Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E5F54C6FA99 for ; Sun, 12 Mar 2023 18:03:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231759AbjCLSD2 (ORCPT ); Sun, 12 Mar 2023 14:03:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38612 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231648AbjCLSCW (ORCPT ); Sun, 12 Mar 2023 14:02:22 -0400 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B50EF4D293; Sun, 12 Mar 2023 10:59:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1678643957; x=1710179957; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=w2imvR5Kabp1heZkuQaAISmrt2NhbqKhVvSwagR399M=; b=i2Qir3U6gWpjmnKunLF+kadTeKhnVK+zu7TbWVrlZ+HCoLE7t8OmBB0a u26l/8WXOy5M4XIirRBhxjUVQDB8svGt1Bo26KQgjHNXOI78jDM7aJs16 IZCVeAgDvF5IAaEBocAH2D+Qi4HQLeifNjdqTkKImoDLK3RiTkfekwR3w cvQcPvatm9RzyxUuzUaHMLwtz7b59hs3k5H6F2tEhAN7eue7taqViLFUk QP6mKRM4m204a2CUnmXddoBzo2Rv0BLdzLYpqFv2TgT79HZHQZptpBYje bgyr9u8WVEwi+GXHxTBG4iRYMuZNnxVuBQGabdBB4yZZfgndNL/dmiVRJ A==; X-IronPort-AV: E=McAfee;i="6500,9779,10647"; a="320863683" X-IronPort-AV: E=Sophos;i="5.98,254,1673942400"; d="scan'208";a="320863683" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Mar 2023 10:58:02 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10647"; a="628397050" X-IronPort-AV: E=Sophos;i="5.98,254,1673942400"; d="scan'208";a="628397050" Received: from ls.sc.intel.com (HELO localhost) ([143.183.96.54]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Mar 2023 10:58:02 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , David Matlack , Kai Huang , Zhi Wang Subject: [PATCH v13 035/113] KVM: x86/mmu: Disallow fast page fault on private GPA Date: Sun, 12 Mar 2023 10:55:59 -0700 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Isaku Yamahata TDX requires TDX SEAMCALL to operate Secure EPT instead of direct memory access and TDX SEAMCALL is heavy operation. Fast page fault on private GPA doesn't make sense. Disallow fast page fault on private GPA. Signed-off-by: Isaku Yamahata Reviewed-by: Paolo Bonzini --- arch/x86/kvm/mmu/mmu.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 9bc640e0d821..5abf2c9c3402 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -3289,8 +3289,16 @@ static int kvm_handle_noslot_fault(struct kvm_vcpu *vcpu, return RET_PF_CONTINUE; } -static bool page_fault_can_be_fast(struct kvm_page_fault *fault) +static bool page_fault_can_be_fast(struct kvm *kvm, struct kvm_page_fault *fault) { + /* + * TDX private mapping doesn't support fast page fault because the EPT + * entry is read/written with TDX SEAMCALLs instead of direct memory + * access. + */ + if (kvm_is_private_gpa(kvm, fault->addr)) + return false; + /* * Page faults with reserved bits set, i.e. faults on MMIO SPTEs, only * reach the common page fault handler if the SPTE has an invalid MMIO @@ -3400,7 +3408,7 @@ static int fast_page_fault(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault) u64 *sptep = NULL; uint retry_count = 0; - if (!page_fault_can_be_fast(fault)) + if (!page_fault_can_be_fast(vcpu->kvm, fault)) return ret; walk_shadow_page_lockless_begin(vcpu); -- 2.25.1