Re: [PATCH v9 3/8] KVM: Add KVM_EXIT_MEMORY_FAULT exit

From: Alex Bennée
Date: Fri Nov 18 2022 - 08:29:05 EST

Next message: Dmitry Vyukov: "Re: [syzbot] unregister_netdevice: waiting for DEV to become free (7)"
Previous message: Nikunj A. Dadhania: "Re: [PATCH] x86/sev: Add SEV-SNP guest feature negotiation support"
In reply to: Chao Peng: "Re: [PATCH v9 3/8] KVM: Add KVM_EXIT_MEMORY_FAULT exit"
Next in thread: Sean Christopherson: "Re: [PATCH v9 3/8] KVM: Add KVM_EXIT_MEMORY_FAULT exit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Chao Peng <chao.p.peng@xxxxxxxxxxxxxxx> writes:

> On Thu, Nov 17, 2022 at 03:08:17PM +0000, Alex Bennée wrote:
>>
<snip>
>> >> >> > +
>> >> >> > + /* KVM_EXIT_MEMORY_FAULT */
>> >> >> > + struct {
>> >> >> > + #define KVM_MEMORY_EXIT_FLAG_PRIVATE (1 << 0)
>> >> >> > + __u32 flags;
>> >> >> > + __u32 padding;
>> >> >> > + __u64 gpa;
>> >> >> > + __u64 size;
>> >> >> > + } memory;
>> >> >> > +
>> >> >> > +If exit reason is KVM_EXIT_MEMORY_FAULT then it indicates that the VCPU has
>> >> >> > +encountered a memory error which is not handled by KVM kernel module and
>> >> >> > +userspace may choose to handle it. The 'flags' field indicates the memory
>> >> >> > +properties of the exit.
>> >> >> > +
>> >> >> > + - KVM_MEMORY_EXIT_FLAG_PRIVATE - indicates the memory error is caused by
>> >> >> > + private memory access when the bit is set. Otherwise the memory error is
>> >> >> > + caused by shared memory access when the bit is clear.
>> >> >>
>> >> >> What does a shared memory access failure entail?
>> >> >
>> >> > In the context of confidential computing usages, guest can issue a
>> >> > shared memory access while the memory is actually private from the host
>> >> > point of view. This exit with bit 0 cleared gives userspace a chance to
>> >> > convert the private memory to shared memory on host.
>> >>
>> >> I think this should be explicit rather than implied by the absence of
>> >> another flag. Sean suggested you might want flags for RWX failures so
>> >> maybe something like:
>> >>
>> >> KVM_MEMORY_EXIT_SHARED_FLAG_READ (1 << 0)
>> >> KVM_MEMORY_EXIT_SHARED_FLAG_WRITE (1 << 1)
>> >> KVM_MEMORY_EXIT_SHARED_FLAG_EXECUTE (1 << 2)
>> >> KVM_MEMORY_EXIT_FLAG_PRIVATE (1 << 3)
>> >
>> > Yes, but I would not add 'SHARED' to RWX, they are not share memory
>> > specific, private memory can also set them once introduced.
>>
>> OK so how about:
>>
>> KVM_MEMORY_EXIT_FLAG_READ (1 << 0)
>> KVM_MEMORY_EXIT_FLAG_WRITE (1 << 1)
>> KVM_MEMORY_EXIT_FLAG_EXECUTE (1 << 2)
>> KVM_MEMORY_EXIT_FLAG_SHARED (1 << 3)
>> KVM_MEMORY_EXIT_FLAG_PRIVATE (1 << 4)
>
> We don't actually need a new bit, the opposite side of private is
> shared, i.e. flags with KVM_MEMORY_EXIT_FLAG_PRIVATE cleared expresses
> 'shared'.

If that is always true and we never expect a 3rd type of memory that is
fine. But given we are leaving room for expansion having an explicit bit
allows for that as well as making cases of forgetting to set the flags
more obvious.

--
Alex Bennée

Next message: Dmitry Vyukov: "Re: [syzbot] unregister_netdevice: waiting for DEV to become free (7)"
Previous message: Nikunj A. Dadhania: "Re: [PATCH] x86/sev: Add SEV-SNP guest feature negotiation support"
In reply to: Chao Peng: "Re: [PATCH v9 3/8] KVM: Add KVM_EXIT_MEMORY_FAULT exit"
Next in thread: Sean Christopherson: "Re: [PATCH v9 3/8] KVM: Add KVM_EXIT_MEMORY_FAULT exit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]