Re: [PATCH v19 098/130] KVM: TDX: Add a place holder to handle TDX VM exit
From: Isaku Yamahata
Date: Tue Mar 19 2024 - 17:57:19 EST
On Fri, Mar 15, 2024 at 10:45:04AM -0700,
Sean Christopherson <seanjc@xxxxxxxxxx> wrote:
> On Mon, Feb 26, 2024, isaku.yamahata@xxxxxxxxx wrote:
> > +int tdx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t fastpath)
> > +{
> > + union tdx_exit_reason exit_reason = to_tdx(vcpu)->exit_reason;
> > +
> > + /* See the comment of tdh_sept_seamcall(). */
> > + if (unlikely(exit_reason.full == (TDX_OPERAND_BUSY | TDX_OPERAND_ID_SEPT)))
> > + return 1;
> > +
> > + /*
> > + * TDH.VP.ENTRY checks TD EPOCH which contend with TDH.MEM.TRACK and
> > + * vcpu TDH.VP.ENTER.
> > + */
> > + if (unlikely(exit_reason.full == (TDX_OPERAND_BUSY | TDX_OPERAND_ID_TD_EPOCH)))
> > + return 1;
> > +
> > + if (unlikely(exit_reason.full == TDX_SEAMCALL_UD)) {
> > + kvm_spurious_fault();
> > + /*
> > + * In the case of reboot or kexec, loop with TDH.VP.ENTER and
> > + * TDX_SEAMCALL_UD to avoid unnecessarily activity.
> > + */
> > + return 1;
>
> No. This is unnecessarily risky. KVM_BUG_ON() and exit to userspace. The
> response to "SEAMCALL faulted" should never be, "well, let's try again!".
>
> Also, what about #GP on SEAMCALL? In general, the error handling here seems
> lacking.
As I replied at [1], let me revise error handling in general TDX KVM code.
[1] https://lore.kernel.org/kvm/cover.1708933498.git.isaku.yamahata@xxxxxxxxx/T/#macc431c87676995d65ddcd8de632261a2dedc525
--
Isaku Yamahata <isaku.yamahata@xxxxxxxxx>