Re: [PATCH] KVM: SVM: Disable AVIC on SNP-enabled system without HvInUseWrAllowed feature

[Suthikulpanit, Suravee]

Hi Sean,

On 9/30/2024 11:04 PM, Sean Christopherson wrote:
> On Mon, Sep 30, 2024, Suravee Suthikulpanit wrote:
> > On SNP-enabled system, VMRUN marks AVIC Backing Page as in-use while
> > the guest is running for both secure and non-secure guest. This causes
> > any attempts to modify the RMP entries for the backing page to result in
> > FAIL_INUSE response. This is to ensure that the AVIC backing page is not
> > maliciously assigned to an SNP guest while the unencrypted guest is active.
> >
> > Currently, an attempt to run AVIC guest would result in the following error:
> >
> >      BUG: unable to handle page fault for address: ff3a442e549cc270
> >      #PF: supervisor write access in kernel mode
> >      #PF: error_code(0x80000003) - RMP violation
> >      PGD b6ee01067 P4D b6ee02067 PUD 10096d063 PMD 11c540063 PTE 80000001149cc163
> >      SEV-SNP: PFN 0x1149cc unassigned, dumping non-zero entries in 2M PFN region: [0x114800 - 0x114a00]
> >      ...
> This should be "fixed" by commit 75253db41a46 ("KVM: SEV: Make AVIC backing, VMSA
> and VMCB memory allocation SNP safe"), no?

The commit 75253db41a46 fixes another issue related to 2MB-aligned 
in-use page, where the CPU incorrectly treats the whole 2MB region as 
in-use and  signal an RMP violation #PF.

This enhancement is mainly to allow hypervisor to write to the AVIC 
backing page of non-secure guest on SNP-enabled system.

Note: This change might need to be ported to stable 6.9, 6.10, and 6.11 
tree as well.

Thanks,
Suravee