Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp2673992rwd;
        Sun, 28 May 2023 21:56:28 -0700 (PDT)
X-Google-Smtp-Source: ACHHUZ6NCxUZrLfD0EIIJKyMJ9OHVfWtfhY36YRxZI7mF8HI9BAnrIxI7CBxarkYV1AelKjHDhWe
X-Received: by 2002:a17:90a:bf12:b0:253:7ddd:d07b with SMTP id c18-20020a17090abf1200b002537dddd07bmr10045969pjs.14.1685336187783;
        Sun, 28 May 2023 21:56:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1685336187; cv=none;
        d=google.com; s=arc-20160816;
        b=0SiUMP3Ru9nX2Q1vLWY40HJrG47csCudyhs3wjMSwUmUUDxsJUJz5tfCZoCmVOJpKi
         NioCXvTkR5oM0LLbsXTt7bxRMnwWoP9yEK4WXDSxsEX1409bc68fpymy4rnK5dibCaen
         Jj9TNowB56Nomdcwf1AKzcpbcVoPso3vEqNCeh/nnPpELyq3LqF/TRnTlf9Q4Jmu0T6V
         MMYOO6F+Jk8to2MUHseGKzlclsPYaeyvHXbW6RuyqRN+pp8n06dkIYVMsTQxUr4w200v
         WNz0V9OcBbixuwVoqmXhGwTw1yMu1CqH187+datGcL8U0YXiBIonjdnNGCma5gJcT42g
         n/5g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=yP3QHsquIBmKZqdGX4qtkQ8i5Zs2p2HUx3opCqnnqk8=;
        b=YSmHV1egGCHaF5Qz//yss/3oYq6GFPDP6CW4y92S7DHDC7shdJsuuxyYbw0nKz1lte
         L18hYiEIdl0fZ/VKnCoCFHl9c1dgH8AcyOx9168Ke/0NDz7cWXIexOKBUeYJ+pHkHF6Q
         1bn0LbiOlk0oF+dcnvllYRdGqZIeRY0ZC+5c2eQ6NkxYql0NMFyAOuQVFWJPpk910p+z
         3o+fnN+bH0Tq2tifRdKeoVqHUzdTSRTTcPuaoDs/6ypdPhD3uLQYgn4s/K6heqYiEcEj
         MhieOdenbMVXXNSwsOGvndIq1jiYPZWkQSaNmTm8uPWaXGFT6r3o37N5pdRl0+RaLH5n
         iTXQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=Viu0ssuq;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id i3-20020a17090a7e0300b00250ce1755e9si5541553pjl.14.2023.05.28.21.56.16;
        Sun, 28 May 2023 21:56:27 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=Viu0ssuq;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231777AbjE2EYh (ORCPT <rfc822;aadipersonal10@gmail.com>
        + 99 others); Mon, 29 May 2023 00:24:37 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44670 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231785AbjE2EXt (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 29 May 2023 00:23:49 -0400
Received: from mga17.intel.com (mga17.intel.com [192.55.52.151])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D3D8110FE;
        Sun, 28 May 2023 21:21:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1685334114; x=1716870114;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=qyq9eCT7ltiIe7K1kIZgzPUbeft0npAbnw+fP2geBGU=;
  b=Viu0ssuqS1+lnDzrIET93EXwckBaTquoszfgmD/CDwXBbpg/P5MMVlch
   BL4tTEFY5YrFDTPL6Al3PncMJ7WiaNkntSe6tpmeg+v9b6e+xDWaI4+Os
   hocB0NQa4+6bO4RVxnVd7S31FhnovvflhRpznOGvcfo21Qz5hbEX5joFg
   eg2mwM6asIpXAide1pTS5qiAYzAs9Wa+Se+RG7l+tw+TKiF0JeFkuu4iP
   eFO4t4ewQv8+6spSQDn597g3sTEXhMxcJWTEimTZRfidiTNu/3kEyJhAL
   kKJiH7fMAsM78CUQb+eVN75uA0xlQUtioAIaJiyLtXrhdCiZtyq5RTeqA
   A==;
X-IronPort-AV: E=McAfee;i="6600,9927,10724"; a="334965917"
X-IronPort-AV: E=Sophos;i="6.00,200,1681196400"; 
   d="scan'208";a="334965917"
Received: from fmsmga004.fm.intel.com ([10.253.24.48])
  by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 May 2023 21:21:11 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10724"; a="775784241"
X-IronPort-AV: E=Sophos;i="6.00,200,1681196400"; 
   d="scan'208";a="775784241"
Received: from ls.sc.intel.com (HELO localhost) ([172.25.112.31])
  by fmsmga004-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 May 2023 21:21:11 -0700
From:   isaku.yamahata@intel.com
To:     kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc:     isaku.yamahata@intel.com, isaku.yamahata@gmail.com,
        Paolo Bonzini <pbonzini@redhat.com>, erdemaktas@google.com,
        Sean Christopherson <seanjc@google.com>,
        Sagi Shahar <sagis@google.com>,
        David Matlack <dmatlack@google.com>,
        Kai Huang <kai.huang@intel.com>,
        Zhi Wang <zhi.wang.linux@gmail.com>, chen.bo@intel.com
Subject: [PATCH v14 035/113] KVM: x86/mmu: Disallow fast page fault on private GPA
Date:   Sun, 28 May 2023 21:19:17 -0700
Message-Id: <db7f3942099ebf304192f5fb1b18e64a0760ee6f.1685333727.git.isaku.yamahata@intel.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1685333727.git.isaku.yamahata@intel.com>
References: <cover.1685333727.git.isaku.yamahata@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-4.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Isaku Yamahata <isaku.yamahata@intel.com>

TDX requires TDX SEAMCALL to operate Secure EPT instead of direct memory
access and TDX SEAMCALL is heavy operation.  Fast page fault on private GPA
doesn't make sense.  Disallow fast page fault on private GPA.

Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
---
 arch/x86/kvm/mmu/mmu.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index 1bf728ec95d7..8035e96cb687 100644
--- a/arch/x86/kvm/mmu/mmu.c
+++ b/arch/x86/kvm/mmu/mmu.c
@@ -3368,8 +3368,16 @@ static int kvm_handle_noslot_fault(struct kvm_vcpu *vcpu,
 	return RET_PF_CONTINUE;
 }
 
-static bool page_fault_can_be_fast(struct kvm_page_fault *fault)
+static bool page_fault_can_be_fast(struct kvm *kvm, struct kvm_page_fault *fault)
 {
+	/*
+	 * TDX private mapping doesn't support fast page fault because the EPT
+	 * entry is read/written with TDX SEAMCALLs instead of direct memory
+	 * access.
+	 */
+	if (kvm_is_private_gpa(kvm, fault->addr))
+		return false;
+
 	/*
 	 * Page faults with reserved bits set, i.e. faults on MMIO SPTEs, only
 	 * reach the common page fault handler if the SPTE has an invalid MMIO
@@ -3479,7 +3487,7 @@ static int fast_page_fault(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault)
 	u64 *sptep = NULL;
 	uint retry_count = 0;
 
-	if (!page_fault_can_be_fast(fault))
+	if (!page_fault_can_be_fast(vcpu->kvm, fault))
 		return ret;
 
 	walk_shadow_page_lockless_begin(vcpu);
-- 
2.25.1