Re: [PATCH 2/2] KVM: VMX: Extend VMX's #AC handding
From: Andy Lutomirski
Date: Fri Jan 31 2020 - 16:33:24 EST
> On Jan 31, 2020, at 1:04 PM, Sean Christopherson <sean.j.christopherson@xxxxxxxxx> wrote:
>
> ïOn Fri, Jan 31, 2020 at 12:57:51PM -0800, Andy Lutomirski wrote:
>>
>>>> On Jan 31, 2020, at 12:18 PM, Sean Christopherson <sean.j.christopherson@xxxxxxxxx> wrote:
>>>
>>> This is essentially what I proposed a while back. KVM would allow enabling
>>> split-lock #AC in the guest if and only if SMT is disabled or the enable bit
>>> is per-thread, *or* the host is in "warn" mode (can live with split-lock #AC
>>> being randomly disabled/enabled) and userspace has communicated to KVM that
>>> it is pinning vCPUs.
>>
>> How about covering the actual sensible case: host is set to fatal? In this
>> mode, the guest gets split lock detection whether it wants it or not. How do
>> we communicate this to the guest?
>
> KVM doesn't advertise split-lock #AC to the guest and returns -EFAULT to the
> userspace VMM if the guest triggers a split-lock #AC.
>
> Effectively the same behavior as any other userspace process, just that KVM
> explicitly returns -EFAULT instead of the process getting a SIGBUS.
Which helps how if the guest is actually SLD-aware?
I suppose we could make the argument that, if an SLD-aware guest gets #AC at CPL0, itâs a bug, but it still seems rather nicer to forward the #AC to the guest instead of summarily killing it.
ISTM, on an SLD-fatal host with an SLD-aware guest, the host should tell the guest âhey, you may not do split locks â SLD is forced onâ and the guest should somehow acknowledge it so that it sees the architectural behavior instead of something we made up. Hence my suggestion.