Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp2615498pxb; Sun, 17 Oct 2021 20:35:38 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzo5l90fhng9eR7KqBzkdDiMcMwZOR1+kJ94j4InqEeVKbDm7i7I7jSknRzEJfYNlFO+qd0 X-Received: by 2002:a17:90b:1806:: with SMTP id lw6mr30306889pjb.222.1634528138520; Sun, 17 Oct 2021 20:35:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634528138; cv=none; d=google.com; s=arc-20160816; b=M4fgMS8jEMWzZ3s8vCn2rw5BVrm0J9tYDBKfF8SE9bqOPHtRL5TPcN7Pk+CqhxqnO+ e2AdNl5sT4bpiqH713g369ibsP5q255hFHtNp8+EetD8Zp/N2ujIAVrBouHyQsQhc80X 18OE4ayrwyL5GIB3+iURace7tMKknxd4LLSPrzNWnjBzNGQnezBrrCwUmx2VJKGtqdRL 1ZTVII73NE9DSG6s71/t67j3C0uM0D+tpqhTjLY/HccSfEQkyYOjDo/achUYPhIlTFzg 4axyI9Moj+03hbsOi2UU/KTP7GcO8Y95J/PQA470pVuMUVGS3V1WeCDnh/wlyupvIiAu VWjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:user-agent:references:in-reply-to :subject:cc:to:from:message-id:date; bh=j+7TBoYRdZSZbzypZ/vuizR1oyAeNEdg93Be93OebqY=; b=ECZPFz8aYFSCs/3O78ouQCHUbo8OmHWHjXditGMkpCdDIe6Dv+LiNcT81wadG1OwEY PNCoA0/XcXA1AJvLNhfAin+BOxMDz/cpksDVNvrWXmdlCUTQZRIXjR29HakI/ocS0aYH QWjVxPZL8izTppuqKEQhQTwuXiaIzm+B9PJjuXrkjEE4C2CgTMI3Lzn1nPWXZJZDhplO BYMI2sYGn4/knE2VtNnUTOUYNDxfNIHWEhWQ/p2sslarng/fzAgcwwhAkDxU0kiPkYqh /af6aaLCA7Mw5VmUDyUuVve7hv7vAb9Or8K8F4wjk7AtMsJ8HQOnXNw5jXfERk8MpWmO nPqg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o17si19368015pgv.265.2021.10.17.20.35.26; Sun, 17 Oct 2021 20:35:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240416AbhJPM14 (ORCPT + 98 others); Sat, 16 Oct 2021 08:27:56 -0400 Received: from mail.kernel.org ([198.145.29.99]:58896 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235147AbhJPM1z (ORCPT ); Sat, 16 Oct 2021 08:27:55 -0400 Received: from disco-boy.misterjones.org (disco-boy.misterjones.org [51.254.78.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id E85736115C; Sat, 16 Oct 2021 12:25:47 +0000 (UTC) Received: from sofa.misterjones.org ([185.219.108.64] helo=wait-a-minute.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1mbikz-00HBy2-UM; Sat, 16 Oct 2021 13:25:46 +0100 Date: Sat, 16 Oct 2021 13:25:45 +0100 Message-ID: <87h7dhupfa.wl-maz@kernel.org> From: Marc Zyngier To: Quentin Perret Cc: James Morse , Alexandru Elisei , Suzuki K Poulose , Catalin Marinas , Will Deacon , Fuad Tabba , David Brazdil , linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, kernel-team@android.com Subject: Re: [PATCH 16/16] KVM: arm64: pkvm: Unshare guest structs during teardown In-Reply-To: <20211013155831.943476-17-qperret@google.com> References: <20211013155831.943476-1-qperret@google.com> <20211013155831.943476-17-qperret@google.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/27.1 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: qperret@google.com, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, catalin.marinas@arm.com, will@kernel.org, tabba@google.com, dbrazdil@google.com, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, kernel-team@android.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 13 Oct 2021 16:58:31 +0100, Quentin Perret wrote: > > Make use of the newly introduced unshare hypercall during guest teardown > to unmap guest-related data structures from the hyp stage-1. > > Signed-off-by: Quentin Perret > --- > arch/arm64/include/asm/kvm_host.h | 2 ++ > arch/arm64/include/asm/kvm_mmu.h | 1 + > arch/arm64/kvm/arm.c | 2 ++ > arch/arm64/kvm/fpsimd.c | 10 ++++++++-- > arch/arm64/kvm/mmu.c | 16 ++++++++++++++++ > arch/arm64/kvm/reset.c | 13 ++++++++++++- > 6 files changed, 41 insertions(+), 3 deletions(-) > > diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h > index f8be56d5342b..8b61cdcd1b29 100644 > --- a/arch/arm64/include/asm/kvm_host.h > +++ b/arch/arm64/include/asm/kvm_host.h > @@ -322,6 +322,8 @@ struct kvm_vcpu_arch { > > struct thread_info *host_thread_info; /* hyp VA */ > struct user_fpsimd_state *host_fpsimd_state; /* hyp VA */ > + struct thread_info *kern_thread_info; > + struct user_fpsimd_state *kern_fpsimd_state; > > struct { > /* {Break,watch}point registers */ > diff --git a/arch/arm64/include/asm/kvm_mmu.h b/arch/arm64/include/asm/kvm_mmu.h > index 185d0f62b724..81839e9a8a24 100644 > --- a/arch/arm64/include/asm/kvm_mmu.h > +++ b/arch/arm64/include/asm/kvm_mmu.h > @@ -151,6 +151,7 @@ static __always_inline unsigned long __kern_hyp_va(unsigned long v) > #include > > int kvm_share_hyp(void *from, void *to); > +void kvm_unshare_hyp(void *from, void *to); > int create_hyp_mappings(void *from, void *to, enum kvm_pgtable_prot prot); > int create_hyp_io_mappings(phys_addr_t phys_addr, size_t size, > void __iomem **kaddr, > diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c > index f2e74635332b..f11c51db6fe6 100644 > --- a/arch/arm64/kvm/arm.c > +++ b/arch/arm64/kvm/arm.c > @@ -188,6 +188,8 @@ void kvm_arch_destroy_vm(struct kvm *kvm) > } > } > atomic_set(&kvm->online_vcpus, 0); > + > + kvm_unshare_hyp(kvm, kvm + 1); > } > > int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext) > diff --git a/arch/arm64/kvm/fpsimd.c b/arch/arm64/kvm/fpsimd.c > index 2fe1128d9f3d..67059daf4d26 100644 > --- a/arch/arm64/kvm/fpsimd.c > +++ b/arch/arm64/kvm/fpsimd.c > @@ -28,23 +28,29 @@ int kvm_arch_vcpu_run_map_fp(struct kvm_vcpu *vcpu) > { > int ret; > > - struct thread_info *ti = ¤t->thread_info; > - struct user_fpsimd_state *fpsimd = ¤t->thread.uw.fpsimd_state; > + struct thread_info *ti = vcpu->arch.kern_thread_info; > + struct user_fpsimd_state *fpsimd = vcpu->arch.kern_fpsimd_state; > > /* > * Make sure the host task thread flags and fpsimd state are > * visible to hyp: > */ > + kvm_unshare_hyp(ti, ti + 1); At this stage, the old thread may have been destroyed and the memory recycled. What happens if, in the interval, that memory gets shared again in another context? My guts feeling is that either the sharing fails, or the unshare above breaks something else (the refcounting doesn't save us if the sharing is not with HYP). In any case, I wonder whether we need a notification from the core code that a thread for which we have a HYP mapping is gone so that we can mop up the mapping at that point. That's similar to what we have for MMU notifiers and S2 PTs. This is doable by hooking into fpsimd_release_task() and extending thread_struct to track the sharing with HYP. Thanks, M. -- Without deviation from the norm, progress is not possible.