Re: [PATCH] KVM: SVM: Disable AVIC on SNP-enabled system without HvInUseWrAllowed feature

From: Suthikulpanit, Suravee
Date: Tue Oct 01 2024 - 05:00:01 EST


Hi Sean,

On 9/30/2024 11:04 PM, Sean Christopherson wrote:
On Mon, Sep 30, 2024, Suravee Suthikulpanit wrote:
On SNP-enabled system, VMRUN marks AVIC Backing Page as in-use while
the guest is running for both secure and non-secure guest. This causes
any attempts to modify the RMP entries for the backing page to result in
FAIL_INUSE response. This is to ensure that the AVIC backing page is not
maliciously assigned to an SNP guest while the unencrypted guest is active.

Currently, an attempt to run AVIC guest would result in the following error:

BUG: unable to handle page fault for address: ff3a442e549cc270
#PF: supervisor write access in kernel mode
#PF: error_code(0x80000003) - RMP violation
PGD b6ee01067 P4D b6ee02067 PUD 10096d063 PMD 11c540063 PTE 80000001149cc163
SEV-SNP: PFN 0x1149cc unassigned, dumping non-zero entries in 2M PFN region: [0x114800 - 0x114a00]
...
This should be "fixed" by commit 75253db41a46 ("KVM: SEV: Make AVIC backing, VMSA
and VMCB memory allocation SNP safe"), no?

The commit 75253db41a46 fixes another issue related to 2MB-aligned in-use page, where the CPU incorrectly treats the whole 2MB region as in-use and signal an RMP violation #PF.

This enhancement is mainly to allow hypervisor to write to the AVIC backing page of non-secure guest on SNP-enabled system.

Note: This change might need to be ported to stable 6.9, 6.10, and 6.11 tree as well.

Thanks,
Suravee