Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp158920ybh; Tue, 14 Jul 2020 21:30:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzkhe7CikMx72lfxIbBuIa1fWX6NYZbJGn7hD7enHf5Xypo8Q16ENppD/ZC70xTqdG/AMw8 X-Received: by 2002:a50:ee8d:: with SMTP id f13mr7481935edr.302.1594787407673; Tue, 14 Jul 2020 21:30:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594787407; cv=none; d=google.com; s=arc-20160816; b=XsvA95Rzd2XSoDYuIczsRTZrRG106v035WsxTxdsrqfjOfhIPPd7EIF+CcVLOpASAS 9NciDbypN9HV00KKkFvOcEVBHvqtWUCXhmSfBfpNk2IS0oO3A/fc6qMP7l/2OiLLunfQ SdMmVGqXPbqRPyyVFzyccw1eQv/2nYw/vBrMFaK27oO/LcQD5QIEYj2Oztpap8Nlxo3x XJCiSzMWIRlUPg2xvWnvzsP48F21gdtq0AEgAvtsZAj9sEwjZbQc08+C+mBD7tK6PLUu 8Jj5GNLz6+0arKh1suYCjLa/Fba8jpNbVVthy46gSG9CtKO7ohNNrsi6Z/7U4hJloVqW iO5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:ironport-sdr:ironport-sdr; bh=lEDgj8dnoiy6mCjnxO5Y9pur4ssxJDpCWDVSDgEgkRc=; b=lmVF3HOpqQNBRr/vmqe48I9lleMtmPTRTkJvf6rQ+ZcSuGQ2fiUTp5z6NKVDRiX2K/ mcPoeFd80ixVD7DzsWKcHVm8v5FLN6jiRL3g1kVcmUV5MwSRs9V7DtLVjAuN1cQkLeNm RiM+v5x9f3k/FN51UTd0WdF6fEn3SBcKSM5WV2NCXrzmignfwtV7fH+H6vvq/wwovbfk 7EurbrrUmw6upmCLQt8nluxA/Ip6xHCkAsqjk5MzASJgleI/3IyL8B52tf7GhPMaJ+l3 TliPMBJzJ5FWVA1+fT9zEywJPYBhQvgEkDZZDe89uawmfozIH426ClvaE8BNRkU9rRfu vqyQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id e7si564596edn.164.2020.07.14.21.29.42; Tue, 14 Jul 2020 21:30:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726511AbgGOE11 (ORCPT + 99 others); Wed, 15 Jul 2020 00:27:27 -0400 Received: from mga05.intel.com ([192.55.52.43]:59539 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725770AbgGOE11 (ORCPT ); Wed, 15 Jul 2020 00:27:27 -0400 IronPort-SDR: 1myXmjA3WpzCTn8bKX2UnmSqPQiJCt6TAvHd7WUOrDOrFcW4hLBCC1rVAQPJ+oMU2UtSk+jXVl 6UWHSSe7wLeA== X-IronPort-AV: E=McAfee;i="6000,8403,9682"; a="233936293" X-IronPort-AV: E=Sophos;i="5.75,354,1589266800"; d="scan'208";a="233936293" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Jul 2020 21:27:26 -0700 IronPort-SDR: yYi6MGSXlFAUgYHAavn7DNXJz8sblz4eHr1QSjSPTnAAwL+UU2MJqDmHiBsBLaw30xLzyHH2CO dZJlNyRonj2Q== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,354,1589266800"; d="scan'208";a="308118773" Received: from sjchrist-coffee.jf.intel.com ([10.54.74.152]) by fmsmga004.fm.intel.com with ESMTP; 14 Jul 2020 21:27:26 -0700 From: Sean Christopherson To: Paolo Bonzini Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Junaid Shahid Subject: [PATCH 0/8] KVM: x86/mmu: ITLB multi-hit workaround fixes Date: Tue, 14 Jul 2020 21:27:17 -0700 Message-Id: <20200715042725.10961-1-sean.j.christopherson@intel.com> X-Mailer: git-send-email 2.26.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Patch 1 is a minor fix for a very theoretical bug where KVM could skip the final "commit zap" when recovering shadow pages for the NX huge page mitigation. Patch 2 is cleanup that's made possible by patch 1. Patches 3-5 are the main course and fix bugs in the NX huge page accounting where shadow pages are incorrectly added to the list of disallowed huge pages. KVM doesn't actually check to see if the page could actually have been a large page when adding to the disallowed list. This result in what are effectively spurious zaps. The biggest issue is likely with shadow pages in the upper levels, i.e. levels 3 and 4, as they are either unlikely to be huge (1gb) or flat out can't be huge (512tb). And because of the way KVM zaps, the upper levels will be zapped first, i.e. KVM is likely zapping and rebuilding a decent number of its shadow pages for zero benefit. Ideally, patches 3-5 would be a single patch to ease backporting. In the end, I decided the change is probably not suitable for stable as at worst it creates an infrequent performance spike (assuming the admin isn't going crazy with the recovery frequency), and it's far from straightforward or risk free. Cramming everything into a single patch was a mess. Patches 6-8 are cleanups in related code. The 'hlevel' name in particular has been on my todo list for a while. Sean Christopherson (8): KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages KVM: x86/mmu: Refactor the zap loop for recovering NX lpages KVM: x86/mmu: Move "huge page disallowed" calculation into mapping helpers KVM: x86/mmu: Capture requested page level before NX huge page workaround KVM: x86/mmu: Account NX huge page disallowed iff huge page was requested KVM: x86/mmu: Rename 'hlevel' to 'level' in FNAME(fetch) KVM: x86/mmu: Hoist ITLB multi-hit workaround check up a level KVM: x86/mmu: Track write/user faults using bools arch/x86/kvm/mmu/mmu.c | 58 +++++++++++++++++++++------------- arch/x86/kvm/mmu/paging_tmpl.h | 39 ++++++++++++----------- 2 files changed, 57 insertions(+), 40 deletions(-) -- 2.26.0