Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp684824ybt; Wed, 8 Jul 2020 09:10:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwN+akMBPmORmscx46GGs+0/ojFrNja30AJUFJA4V2x/s6jn+DiAuul0MnFV/33LPC4CUoV X-Received: by 2002:a17:906:7f90:: with SMTP id f16mr51786823ejr.507.1594224607149; Wed, 08 Jul 2020 09:10:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594224607; cv=none; d=google.com; s=arc-20160816; b=Lo/4oQ930AhY5/GF9sdlL1DVdYlgnPo1Ev4aIZFKaHBBm/w82uJBwe4LA1orIA1Tgx A/w4CJQcA9Elp8r+4P035KvWSVz5Uuv8TjYB3f8c1nGJL+Q95hsTKUAN9WtHo4nxxiqS 3YMvA0cyqIEQMzfWAm4YshhcylzbYMPOsuaVhjfqhdDqXE4R3i3xTdflpurTC2YbSZmq W/acf186wY8SBUoO2vk5dt3C/fzvB+qHBcvwXGdXU30LaynWkNAHO4lP44ZAftVPV5qs EJlGUanynEO8lNiDBocWegNQXbYhEk/3qGAA4B2ymvOTlcxvGGxfKFOMT6Z/dllIEI57 QInQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=QZSDpxKOQ0yOTVRj+Axry1+tC2WUTV/cuuz+l9MDwuY=; b=nY1465LB6Pp9pgCv5HGAJ3SVy4DXw7gXyTpGajXMTlcGZ9t4LiYvjSKvZ7TClAPsoY 0sKWBTdPK7SzLDB3P3fmITIaiYmIhoFeAIS+TkIMGY8rdI8a7AcVPS76/Pz+3A5cVl65 p/oqcTcrIPpJMWcLasFV4Wtu5tl0oniCY/vdZOAkNk3LokAl7VCKobA7a+EyWKJFokqt UvCbRstjjPODpwj3WDn1608zRpG0gl8CYHKL4ZrxCkkLbLf6Zu77HXL1bW6PFiGSnIMt 4xOHm0wqGt8sJtJHHuz6uXhopVMFhKOfzPIGUcWIWauCwM+Jh2AkCNd78ToyrYO41Q1V Hezg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=X1z1jjLb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id gz3si141336ejb.142.2020.07.08.09.09.43; Wed, 08 Jul 2020 09:10:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=X1z1jjLb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728148AbgGHQIc (ORCPT + 99 others); Wed, 8 Jul 2020 12:08:32 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:50536 "EHLO us-smtp-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1730357AbgGHQIb (ORCPT ); Wed, 8 Jul 2020 12:08:31 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1594224510; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=QZSDpxKOQ0yOTVRj+Axry1+tC2WUTV/cuuz+l9MDwuY=; b=X1z1jjLbmDGHxvMtO7ucJfifdpWGVZF4P+MRYzTeRdmy0dITcwuJKuy1Xj8VmYRHrZS4J2 vjiszRifnZgvhic25xhc1m+MCbE2SIP6z4U39d2xONw6YN+AWtZ9FfXceqjv2Yjc+NgOFE c/3eT2BsAYeeTzf+jmI39gU5BoN0eVA= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-287-h1tKdwN6Mk2hP9wE6-yCjg-1; Wed, 08 Jul 2020 12:08:27 -0400 X-MC-Unique: h1tKdwN6Mk2hP9wE6-yCjg-1 Received: by mail-wm1-f72.google.com with SMTP id g187so3482290wme.0 for ; Wed, 08 Jul 2020 09:08:27 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=QZSDpxKOQ0yOTVRj+Axry1+tC2WUTV/cuuz+l9MDwuY=; b=sqr8FjmioqWoSkpUi7CW7O2tfXin/T4hGFA+o3wr+o3qpdo3z/t7A6CWpAAbcD411n xHzg27DOzOPVRIrqMiYZtDwLn2w2Gns3cDz9LSu0fA2cN5T3I/VZAlEUMH/Tv0MtYPkv uZ0FGV2PUeBIe2w9D9T0gyZH0fW0/IhY3bwN3c2N3AstKNVnRrjK2Ss6IEy3LdiT0Ebb KrfeShU8rgZvOAzp8sduPjB2Hc1aEp6xFoc/tSOUz4XVKfU7cdgnM3/JUzeM2XWN9Lax 6nNvBWZWCjWmZ0YpX9ASWa2ij9AMp0vQ+MfwtO6a/3JM9rhtle3gDNrzq6v0Qnd1oGWH GBpA== X-Gm-Message-State: AOAM531nsP2EQv0vht3DyOlgdYz6xMl9054PuyXv4+rVJvqX5/L+qxbZ n9JuNvkl3feQ7brvk7Zz3INZ/v+HhDJq5JI2+81lj3mX3jO+gIEYdQik+o3Ld8aZlFS6zYmLIqY xQ6w7kM6VDs/p4CQ23QbBGX9a X-Received: by 2002:adf:fcc5:: with SMTP id f5mr65603666wrs.60.1594224506661; Wed, 08 Jul 2020 09:08:26 -0700 (PDT) X-Received: by 2002:adf:fcc5:: with SMTP id f5mr65603644wrs.60.1594224506445; Wed, 08 Jul 2020 09:08:26 -0700 (PDT) Received: from ?IPv6:2001:b07:6468:f312:9541:9439:cb0f:89c? ([2001:b07:6468:f312:9541:9439:cb0f:89c]) by smtp.gmail.com with ESMTPSA id m16sm743942wro.0.2020.07.08.09.08.25 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 08 Jul 2020 09:08:25 -0700 (PDT) Subject: Re: [PATCH] KVM: x86/mmu: Add capability to zap only sptes for the affected memslot To: Sean Christopherson Cc: Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Xiong Zhang , Wayne Boyer , Zhenyu Wang , Jun Nakajima References: <20200703025047.13987-1-sean.j.christopherson@intel.com> From: Paolo Bonzini Message-ID: <51637a13-f23b-8b76-c93a-76346b4cc982@redhat.com> Date: Wed, 8 Jul 2020 18:08:24 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0 MIME-Version: 1.0 In-Reply-To: <20200703025047.13987-1-sean.j.christopherson@intel.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 03/07/20 04:50, Sean Christopherson wrote: > Introduce a new capability, KVM_CAP_MEMSLOT_ZAP_CONTROL, to allow > userspace to control the memslot zapping behavior on a per-VM basis. > x86's default behavior is to zap all SPTEs, including the root shadow > page, across all memslots. While effective, the nuke and pave approach > isn't exactly performant, especially for large VMs and/or VMs that > heavily utilize RO memslots for MMIO devices, e.g. option ROMs. > > On a vanilla VM with 6gb of RAM, the targeted zap reduces the number of > EPT violations during boot by ~14% with THP enabled in the host, and by > ~7% with THP disabled in the host. On a much more custom VM with 32gb > and a significant amount of memslot zapping, this can reduce the number > of EPT violations by 50% during guest boot, and improve boot time by > as much as 25%. > > Keep the current x86 memslot zapping behavior as the default, as there's > an unresolved bug that pops up when zapping only the affected memslot, > and the exact conditions that trigger the bug are not fully known. See > https://patchwork.kernel.org/patch/10798453 for details. > > Implement the capability as a set of flags so that other architectures > might be able to use the capability without having to conform to x86's > semantics. It's bad that we have no clue what's causing the bad behavior, but I don't think it's wise to have a bug that is known to happen when you enable the capability. :/ Paolo