Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp1329645pxb; Wed, 20 Oct 2021 02:56:37 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxtaR0s4wR7rDPpwh0eDUKLGHrvItvT6tYnfV8jHpWIID5L5exkijWSIgQtCTTG7bYfqX0p X-Received: by 2002:a17:906:e104:: with SMTP id gj4mr43498523ejb.358.1634723796927; Wed, 20 Oct 2021 02:56:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634723796; cv=none; d=google.com; s=arc-20160816; b=XBDCUZUHG+Vdm6EEUP0twTuoIQy5MPO9ucVzdcE0CfZiX5r59rA4Y4igNvjrJiZHeQ 3B2osyZXVS3EyDm/tbsp08XR8oJtiuygFvmWvW5vswPkBxCpcsp3W7Zo7uJ5NEd7cju5 CZFhx+3uj7OpMLbm/MtgDJZwtM7g+wfJZZPcgX6E+QydFMhsdjjj3dfCyWLLUMajxuab jKPx5F17gUGmQBOhMXxY1N0iIAQY6tflihGE5iNPKs5zyPGL5FH9V6smhUTUCgKzwAZp fFayOD+T871+oOWqslI5FHwdfX1lu/QT5o8jLBzoGHB+CDGaOsTaNOJDiK/2RMlVdISz js3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=5mprzD3mCwW3TaKglQPrtDcGuVdt32JRrW8jvCy/0ok=; b=h94gGDeMwRsYYoXWGfNAifOd0L4QdY5RxKwfkl8kIt3bURygApmTMCgO0ncl0CJana m3IZmZIGq7a1nrNH5AIXFUlDGsJ1RIQaKwh7lUfmAReRrDpLtJwSIqmuQn1K1A6reENc NIZk9rbXq1uADMWrwv8Cp8/Fe5pj5NnUfvgZJYGIrop5UL3i8NUulC1dAAKRxW6ZQYum 2Cx7mtSC8SG6f9xvlfvXdJ2+0MBldiZa0bxZ5FIpLGu0IL3QDirUOrToBmoIeGy/Uu1O QY3PRGtJ/1bljpCb0zP33YwMoPCV55Qk/3DaGT82T/IFyzrNYA9kfOG9mN/d+rLURD5r Dq4g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id sc14si2926597ejc.174.2021.10.20.02.56.13; Wed, 20 Oct 2021 02:56:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229881AbhJTJ4a (ORCPT + 99 others); Wed, 20 Oct 2021 05:56:30 -0400 Received: from out30-45.freemail.mail.aliyun.com ([115.124.30.45]:49129 "EHLO out30-45.freemail.mail.aliyun.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229639AbhJTJ4a (ORCPT ); Wed, 20 Oct 2021 05:56:30 -0400 X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R171e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=e01e04426;MF=laijs@linux.alibaba.com;NM=1;PH=DS;RN=14;SR=0;TI=SMTPD_---0Ut1RDyh_1634723653; Received: from C02XQCBJJG5H.local(mailfrom:laijs@linux.alibaba.com fp:SMTPD_---0Ut1RDyh_1634723653) by smtp.aliyun-inc.com(127.0.0.1); Wed, 20 Oct 2021 17:54:14 +0800 Subject: Re: [PATCH 1/4] KVM: X86: Fix tlb flush for tdp in kvm_invalidate_pcid() To: Sean Christopherson , Lai Jiangshan Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Paolo Bonzini , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, "H. Peter Anvin" References: <20211019110154.4091-1-jiangshanlai@gmail.com> <20211019110154.4091-2-jiangshanlai@gmail.com> From: Lai Jiangshan Message-ID: Date: Wed, 20 Oct 2021 17:54:13 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.14.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2021/10/19 23:25, Sean Christopherson wrote: > > /* > * MOV CR3 and INVPCID are usually not intercepted when using TDP, but > * this is reachable when running EPT=1 and unrestricted_guest=0, and > * also via the emulator. KVM's TDP page tables are not in the scope of > * the invalidation, but the guest's TLB entries need to be flushed as > * the CPU may have cached entries in its TLB for the target PCID. > */ Thanks! It is a better description. I just read some interception policy in vmx.c, if EPT=1 but vmx_need_pf_intercept() return true for some reasons/configs, #PF is intercepted. But CR3 write is not intercepted, which means there will be an EPT fault _after_ (IIUC) the CR3 write if the GPA of the new CR3 exceeds the guest maxphyaddr limit. And kvm queues a fault to the guest which is also _after_ the CR3 write, but the guest expects the fault before the write. IIUC, it can be fixed by intercepting CR3 write or reversing the CR3 write in EPT violation handler. Thanks Lai.