Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp2225274pxb; Wed, 30 Mar 2022 19:55:38 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx9oqn53+0N5rJG6HwHsWRe6od5mVWEDjimtHvqEYR//HaBazjZ6xP6q7vzJlZxea0PUR5/ X-Received: by 2002:a17:902:bc4a:b0:153:e123:e169 with SMTP id t10-20020a170902bc4a00b00153e123e169mr38858389plz.54.1648695337934; Wed, 30 Mar 2022 19:55:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1648695337; cv=none; d=google.com; s=arc-20160816; b=d+pdCiikByk5eFfUQdvHnGv4UgXBzgRwJxMsNSAR5+vYVtl6C/RVmEftSCajDg+x4H SHz/rR7IIRPMWx7ALiSJMdAceNXkdsMHgoCo6aVBoKdAiXF6xvEa+0xzR753hILM8NJY ORbvPo7OwTRU/aKOU76svidbaf1aFRiP1XFyZyjkA/7aIVbvQOwl7Gr1j6ir6s0GlrWk Vhqd4EpbY2Vs3PFpBRsgbfe0f3hGBv6SJGq/0tuYyjPz4mAuKw5OI2iURautVoZ08/K1 BQIHpFjfcvBcAJingNTLtd4bf5DBVIbW3d20Aa5TnLjt/4jW5sFnapzT9k1qKfQRchK/ r9rA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:mime-version:message-id:date :dkim-signature; bh=hRv+qXpwbo9GDUQrNblrZBkEF97GEZj0/UovDKEp30U=; b=Scb4wynWbCm/ApKvWa0oebkr4xbMYlNiDBst2DCEEaEwL+lFRXhtxCej/9FuTSFkY6 Nl6aEL9/7KUmjzkBSr8lUtBzspzVfjMaaG05AsWwL4xtqbG6FBgRjLtRi/L1wip+bU4s BXUKlO+FRd7tQxCKf238sFVIt/wNez0YqnsyRCh7slsIcl/Q85CHTi0JqIjzk2EbcLli HyRgS3ebnGtzavtuLfNqY+YST11Mk9ouFkUQJDTOsGqSsMUt4pv5TPN0Z9GnvpJh4KYw i40cMIMcpHMRpuhJG47gcuXM+beHtfK5fwtg8Tb5G+a1gox+JPP+q8UjPPnwW26s9GqV nt0A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=gYvZMVtn; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id q7-20020a17090311c700b001544764a235si25441102plh.522.2022.03.30.19.55.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 30 Mar 2022 19:55:37 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=gYvZMVtn; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 915E0D5E90; Wed, 30 Mar 2022 19:40:33 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1349577AbiC3RtQ (ORCPT + 99 others); Wed, 30 Mar 2022 13:49:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57118 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1349562AbiC3RsS (ORCPT ); Wed, 30 Mar 2022 13:48:18 -0400 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5CCE665D0E for ; Wed, 30 Mar 2022 10:46:27 -0700 (PDT) Received: by mail-pj1-x104a.google.com with SMTP id o13-20020a17090ab88d00b001c96a912b04so266635pjr.5 for ; Wed, 30 Mar 2022 10:46:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:message-id:mime-version:subject:from:to:cc; bh=hRv+qXpwbo9GDUQrNblrZBkEF97GEZj0/UovDKEp30U=; b=gYvZMVtn+uyKeAuQc9rljJ9GaNc7GJUanzPaTkRriCyCFnZeKCpd5LeX+aYKxjE3S2 byy/8NGYfdV/cKYP9JjJiOWqzJcBzc2L8vj3q5zru32E2GerfOOc2lutLUfTCmwZYTUX g92ZLJlXR2PmpILDlapvOHt7pBHUUhro4q0N7/+vT4P3ZGLrIdDmhbpICjg2Ulmo4soV pZAi42PA9aLxRb4rdyYhMqoLc5ObsRk2fAkJNq1PhcevHB2aSOEst6G7Om+dP/kC67n2 a1fb/aHdP8FRVsoJGPbt2fQd7fr2fpVZoqgJ9n71hFzHUTtuTne1/hYSjNjKrPzkuoMx sxOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=hRv+qXpwbo9GDUQrNblrZBkEF97GEZj0/UovDKEp30U=; b=bYYn/v1t4jWikpcFiWbCYldKQogRZps86YUCLDv85n/4+37N+gdRPhf1ZkWFhh8IIS H4gcuEtnFPAX0TXeCeySTk+dS/6oAkcnSxqXdsfmZDYKRiwPXTp7vIZkkea5RXDNmu0K 5FTojazutk6P0nNnHUuQbuhIy3QbxKm4NYEQvCY201or4z89JcTE7dsYCjnDzqDmvJUx KBVw+cUCEUnl/5bXIm/1Jav9xxjdF3vOc//m5+VrYQrPByz5PqrYN/3WesQ4f8HELF3Z rWu5cv+0wDkBRCdC8kBT1ihifzD8e3AA0lhZL+eLzTJZs+zJv1U+2utLLm4flFnTg7qu 20lA== X-Gm-Message-State: AOAM531KcUMwuFwrG9DyuKthaXsx3fqj7RNp3rog+BHGAh8D8w7amqTu i70Eunbvsg2ajJ7O8ycBZ1j46RCG2FVvY+RbifxJqoTntu+gJcPyoiFLJWx0qPKf/rEHkpZWJQk Pa9FfptjBrFLU8nCbbxXATzYbxaJye5ImP95bcDEFveWtWwmIrECmxWBptSiDmk5xZrR4kI5+ X-Received: from bgardon.sea.corp.google.com ([2620:15c:100:202:7c53:ec2f:bd26:b69c]) (user=bgardon job=sendgmr) by 2002:a05:6a00:1256:b0:4fb:1374:2f65 with SMTP id u22-20020a056a00125600b004fb13742f65mr677102pfi.72.1648662386632; Wed, 30 Mar 2022 10:46:26 -0700 (PDT) Date: Wed, 30 Mar 2022 10:46:10 -0700 Message-Id: <20220330174621.1567317-1-bgardon@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.35.1.1021.g381101b075-goog Subject: [PATCH v3 00/11] KVM: x86: Add a cap to disable NX hugepages on a VM From: Ben Gardon To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Paolo Bonzini , Peter Xu , Sean Christopherson , David Matlack , Jim Mattson , David Dunn , Jing Zhang , Junaid Shahid , Ben Gardon Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.5 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Given the high cost of NX hugepages in terms of TLB performance, it may be desirable to disable the mitigation on a per-VM basis. In the case of public cloud providers with many VMs on a single host, some VMs may be more trusted than others. In order to maximize performance on critical VMs, while still providing some protection to the host from iTLB Multihit, allow the mitigation to be selectively disabled. Disabling NX hugepages on a VM is relatively straightforward, but I took this as an opportunity to add some NX hugepages test coverage and clean up selftests infrastructure a bit. This series was tested with the new selftest and the rest of the KVM selftests on an Intel Haswell machine. The following tests failed, but I do not believe that has anything to do with this series: userspace_io_test vmx_nested_tsc_scaling_test vmx_preemption_timer_test Changelog: v1->v2: Dropped the complicated memslot refactor in favor of Ricardo Koller's patch with a similar effect. Incorporated David Dunn's feedback and reviewed by tag: shortened waits to speed up test. v2->v3: Incorporated a suggestion from David on how to build the NX huge pages test. Fixed a build breakage identified by David. Dropped the per-vm nx_huge_pages field in favor of simply checking the global + per-VM disable override. Documented the new capability Separated out the commit to test disabling NX huge pages Removed permission check when checking if the disable NX capability is supported. Added test coverage for the permission check. Ben Gardon (10): KVM: selftests: Dump VM stats in binary stats test KVM: selftests: Test reading a single stat KVM: selftests: Add memslot parameter to elf_load KVM: selftests: Improve error message in vm_phy_pages_alloc KVM: selftests: Add NX huge pages test KVM: x86/MMU: Factor out updating NX hugepages state for a VM KVM: x86/MMU: Allow NX huge pages to be disabled on a per-vm basis KVM: x86: Fix errant brace in KVM capability handling KVM: x86/MMU: Require reboot permission to disable NX hugepages selftests: KVM: Test disabling NX hugepages on a VM Ricardo Koller (1): KVM: selftests: Add vm_alloc_page_table_in_memslot library function Documentation/virt/kvm/api.rst | 13 + arch/x86/include/asm/kvm_host.h | 2 + arch/x86/kvm/mmu.h | 10 +- arch/x86/kvm/mmu/mmu.c | 17 +- arch/x86/kvm/mmu/spte.c | 7 +- arch/x86/kvm/mmu/spte.h | 3 +- arch/x86/kvm/mmu/tdp_mmu.c | 3 +- arch/x86/kvm/x86.c | 17 +- include/uapi/linux/kvm.h | 1 + tools/testing/selftests/kvm/Makefile | 7 +- .../selftests/kvm/include/kvm_util_base.h | 10 + .../selftests/kvm/kvm_binary_stats_test.c | 6 + tools/testing/selftests/kvm/lib/elf.c | 13 +- tools/testing/selftests/kvm/lib/kvm_util.c | 230 +++++++++++++++++- .../kvm/lib/x86_64/nx_huge_pages_guest.S | 45 ++++ .../selftests/kvm/x86_64/nx_huge_pages_test.c | 178 ++++++++++++++ .../kvm/x86_64/nx_huge_pages_test.sh | 25 ++ 17 files changed, 561 insertions(+), 26 deletions(-) create mode 100644 tools/testing/selftests/kvm/lib/x86_64/nx_huge_pages_guest.S create mode 100644 tools/testing/selftests/kvm/x86_64/nx_huge_pages_test.c create mode 100755 tools/testing/selftests/kvm/x86_64/nx_huge_pages_test.sh -- 2.35.1.1021.g381101b075-goog