Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp569762rwb; Fri, 18 Nov 2022 05:33:59 -0800 (PST) X-Google-Smtp-Source: AA0mqf7U5O/BupWreaHl6nr/wSIdoa/YWEV9PXld2HYwvyCfjS9aLYZTM+MMdXrJqaUj4qYSgKjy X-Received: by 2002:a17:902:9304:b0:188:d588:34f2 with SMTP id bc4-20020a170902930400b00188d58834f2mr7791149plb.15.1668778439503; Fri, 18 Nov 2022 05:33:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668778439; cv=none; d=google.com; s=arc-20160816; b=ndttVeZa1moIZJGcKV40Z6AfKKvp+X73M3V6Xl6WO9BhwTvbAnTHsv14IxA+NYBoxq k+uXSOAWPc6XQUhW8k4eP8V2xZOz32YirXQtJ7t/24mD0oKdvsf/LfUH4beqS94nEQ+N pqGhF6b5cfPQKnqONk0ik7agnR6Xumyr5VM1PeTO6lhl3bCjTKHd3zevANEBYqvS0cqh suuNg3Td1Ay6T+H9vg3j5CEpobAjaAKjHHMOsUZElHAyRkUhKjhaHcI4hdj/PDGF6Dke ypPPjGv66Exi3syZyMrwrMojNDIjLBGm1h6OSJW6WzC/7njiisrVz67JXSdKeNiUGXp3 z5YA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:in-reply-to:date:subject:cc:to:from:user-agent :references:dkim-signature; bh=jFuAN0qalS8PXGclZBpJGpqKwSse98B1zaIXuj/qhsM=; b=qpqagSL5Lx1hubTyWkw77k9RJCGUZyTiwFsS5b5LTMdXjyzF8FrndXDsUR6MDjkjaR PZLPWKLErOw/L4enrvyaoMRqAIXVIxB9pTAjM22u7e+u21Tt89uCWHaFoQA49U+ZfK2n qweWOOyhWXLl9hCpu6Q3hsV2oS5pf+gmG8bdfWMtRX4aAQ2I0ZDi5A3nlv9DAtISVHCx dj9xR0Jy3MEqzDoxFKLmFnEKMWkQ00umQft2//pE+zlX8coo7gWXRHP2h326AhfjXzga Zv5dtfodyNcEy/jcEsz8Tr/RvwLUf13V3Xctdn3JMTBT0lig3XStWej46RXJFgtxCpAA PWDA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="X/gqqsl/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id oc12-20020a17090b1c0c00b0020169c73d8bsi4392385pjb.2.2022.11.18.05.33.45; Fri, 18 Nov 2022 05:33:59 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="X/gqqsl/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235230AbiKRN3B (ORCPT + 92 others); Fri, 18 Nov 2022 08:29:01 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49548 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241877AbiKRN2q (ORCPT ); Fri, 18 Nov 2022 08:28:46 -0500 Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com [IPv6:2a00:1450:4864:20::42b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3A67B72129 for ; Fri, 18 Nov 2022 05:28:43 -0800 (PST) Received: by mail-wr1-x42b.google.com with SMTP id cl5so9239430wrb.9 for ; Fri, 18 Nov 2022 05:28:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=content-transfer-encoding:mime-version:message-id:in-reply-to:date :subject:cc:to:from:user-agent:references:from:to:cc:subject:date :message-id:reply-to; bh=jFuAN0qalS8PXGclZBpJGpqKwSse98B1zaIXuj/qhsM=; b=X/gqqsl/WLpKtb9vOD4WiP4Oi7fWHjwjntx8mX7OxhsG5wzq+ZEu37/nMAgR/K0NTa w3qxyDj/5ysz05YJVpUs55kmmloX1IkC2zB1+/KzU94RHSvVV8QJIGUQUlri/5EUyK2r mGh3S7znVf5hxcm2FIq10hXZNhSXHhkk0XSUejjdU6tvjBJaDulCkhJ1yHJ5qUwTLhSd MoeZaDkThsztpF4G73yNPcJGkFAhdKPv1GGINAnUYMuW1RHIMFNHAh629fNId0Ygj6h4 QlGc8/i2b3sseFW3mxLr72CnhypCMQDx+K68Ypw8eLM56TGZBoLoX2zeC77yyHo3GfeR z9tg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:in-reply-to:date :subject:cc:to:from:user-agent:references:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=jFuAN0qalS8PXGclZBpJGpqKwSse98B1zaIXuj/qhsM=; b=vFpRp5anlHwu3YCgSR4X18mvWcLLJnrpWRnxP5HFqoExAoBB3tBTs0H9Kqw/Pgl2v1 XYnVZbAbX+ZXKOrvuXf6m7hafJwfgRxgPcMir79buO78DL3WVBYdsp1rpuJPTax836Ix HMgvjuJrI6AMj9x4ccUE/pMe8fjtQSQRVRPtJQCzMCtTY6s5Eo0IoFKvwzAVxJKfRA5D +gbpF5KENMjy2aGXAQxn4hoe23tOY1WyKLiy03cC6Roi+TFmfzVRylQJ8e7XY5zmYxcs rxZj6oPpwvscOEhLVWGUwq8rC4MAB42aL2LbYDDKmRZuKE5KR7+OEctdzv+cLURM7wTU DgzA== X-Gm-Message-State: ANoB5pmC39gIZd0VokK/nTJmsH7BWcgBfKwi4NYZaFfHF2X3+4hKv4mK ijbsnpNJ+p2snw5ookay7I1YEA== X-Received: by 2002:adf:aa91:0:b0:241:b2b2:a71d with SMTP id h17-20020adfaa91000000b00241b2b2a71dmr4389646wrc.326.1668778121454; Fri, 18 Nov 2022 05:28:41 -0800 (PST) Received: from zen.linaroharston ([185.81.254.11]) by smtp.gmail.com with ESMTPSA id y10-20020adfe6ca000000b00236860e7e9esm3459102wrm.98.2022.11.18.05.28.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 18 Nov 2022 05:28:40 -0800 (PST) Received: from zen (localhost [127.0.0.1]) by zen.linaroharston (Postfix) with ESMTP id 11C631FFB7; Fri, 18 Nov 2022 13:28:40 +0000 (GMT) References: <20221025151344.3784230-1-chao.p.peng@linux.intel.com> <20221025151344.3784230-4-chao.p.peng@linux.intel.com> <87cz9o9mr8.fsf@linaro.org> <20221116031441.GA364614@chaop.bj.intel.com> <87mt8q90rw.fsf@linaro.org> <20221117134520.GD422408@chaop.bj.intel.com> <87a64p8vof.fsf@linaro.org> <20221118013201.GA456562@chaop.bj.intel.com> User-agent: mu4e 1.9.2; emacs 28.2.50 From: Alex =?utf-8?Q?Benn=C3=A9e?= To: Chao Peng Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, linux-doc@vger.kernel.org, qemu-devel@nongnu.org, Paolo Bonzini , Jonathan Corbet , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, "H . Peter Anvin" , Hugh Dickins , Jeff Layton , "J . Bruce Fields" , Andrew Morton , Shuah Khan , Mike Rapoport , Steven Price , "Maciej S . Szmigiero" , Vlastimil Babka , Vishal Annapurve , Yu Zhang , "Kirill A . Shutemov" , luto@kernel.org, jun.nakajima@intel.com, dave.hansen@intel.com, ak@linux.intel.com, david@redhat.com, aarcange@redhat.com, ddutile@redhat.com, dhildenb@redhat.com, Quentin Perret , tabba@google.com, Michael Roth , mhocko@suse.com, Muchun Song , wei.w.wang@intel.com Subject: Re: [PATCH v9 3/8] KVM: Add KVM_EXIT_MEMORY_FAULT exit Date: Fri, 18 Nov 2022 13:23:51 +0000 In-reply-to: <20221118013201.GA456562@chaop.bj.intel.com> Message-ID: <87o7t475o7.fsf@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Chao Peng writes: > On Thu, Nov 17, 2022 at 03:08:17PM +0000, Alex Benn=C3=A9e wrote: >>=20 >> >> >> > + >> >> >> > + /* KVM_EXIT_MEMORY_FAULT */ >> >> >> > + struct { >> >> >> > + #define KVM_MEMORY_EXIT_FLAG_PRIVATE (1 << 0) >> >> >> > + __u32 flags; >> >> >> > + __u32 padding; >> >> >> > + __u64 gpa; >> >> >> > + __u64 size; >> >> >> > + } memory; >> >> >> > + >> >> >> > +If exit reason is KVM_EXIT_MEMORY_FAULT then it indicates that = the VCPU has >> >> >> > +encountered a memory error which is not handled by KVM kernel m= odule and >> >> >> > +userspace may choose to handle it. The 'flags' field indicates = the memory >> >> >> > +properties of the exit. >> >> >> > + >> >> >> > + - KVM_MEMORY_EXIT_FLAG_PRIVATE - indicates the memory error is= caused by >> >> >> > + private memory access when the bit is set. Otherwise the mem= ory error is >> >> >> > + caused by shared memory access when the bit is clear. >> >> >>=20 >> >> >> What does a shared memory access failure entail? >> >> > >> >> > In the context of confidential computing usages, guest can issue a >> >> > shared memory access while the memory is actually private from the = host >> >> > point of view. This exit with bit 0 cleared gives userspace a chanc= e to >> >> > convert the private memory to shared memory on host. >> >>=20 >> >> I think this should be explicit rather than implied by the absence of >> >> another flag. Sean suggested you might want flags for RWX failures so >> >> maybe something like: >> >>=20 >> >> KVM_MEMORY_EXIT_SHARED_FLAG_READ (1 << 0) >> >> KVM_MEMORY_EXIT_SHARED_FLAG_WRITE (1 << 1) >> >> KVM_MEMORY_EXIT_SHARED_FLAG_EXECUTE (1 << 2) >> >> KVM_MEMORY_EXIT_FLAG_PRIVATE (1 << 3) >> > >> > Yes, but I would not add 'SHARED' to RWX, they are not share memory >> > specific, private memory can also set them once introduced. >>=20 >> OK so how about: >>=20 >> KVM_MEMORY_EXIT_FLAG_READ (1 << 0) >> KVM_MEMORY_EXIT_FLAG_WRITE (1 << 1) >> KVM_MEMORY_EXIT_FLAG_EXECUTE (1 << 2) >> KVM_MEMORY_EXIT_FLAG_SHARED (1 << 3) >> KVM_MEMORY_EXIT_FLAG_PRIVATE (1 << 4) > > We don't actually need a new bit, the opposite side of private is > shared, i.e. flags with KVM_MEMORY_EXIT_FLAG_PRIVATE cleared expresses > 'shared'. If that is always true and we never expect a 3rd type of memory that is fine. But given we are leaving room for expansion having an explicit bit allows for that as well as making cases of forgetting to set the flags more obvious. --=20 Alex Benn=C3=A9e