Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp939094ybl; Fri, 16 Aug 2019 06:30:48 -0700 (PDT) X-Google-Smtp-Source: APXvYqyHrLtS96ZK6OJFifOGZX/lIUOYut9IwMxbVPXSJ+Yflavk7vMiEjvS9hhmW5mAbwO9LRyy X-Received: by 2002:a63:6fcf:: with SMTP id k198mr7773279pgc.276.1565962247832; Fri, 16 Aug 2019 06:30:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565962247; cv=none; d=google.com; s=arc-20160816; b=lqCNiThtvP/ifTETX5He/nSBEDIUgCGHNStIpbomWMg69kF75b1YPVtM7N+YESbc0n qpN+TlMytEFdQ6toXSNI+e0GOwWDKcD9TUfgg28quEUuN5Nwiu+n9Ax62qzg6TzY3Kzb oIZ0wI2d46WX/bbRYuzN2aL6QyJGfmuWp0aXpVs2pv1r9LV58jX3/K/UNq6/+ACPZ+34 VqSmqoxWMY1vxLCgwJlBN04Ndk4SVvEwfmsUsQNeAhTGTkhflQKuVVmoqqFqB887Gp8R d4rxaL8weKiEj2an5iEs/hZqTKjCahM8k4zagCnfQxH5xOMeWYyt5/dhQd89ZQIQCy90 gQJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=sVRr+NSbl2yrLOuEHYenwEbqZuP8tVBxpNecmVAK+6g=; b=hBh/HhQDc6kXwvjFcxW0aUDiSEhIyK/KzOZjWafPEH3slXAdt5uDMbnwd81oBd90ac KZiwDA6mNLImWaHq0f4PMcqtaiprtAWC516SMt/uxLvYVHZ8goBJ8AC1+OQ3YaOXJFTI /g2CrXcnjHYa4nqMZ2jINXxLD38gX7TNriLBCrx2nP1TH1TAq2XqNoxtcsQi1e0DtZba TB2ZyhI7I+GEY82q2tOb6LEbXtxXrQDNBcV/hOs9KXPvQxFg7I2sAiju+JP9raVRlY6a l2xPUfyKupz0FbSLEa1MJCBPP721DjQQgZB7nrspZSJ1dKZdDypvxj7lJelI7Z0iILY/ RKrA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h37si3007271pjb.106.2019.08.16.06.30.31; Fri, 16 Aug 2019 06:30:47 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727302AbfHPN34 (ORCPT + 99 others); Fri, 16 Aug 2019 09:29:56 -0400 Received: from mga11.intel.com ([192.55.52.93]:21164 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727246AbfHPN34 (ORCPT ); Fri, 16 Aug 2019 09:29:56 -0400 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 16 Aug 2019 06:29:55 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,393,1559545200"; d="scan'208";a="188814716" Received: from local-michael-cet-test.sh.intel.com (HELO localhost) ([10.239.159.128]) by orsmga002.jf.intel.com with ESMTP; 16 Aug 2019 06:29:53 -0700 Date: Fri, 16 Aug 2019 21:31:30 +0800 From: Yang Weijiang To: Sean Christopherson Cc: Jim Mattson , Yang Weijiang , Vitaly Kuznetsov , kvm list , LKML , "Michael S. Tsirkin" , Radim =?utf-8?B?S3LEjW3DocWZ?= , yu.c.zhang@intel.com, alazar@bitdefender.com, Paolo Bonzini Subject: Re: [PATCH RESEND v4 5/9] KVM: VMX: Add init/set/get functions for SPP Message-ID: <20190816133130.GA14380@local-michael-cet-test.sh.intel.com> References: <20190814070403.6588-1-weijiang.yang@intel.com> <20190814070403.6588-6-weijiang.yang@intel.com> <87a7cbapdw.fsf@vitty.brq.redhat.com> <20190815134329.GA11449@local-michael-cet-test> <20190815163844.GD27076@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190815163844.GD27076@linux.intel.com> User-Agent: Mutt/1.11.3 (2019-02-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Aug 15, 2019 at 09:38:44AM -0700, Sean Christopherson wrote: > On Thu, Aug 15, 2019 at 09:25:41AM -0700, Jim Mattson wrote: > > On Thu, Aug 15, 2019 at 6:41 AM Yang Weijiang wrote: > > > > > Hi, Vitaly, > > > After looked into the issue and others, I feel to make SPP co-existing > > > with nested VM is not good, the major reason is, L1 pages protected by > > > SPP are transparent to L1 VM, if it launches L2 VM, probably the > > > pages would be allocated to L2 VM, and that will bother to L1 and L2. > > > Given the feature is new and I don't see nested VM can benefit > > > from it right now, I would like to make SPP and nested feature mutually > > > exclusive, i.e., detecting if the other part is active before activate one > > > feature,what do you think of it? > > > thanks! > > > > How do you propose making the features mutually exclusive? > > I haven't looked at the details or the end to end flow, but would it make > sense to exit to userspace on nested VMLAUNCH/VMRESUME if there are SPP > mappings? And have the SPP ioctl() kick vCPUs out of guest. > > KVM already exits on SPP violations, so presumably this is something that > can be punted to userspace. Thanks Jim and Sean! Could we add a new flag in kvm to identify if nested VM is on or off? That would make things easier. When VMLAUNCH is trapped, set the flag, if VMXOFF is trapped, clear the flag.