On Fri, Sep 12, 2025 at 07:40:43AM -0700, Sean Christopherson wrote:
> On Fri, Sep 12, 2025, Hou Wenlong wrote:
> > On Fri, Sep 12, 2025 at 05:38:22PM +0800, Hou Wenlong wrote:
> > > On Fri, Sep 12, 2025 at 04:35:00PM +0800, Chao Gao wrote:
> > > > On Fri, Sep 12, 2025 at 03:35:29PM +0800, Hou Wenlong wrote:
> > > > >The commit a377ac1cd9d7b ("x86/entry: Move user return notifier out of
> > > > >loop") moved fire_user_return_notifiers() into the section with
> > > > >interrupts disabled, so the callback kvm_on_user_return() cannot be
> > > > >interrupted by kvm_arch_disable_virtualization_cpu() now. Therefore,
> > > > >remove the outdated comments and local_irq_save()/local_irq_restore()
> > > > >code in kvm_on_user_return().
> > > > >
> > > > >Signed-off-by: Hou Wenlong <houwenlong.hwl@xxxxxxxxxxxx>
> > > > >---
> > > > > arch/x86/kvm/x86.c | 16 +++++-----------
> > > > > 1 file changed, 5 insertions(+), 11 deletions(-)
> > > > >
> > > > >diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> > > > >index 33fba801b205..10afbacb1851 100644
> > > > >--- a/arch/x86/kvm/x86.c
> > > > >+++ b/arch/x86/kvm/x86.c
> > > > >@@ -568,18 +568,12 @@ static void kvm_on_user_return(struct user_return_notifier *urn)
> > > > > struct kvm_user_return_msrs *msrs
> > > > > = container_of(urn, struct kvm_user_return_msrs, urn);
> > > > > struct kvm_user_return_msr_values *values;
> > > > >- unsigned long flags;
> > > > >
> > > > >- /*
> > > > >- * Disabling irqs at this point since the following code could be
> > > > >- * interrupted and executed through kvm_arch_disable_virtualization_cpu()
> > > > >- */
> > > > >- local_irq_save(flags);
> > > > >- if (msrs->registered) {
> > > > >- msrs->registered = false;
> > > > >- user_return_notifier_unregister(urn);
> > > > >- }
> > > > >- local_irq_restore(flags);
> > > > >+ lockdep_assert_irqs_disabled();
> > > >
> > > > kvm_offline_cpu() may call into this function. But I am not sure if interrupts
> > > > are disabled in that path.
> > > >
> > > Thanks for pointing that out. I see that interrupts are enabled in the
> > > callback during the CPU offline test. I'll remove the
> > > lockdep_assert_irqs_disabled() here.
> > >
> >
> > Upon a second look, can we just disable interrupts in kvm_cpu_offline()?
> > The other paths that call kvm_disable_virtualization_cpu() are all in an
> > interrupt-disabled state, although it seems that
> > kvm_disable_virtualization_cpu() cannot be reentered.
>
> Why do we care? I.e. what is the motivation for changing this code? I'm hesitant
> to touch this code without good reason given its fragility and subtlety.
Hi, Sean.
I'm just reworking the shared MSRs part in our inner multi-KVM. First, I
noticed that the comment mentions that kvm_on_user_return() can be
interrupted or reentered, which is a little confusing to me. Then, I
found that the comment is outdated, so I decided to remove it and also
make changes to the code. I agree that this code is fragile, maybe
just change the comment?
Thanks!
