdrYXqOZwM2Q6bTSj9QnSTacZ33DtwoVDMfQsLC2IY RpQ== X-Google-Smtp-Source: AGHT+IEahfph4iX899pUZU2sWlx08q+szoXMpcKFVnSL/6Z/oUV0Zh5RCrkeMGXrUzIUgcOK6vulcmkt/Qg= X-Received: from pjvb13.prod.google.com ([2002:a17:90a:d88d:b0:2ee:4679:4a6b]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:2f03:b0:2ee:ed1c:e451 with SMTP id 98e67ed59e1d1-2f548eb32ffmr20060830a91.15.1736558697483; Fri, 10 Jan 2025 17:24:57 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 10 Jan 2025 17:24:48 -0800 In-Reply-To: <20250111012450.1262638-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250111012450.1262638-1-seanjc@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20250111012450.1262638-4-seanjc@google.com> Subject: [PATCH 3/5] KVM: Add a common kvm_run flag to communicate an exit needs completion From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Michael Ellerman , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org Add a kvm_run flag, KVM_RUN_NEEDS_COMPLETION, to communicate to userspace that KVM_RUN needs to be re-executed prior to save/restore in order to complete the instruction/operation that triggered the userspace exit. KVM's current approach of adding notes in the Documentation is beyond brittle, e.g. there is at least one known case where a KVM developer added a new userspace exit type, and then that same developer forgot to handle completion when adding userspace support. On x86, there are multiple exits that need completion, but they are all conveniently funneled through a single callback, i.e. in theory, this is a one-time thing for KVM x86 (and other architectures could follow suit with additional refactoring). Signed-off-by: Sean Christopherson --- Documentation/virt/kvm/api.rst | 48 ++++++++++++++++++++++--------- arch/powerpc/kvm/book3s_emulate.c | 1 + arch/powerpc/kvm/book3s_hv.c | 1 + arch/powerpc/kvm/book3s_pr.c | 2 ++ arch/powerpc/kvm/booke.c | 1 + arch/x86/include/uapi/asm/kvm.h | 7 +++-- arch/x86/kvm/x86.c | 2 ++ include/uapi/linux/kvm.h | 3 ++ virt/kvm/kvm_main.c | 1 + 9 files changed, 49 insertions(+), 17 deletions(-) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index c92c8d4e8779..8e172675d8d6 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -6505,7 +6505,7 @@ local APIC is not used. __u16 flags; -More architecture-specific flags detailing state of the VCPU that may +Common and architecture-specific flags detailing state of the VCPU that may affect the device's behavior. Current defined flags:: /* x86, set if the VCPU is in system management mode */ @@ -6518,6 +6518,8 @@ affect the device's behavior. Current defined flags:: /* arm64, set for KVM_EXIT_DEBUG */ #define KVM_DEBUG_ARCH_HSR_HIGH_VALID (1 << 0) + /* all architectures, set when the exit needs completion (via KVM_RUN) */ + #define KVM_RUN_NEEDS_COMPLETION (1 << 15) :: /* in (pre_kvm_run), out (post_kvm_run) */ @@ -6632,19 +6634,10 @@ requires a guest to interact with host userspace. .. note:: - For KVM_EXIT_IO, KVM_EXIT_MMIO, KVM_EXIT_OSI, KVM_EXIT_PAPR, KVM_EXIT_XEN, - KVM_EXIT_EPR, KVM_EXIT_X86_RDMSR, KVM_EXIT_X86_WRMSR, and KVM_EXIT_HYPERCALL - the corresponding operations are complete (and guest state is consistent) - only after userspace has re-entered the kernel with KVM_RUN. The kernel - side will first finish incomplete operations and then check for pending - signals. + For some exits, userspace must re-enter the kernel with KVM_RUN to + complete the exit and ensure guest state is consistent. - The pending state of the operation is not preserved in state which is - visible to userspace, thus userspace should ensure that the operation is - completed before performing a live migration. Userspace can re-enter the - guest with an unmasked signal pending or with the immediate_exit field set - to complete pending operations without allowing any further instructions - to be executed. + See KVM_CAP_NEEDS_COMPLETION for details. :: @@ -8239,7 +8232,7 @@ Note: Userspace is responsible for correctly configuring CPUID 0x15, a.k.a. the core crystal clock frequency, if a non-zero CPUID 0x15 is exposed to the guest. 7.36 KVM_CAP_X86_GUEST_MODE ------------------------------- +--------------------------- :Architectures: x86 :Returns: Informational only, -EINVAL on direct KVM_ENABLE_CAP. @@ -8252,6 +8245,33 @@ KVM exits with the register state of either the L1 or L2 guest depending on which executed at the time of an exit. Userspace must take care to differentiate between these cases. +7.37 KVM_CAP_NEEDS_COMPLETION +----------------------------- + +:Architectures: all +:Returns: Informational only, -EINVAL on direct KVM_ENABLE_CAP. + +The presence of this capability indicates that KVM_RUN will set +KVM_RUN_NEEDS_COMPLETION in kvm_run.flags if KVM requires userspace to re-enter +the kernel KVM_RUN to complete the exit. + +For select exits, userspace must re-enter the kernel with KVM_RUN to complete +the corresponding operation, only after which is guest state guaranteed to be +consistent. On such a KVM_RUN, the kernel side will first finish incomplete +operations and then check for pending signals. + +The pending state of the operation for such exits is not preserved in state +which is visible to userspace, thus userspace should ensure that the operation +is completed before performing state save/restore, e.g. for live migration. +Userspace can re-enter the guest with an unmasked signal pending or with the +immediate_exit field set to complete pending operations without allowing any +further instructions to be executed. + +Without KVM_CAP_NEEDS_COMPLETION, KVM_RUN_NEEDS_COMPLETION will never be set +and userspace must assume that exits of type KVM_EXIT_IO, KVM_EXIT_MMIO, +KVM_EXIT_OSI, KVM_EXIT_PAPR, KVM_EXIT_XEN, KVM_EXIT_EPR, KVM_EXIT_X86_RDMSR, +KVM_EXIT_X86_WRMSR, and KVM_EXIT_HYPERCALL require completion. + 8. Other capabilities. ====================== diff --git a/arch/powerpc/kvm/book3s_emulate.c b/arch/powerpc/kvm/book3s_emulate.c index de126d153328..15014a66c167 100644 --- a/arch/powerpc/kvm/book3s_emulate.c +++ b/arch/powerpc/kvm/book3s_emulate.c @@ -374,6 +374,7 @@ int kvmppc_core_emulate_op_pr(struct kvm_vcpu *vcpu, } vcpu->run->exit_reason = KVM_EXIT_PAPR_HCALL; + vcpu->run->flags |= KVM_RUN_NEEDS_COMPLETION; vcpu->arch.hcall_needed = 1; emulated = EMULATE_EXIT_USER; break; diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c index b253f7372774..05ad0c3494f1 100644 --- a/arch/powerpc/kvm/book3s_hv.c +++ b/arch/powerpc/kvm/book3s_hv.c @@ -1767,6 +1767,7 @@ static int kvmppc_handle_exit_hv(struct kvm_vcpu *vcpu, for (i = 0; i < 9; ++i) run->papr_hcall.args[i] = kvmppc_get_gpr(vcpu, 4 + i); run->exit_reason = KVM_EXIT_PAPR_HCALL; + run->flags |= KVM_RUN_NEEDS_COMPLETION; vcpu->arch.hcall_needed = 1; r = RESUME_HOST; break; diff --git a/arch/powerpc/kvm/book3s_pr.c b/arch/powerpc/kvm/book3s_pr.c index 83bcdc80ce51..c45beb64905a 100644 --- a/arch/powerpc/kvm/book3s_pr.c +++ b/arch/powerpc/kvm/book3s_pr.c @@ -1310,6 +1310,7 @@ int kvmppc_handle_exit_pr(struct kvm_vcpu *vcpu, unsigned int exit_nr) run->papr_hcall.args[i] = gpr; } run->exit_reason = KVM_EXIT_PAPR_HCALL; + run->flags |= KVM_RUN_NEEDS_COMPLETION; vcpu->arch.hcall_needed = 1; r = RESUME_HOST; } else if (vcpu->arch.osi_enabled && @@ -1320,6 +1321,7 @@ int kvmppc_handle_exit_pr(struct kvm_vcpu *vcpu, unsigned int exit_nr) int i; run->exit_reason = KVM_EXIT_OSI; + run->flags |= KVM_RUN_NEEDS_COMPLETION; for (i = 0; i < 32; i++) gprs[i] = kvmppc_get_gpr(vcpu, i); vcpu->arch.osi_needed = 1; diff --git a/arch/powerpc/kvm/booke.c b/arch/powerpc/kvm/booke.c index 6a5be025a8af..3a0e00178fa5 100644 --- a/arch/powerpc/kvm/booke.c +++ b/arch/powerpc/kvm/booke.c @@ -751,6 +751,7 @@ int kvmppc_core_check_requests(struct kvm_vcpu *vcpu) vcpu->run->epr.epr = 0; vcpu->arch.epr_needed = true; vcpu->run->exit_reason = KVM_EXIT_EPR; + vcpu->run->flags |= KVM_RUN_NEEDS_COMPLETION; r = 0; } diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index 88585c1de416..e2ec32a8970c 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -104,9 +104,10 @@ struct kvm_ioapic_state { #define KVM_IRQCHIP_IOAPIC 2 #define KVM_NR_IRQCHIPS 3 -#define KVM_RUN_X86_SMM (1 << 0) -#define KVM_RUN_X86_BUS_LOCK (1 << 1) -#define KVM_RUN_X86_GUEST_MODE (1 << 2) +#define KVM_RUN_X86_SMM (1 << 0) +#define KVM_RUN_X86_BUS_LOCK (1 << 1) +#define KVM_RUN_X86_GUEST_MODE (1 << 2) +#define KVM_RUN_X86_NEEDS_COMPLETION (1 << 2) /* for KVM_GET_REGS and KVM_SET_REGS */ struct kvm_regs { diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index a8aa12e0911d..67034b089371 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10154,6 +10154,8 @@ static void post_kvm_run_save(struct kvm_vcpu *vcpu) kvm_run->flags |= KVM_RUN_X86_SMM; if (is_guest_mode(vcpu)) kvm_run->flags |= KVM_RUN_X86_GUEST_MODE; + if (vcpu->arch.complete_userspace_io) + kvm_run->flags |= KVM_RUN_NEEDS_COMPLETION; } static void update_cr8_intercept(struct kvm_vcpu *vcpu) diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 343de0a51797..91dbee3ae0bc 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -192,6 +192,8 @@ struct kvm_xen_exit { /* Flags that describe what fields in emulation_failure hold valid data. */ #define KVM_INTERNAL_ERROR_EMULATION_FLAG_INSTRUCTION_BYTES (1ULL << 0) +#define KVM_RUN_NEEDS_COMPLETION (1 << 15) + /* * struct kvm_run can be modified by userspace at any time, so KVM must be * careful to avoid TOCTOU bugs. In order to protect KVM, HINT_UNSAFE_IN_KVM() @@ -933,6 +935,7 @@ struct kvm_enable_cap { #define KVM_CAP_PRE_FAULT_MEMORY 236 #define KVM_CAP_X86_APIC_BUS_CYCLES_NS 237 #define KVM_CAP_X86_GUEST_MODE 238 +#define KVM_CAP_NEEDS_COMPLETION 239 struct kvm_irq_routing_irqchip { __u32 irqchip; diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 7d2076439081..28aa89e5ba85 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -4746,6 +4746,7 @@ static int kvm_vm_ioctl_check_extension_generic(struct kvm *kvm, long arg) case KVM_CAP_CHECK_EXTENSION_VM: case KVM_CAP_ENABLE_CAP_VM: case KVM_CAP_HALT_POLL: + case KVM_CAP_NEEDS_COMPLETION: return 1; #ifdef CONFIG_KVM_MMIO case KVM_CAP_COALESCED_MMIO: From patchwork Sat Jan 11 01:24:49 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13935702 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5311713CFA6 for ; Sat, 11 Jan 2025 01:24:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1736558700; cv=none; b=E5g/r3e1w8SzteO95ydg8oDGC9gbb9xzBFGmlXQ8WEm9HBqkCrP9eX8w85mCd77rC/wgfcgt+ewEVO/LTxzh6LOfV/pCMBGndj/NNEYeVzrcBOOZBcEMSK5f+TxMcbVJNL3LBLFyPlJbRELh70zc9KQq74+4oJ8yOstIDiinsbA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1736558700; c=relaxed/simple; bh=WblEmOXy4lG1OvHRKBFgBmQz8+4EVU20P3KzKjYyjd4=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=olIfWpRBP78z8IJ46aQylH/JeaQvTwrqcv3X8AWyElguTCGWmtAwtbUFcVurd0MIU9eUrF4KVRvYOPx4onsDPZkepeTvn7a3EwEsW+rG5L0RPKx1r3Ik7tCzKeWlUaKgMc7cNdXh6Mctu36QRRN2N2arnk8X3ymNLDe9tdRau6o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=VCDYG6LN; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="VCDYG6LN" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-2eeeb5b7022so4818734a91.0 for ; Fri, 10 Jan 2025 17:24:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736558699; x=1737163499; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=3UIVRx5jS5uHOad/ZRxuC+ZyfJfWx7WVNf7AHGunc9Q=; b=VCDYG6LNr+3c01fMKg11JxsGKRmxugUOGOjj7nMvy8L7BZ+0HTrcyVZtOLlUvyUnwu /znmrwIsPrFVNX2O5nuIw9y7TCPzogm4TgrXCVg8gb6KYR2Q5EXZ/s9Dyiqu+zJXpoaB 43TWidptFBXRNGrWLHavvieBprLpZb6bISubzC+8fCYiqndF7fsm04yvTcS2yCUi2e79 XWigkUdONYgM8qrJ2ruaAO9GaQIBLAmfGo2zIz3imfmFiZsGLuvhnsaHMzhtqKD4nES8 OLZqi/j/BE7+vGphw5rPf5d0RS1GS5M3zscD+zWECFFOyca1rhwW7eOzD0KEC73unjb1 4rMw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736558699; x=1737163499; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3UIVRx5jS5uHOad/ZRxuC+ZyfJfWx7WVNf7AHGunc9Q=; b=OHUD2yfwFu5PDB2igwBEc6rXlnE6WhxUGZObZCeIcKGVDW3zxv//Wf4zwOdLf4b4wv HhKmiO8wPLXM3lgRN/jj9tny/fkhQysEeP9N5ffSTY+1gIcSkp5MUtFSlUQb/TKqJ5Ab o2Lba7Zvd9ZD4QQ6JZeHBc/CRm1LC6qhEQIwWiOi5pUbKYDD2w1YzcBsFO18Qtf2cRch Xuf50H9luzprPHxNYWITOBg8xCYdCmRKTfb4w8ZNSGVEQ0jKZvtI9Qbrw9sF8dinVNq/ JcwIYdL1babIUoiGkvnjP6PXIUzVq3tm3GjzfdZ27xe+HTuHYiondbKnvJ/AARl0a51/ xzgQ== X-Gm-Message-State: AOJu0YzrXQJm3wpWvl4dYp4GUapIKtG7ZXA6n2c3IaOKx6BgkcLQ7lLz c6rNmdTvrW4Va4Ol+3VVBCDr4vKKQ7lmzjj1VcKRTkwhUCmq4YzaXukjt/Doh6OW9PilAoFb/pA 7HQ== X-Google-Smtp-Source: AGHT+IHf025t1EVvlV+j91gbU3uZgm+9mZiPk2JrEEttgvDlmrVpnhWnRwbzCB96nhWXuJS4v4uP1KYHMJk= X-Received: from pjbnw13.prod.google.com ([2002:a17:90b:254d:b0:2ee:4b69:50e1]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:5188:b0:2ee:df57:b194 with SMTP id 98e67ed59e1d1-2f548eceb00mr17022072a91.21.1736558698928; Fri, 10 Jan 2025 17:24:58 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 10 Jan 2025 17:24:49 -0800 In-Reply-To: <20250111012450.1262638-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250111012450.1262638-1-seanjc@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20250111012450.1262638-5-seanjc@google.com> Subject: [PATCH 4/5] KVM: selftests: Provide separate helper for KVM_RUN with immediate_exit From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Michael Ellerman , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org Turn vcpu_run_complete_io() into a wrapper for a dedicated helper for doing KVM_RUN with immediate_exit = true, so that a future patch can do userspace exit completion if and only if it's actually necessary, whereas x86's nested exceptions test wants to unconditionally do KVM_RUN with an immediate exit. No functional change intended. Signed-off-by: Sean Christopherson --- tools/testing/selftests/kvm/include/kvm_util.h | 9 ++++++++- tools/testing/selftests/kvm/lib/kvm_util.c | 2 +- tools/testing/selftests/kvm/x86/nested_exceptions_test.c | 3 +-- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util.h b/tools/testing/selftests/kvm/include/kvm_util.h index 4c4e5a847f67..78fd597c1b60 100644 --- a/tools/testing/selftests/kvm/include/kvm_util.h +++ b/tools/testing/selftests/kvm/include/kvm_util.h @@ -631,7 +631,14 @@ static inline int __vcpu_run(struct kvm_vcpu *vcpu) return __vcpu_ioctl(vcpu, KVM_RUN, NULL); } -void vcpu_run_complete_io(struct kvm_vcpu *vcpu); + +void vcpu_run_immediate_exit(struct kvm_vcpu *vcpu); + +static inline void vcpu_run_complete_io(struct kvm_vcpu *vcpu) +{ + vcpu_run_immediate_exit(vcpu); +} + struct kvm_reg_list *vcpu_get_reg_list(struct kvm_vcpu *vcpu); static inline void vcpu_enable_cap(struct kvm_vcpu *vcpu, uint32_t cap, diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 33fefeb3ca44..c9a33766f673 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1665,7 +1665,7 @@ void vcpu_run(struct kvm_vcpu *vcpu) TEST_ASSERT(!ret, KVM_IOCTL_ERROR(KVM_RUN, ret)); } -void vcpu_run_complete_io(struct kvm_vcpu *vcpu) +void vcpu_run_immediate_exit(struct kvm_vcpu *vcpu) { int ret; diff --git a/tools/testing/selftests/kvm/x86/nested_exceptions_test.c b/tools/testing/selftests/kvm/x86/nested_exceptions_test.c index 3eb0313ffa39..4f144576a6da 100644 --- a/tools/testing/selftests/kvm/x86/nested_exceptions_test.c +++ b/tools/testing/selftests/kvm/x86/nested_exceptions_test.c @@ -238,8 +238,7 @@ int main(int argc, char *argv[]) /* Pend #SS and request immediate exit. #SS should still be pending. */ queue_ss_exception(vcpu, false); - vcpu->run->immediate_exit = true; - vcpu_run_complete_io(vcpu); + vcpu_run_immediate_exit(vcpu); /* Verify the pending events comes back out the same as it went in. */ vcpu_events_get(vcpu, &events); From patchwork Sat Jan 11 01:24:50 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13935703 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 35F8980BEC for ; Sat, 11 Jan 2025 01:25:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1736558702; cv=none; b=nryk3poybLSzekqc6D57+iiyEQWW4IgC4L75EqKdvgOCYpbXxvtsYOXC9zLVa0aZ7wksuYU01NyEn1YirjuGx8UJQHqmZx6ESsGNID3l5xM6uV6+RDiS+yqflXy2/wdp5ai3XwVwvKjU8LxDdQqo2HRsSXxxDJJGT2SARV869yw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1736558702; c=relaxed/simple; bh=Z8cG7o21aZj/wKnE6C162GYRcbSZevgDOGSsD/YNjgs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=nSJKUp1CS+n4RrB6nV0PS0qQNQhE/g1z41vxkn8Vo/FU4LusYOjZouyPZdYDAfn0Ht3WmwENJnVnoXlHT7uGKZzRCFkFc66sPNZ6gyIdfaEuBbVmKe9nHiMnZ5yqHNnO7tfo2xy3LF8FZtbmDPSn2L2je6MhSUu68vR0byPi9I0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=YbfoWROv; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="YbfoWROv" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-21648c8601cso42875205ad.2 for ; Fri, 10 Jan 2025 17:25:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736558700; x=1737163500; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=bnP9l4TBgZavFgl9ingoWbV7IQlMfBLutKO12YuuQSs=; b=YbfoWROvZAgguomIWPT2IOCf5HdG5fJN00gxks7X1N1E9Eyd0KuD0/1XnGFs2N3jl1 Ys6CQW6D882WMqALqeCLW0Zauac+2LntVPgQtZhH3P6cptJQWtnudBQIiUMafNBuN4TV gz4Re5SqUWWze5TR/v1PE9PrNGhyOwNqFDCG+R/hnK6IPLXN6bUpT+EglR2hkdXFM8Fg XXxqL04WxKd5PGmq1WH8/jKCq4WiF3KMi3y2NLYuSoyDyGUoevrFU5TPHKvGB4O/L7A3 tPlFsqNiyOQCguVLIQXgFskwZYsJvUbgxFXyCmx5/EMyiL8Zw8kbZVVPQRQUYXp0XcmG VJRw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736558700; x=1737163500; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=bnP9l4TBgZavFgl9ingoWbV7IQlMfBLutKO12YuuQSs=; b=mO9SQMhW6aZ+W9OfQNv+UjtcCKTxtoF/xUuBoqbYSFo3Qt5VpfGNtf+8PmuUonM60e VACYRSO++trt5nwfz++mOGArNF2XBcUlL6dsjkdUB4D/PYQkgL0+pw22XSP+DnTXVKPh 5gLELrYfrkcp/YyPI798h83kmCNzUN8/U7Gfhu8fNEQiPVgyJMOCsqPQHJruHuMBGCa8 +/5WLNEJgKPh0kCkg81iqK2pwYmgnksdf1SIRQRrVnyQkhdeIieiXcMK3pvyFROAy35E +0wL5c1/ats1wKd9y6VoS93KmaV92rjsJEc7q9mBSljC2Id/3opd+rCp9CygunM+BoEY gzqA== X-Gm-Message-State: AOJu0YySm9XcRRh5j48sfH2nv5BaicUU/D0ZUiYnTmL0EMHqOAiMb5Yp 16A+oa3JevzyMhnGKvD9UKD98sjPicPDFqyl1pGuZU4Lj4GGNUcxzDr4fXJa4kQF7RYq7OH4A4k L0A== X-Google-Smtp-Source: AGHT+IH1NdERQE8OQLjVGWXsUxxFzmL931Ova+zIR4kc3ay4XMIaQ3TzbpO5jT/NYBJvXHUAPCJZD+fSckk= X-Received: from pfbfh41.prod.google.com ([2002:a05:6a00:3929:b0:72a:bc54:8507]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:4393:b0:1e1:ca91:b0e3 with SMTP id adf61e73a8af0-1e88d09e17fmr21120449637.36.1736558700525; Fri, 10 Jan 2025 17:25:00 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 10 Jan 2025 17:24:50 -0800 In-Reply-To: <20250111012450.1262638-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250111012450.1262638-1-seanjc@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20250111012450.1262638-6-seanjc@google.com> Subject: [PATCH 5/5] KVM: selftests: Rely on KVM_RUN_NEEDS_COMPLETION to complete userspace exits From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Michael Ellerman , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org Add selftests coverage for KVM_RUN_NEEDS_COMPLETION by redoing KVM_RUN if and only if KVM states that completion is required. Opportunistically rename the helper to replace "io" with "exit", as exits that require completion are no longer limited to I/O. Signed-off-by: Sean Christopherson --- tools/testing/selftests/kvm/include/kvm_util.h | 8 ++++++-- tools/testing/selftests/kvm/lib/kvm_util.c | 4 ++++ tools/testing/selftests/kvm/lib/ucall_common.c | 2 +- tools/testing/selftests/kvm/lib/x86/processor.c | 8 +------- tools/testing/selftests/kvm/x86/triple_fault_event_test.c | 3 +-- 5 files changed, 13 insertions(+), 12 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util.h b/tools/testing/selftests/kvm/include/kvm_util.h index 78fd597c1b60..86e1850e4e49 100644 --- a/tools/testing/selftests/kvm/include/kvm_util.h +++ b/tools/testing/selftests/kvm/include/kvm_util.h @@ -29,6 +29,8 @@ #define NSEC_PER_SEC 1000000000L +extern bool kvm_has_needs_completion; + struct userspace_mem_region { struct kvm_userspace_memory_region2 region; struct sparsebit *unused_phy_pages; @@ -634,9 +636,11 @@ static inline int __vcpu_run(struct kvm_vcpu *vcpu) void vcpu_run_immediate_exit(struct kvm_vcpu *vcpu); -static inline void vcpu_run_complete_io(struct kvm_vcpu *vcpu) +static inline void vcpu_run_complete_exit(struct kvm_vcpu *vcpu) { - vcpu_run_immediate_exit(vcpu); + if (!kvm_has_needs_completion || + (vcpu->run->flags & KVM_RUN_NEEDS_COMPLETION)) + vcpu_run_immediate_exit(vcpu); } struct kvm_reg_list *vcpu_get_reg_list(struct kvm_vcpu *vcpu); diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index c9a33766f673..95ac9b981049 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -19,6 +19,8 @@ #define KVM_UTIL_MIN_PFN 2 +bool kvm_has_needs_completion; + uint32_t guest_random_seed; struct guest_random_state guest_rng; static uint32_t last_guest_seed; @@ -2253,6 +2255,8 @@ void __attribute((constructor)) kvm_selftest_init(void) /* Tell stdout not to buffer its content. */ setbuf(stdout, NULL); + kvm_has_needs_completion = kvm_check_cap(KVM_CAP_NEEDS_COMPLETION); + guest_random_seed = last_guest_seed = random(); pr_info("Random seed: 0x%x\n", guest_random_seed); diff --git a/tools/testing/selftests/kvm/lib/ucall_common.c b/tools/testing/selftests/kvm/lib/ucall_common.c index 42151e571953..125584a94ba8 100644 --- a/tools/testing/selftests/kvm/lib/ucall_common.c +++ b/tools/testing/selftests/kvm/lib/ucall_common.c @@ -154,7 +154,7 @@ uint64_t get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) "Guest failed to allocate ucall struct"); memcpy(uc, addr, sizeof(*uc)); - vcpu_run_complete_io(vcpu); + vcpu_run_complete_exit(vcpu); } else { memset(uc, 0, sizeof(*uc)); } diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testing/selftests/kvm/lib/x86/processor.c index bd5a802fa7a5..1db4764e413b 100644 --- a/tools/testing/selftests/kvm/lib/x86/processor.c +++ b/tools/testing/selftests/kvm/lib/x86/processor.c @@ -1077,13 +1077,7 @@ struct kvm_x86_state *vcpu_save_state(struct kvm_vcpu *vcpu) nested_size, sizeof(state->nested_)); } - /* - * When KVM exits to userspace with KVM_EXIT_IO, KVM guarantees - * guest state is consistent only after userspace re-enters the - * kernel with KVM_RUN. Complete IO prior to migrating state - * to a new VM. - */ - vcpu_run_complete_io(vcpu); + vcpu_run_complete_exit(vcpu); state = malloc(sizeof(*state) + msr_list->nmsrs * sizeof(state->msrs.entries[0])); TEST_ASSERT(state, "-ENOMEM when allocating kvm state"); diff --git a/tools/testing/selftests/kvm/x86/triple_fault_event_test.c b/tools/testing/selftests/kvm/x86/triple_fault_event_test.c index 56306a19144a..82d732788bc1 100644 --- a/tools/testing/selftests/kvm/x86/triple_fault_event_test.c +++ b/tools/testing/selftests/kvm/x86/triple_fault_event_test.c @@ -97,8 +97,7 @@ int main(void) events.flags |= KVM_VCPUEVENT_VALID_TRIPLE_FAULT; events.triple_fault.pending = true; vcpu_events_set(vcpu, &events); - run->immediate_exit = true; - vcpu_run_complete_io(vcpu); + vcpu_run_complete_exit(vcpu); vcpu_events_get(vcpu, &events); TEST_ASSERT(events.flags & KVM_VCPUEVENT_VALID_TRIPLE_FAULT,