Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp547708rwd; Thu, 8 Jun 2023 04:44:51 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6EYzgRVP9k6rowbX3RT4185YJXdgPWy+T1R8oD0eiO8mDJt4tVCNMh85fEBwo9vG3UqjVE X-Received: by 2002:a05:6a20:7fa1:b0:10c:6956:a23c with SMTP id d33-20020a056a207fa100b0010c6956a23cmr2211115pzj.25.1686224690889; Thu, 08 Jun 2023 04:44:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686224690; cv=none; d=google.com; s=arc-20160816; b=evub+mDuBW+Fbhb4zJkqkI6CYclDHCJmGsTYltqMRiwGxj0A6jh9ZaZ/VfIZQ4y5aX yhBQVG+NEclTgebxc5RM+DO0nrcvv+U3/yyWEw2vX28eweIVNZUY8ivNfqj8ivWiVzKB h7YQnwxR9xSWx4cjIw3HDeHTKTa3s6oWxOUzfqKslzA8lXQq5ldHPTeG5Qx+z5txNElg MNuyhu5CzVonLrQKEdUBMOY8ICw7LRf6NgxFmFoUUZSu+dSxccgQl5bkPc8Q27snFcZS 2sNaCmRewHV4bW+UbNbITj59/ySOizaZuyFX10I9+rQBI95SSzumt2y1gszr8dSw2xfB Vgdg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=Ti5W00fHo5+54ZqpdE6ywmJj9WVEs3HQLqx+j7roPaM=; b=V5GXG+yt/EqfFke672UHnO5pXp7P7pES9zmUkyP2txYuf30wbUKBUjAU3Uzw/7Kjuv eugvzQU1rhxiaUpyHO4BH2LBBwQQ13Bu7cAlkjywr7buQGb2jlLxu/pUkUdrZR5YOG7t 1+CfjRXb9YjM7nHCQzMQFQ0TgyjL7suvNyXz4mUZe1dGXREhQDF9pqr+UTB0vA1D/qn7 dwzRBzEpX0q73MgC+V32idC6Q1/RmDKJepanhNCXid4iu27H8hvUhbMTZOi8VWJxGMsa 8jqjrORJERZvuLqQgb9JDsPRQHjD29qbcfg+Z9fZiJK3R4+BnHRapZCCYZ+KkAyKeoro ZtmQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=j9UYTd2O; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e27-20020a63371b000000b0053fc757bb04si886855pga.545.2023.06.08.04.44.37; Thu, 08 Jun 2023 04:44:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=j9UYTd2O; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235696AbjFHL3y (ORCPT + 99 others); Thu, 8 Jun 2023 07:29:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46250 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235115AbjFHL3w (ORCPT ); Thu, 8 Jun 2023 07:29:52 -0400 Received: from mail-vk1-xa2b.google.com (mail-vk1-xa2b.google.com [IPv6:2607:f8b0:4864:20::a2b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A0B252719 for ; Thu, 8 Jun 2023 04:29:47 -0700 (PDT) Received: by mail-vk1-xa2b.google.com with SMTP id 71dfb90a1353d-461b408594fso367981e0c.1 for ; Thu, 08 Jun 2023 04:29:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1686223786; x=1688815786; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=Ti5W00fHo5+54ZqpdE6ywmJj9WVEs3HQLqx+j7roPaM=; b=j9UYTd2O2XcooRATGj467HxZMPDB0Cg9aL5LSEvNsyNB/167ogbccoVHPhVnlpSZWG DGwjl1hc1Ht3q63sDOZhBv2Y45SGTynRUYRh5yFf3RlUig17UAEktGlYlnqcm4oQJnu9 EwkDn+GxHlJgT2KLU1Fm8mKpcSDSJ1ZetNRe3im8cpFlisVRRXkPIrdCxhkQ48MOZ8En 0jzTx3+HB2NWZTUCIH3hhTe8lbbnFOLk86qxbqhL/NKgdUY4Oxj1jox+hmOQNH8nAwJH 0GxW+q4EVMUgSH0pehUz4k0JBJDdxb71mDBqBr/0pTE4JZ7YLQWpu9+OWP/1Z7mOFYlf uHww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686223786; x=1688815786; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ti5W00fHo5+54ZqpdE6ywmJj9WVEs3HQLqx+j7roPaM=; b=LxitlTXxrcRjxmk1UNC0bSE8OsvAzf8KsiIdq1CWCVqw90JXMvNNWkf1fK5zJocV2i S9K+iNbe7TJRHW4ABYWaOxIG45YbRNv6aokely94aXw8aRcSVMhx6hH4xushF/tIvCn9 SZUNz3rVmZNvgrkQaWDBnd0gzA7XmpnvHn/GpvfoMzr51fQgX+nFMHH34hd98LRvrRH6 XDF0tA2nhQ59xGJA0XYkMD1Dbz8zC0IZIzHuU6L8FqWs0JpsVcRo7S+0uXIHas/ic8A4 I6Fwjg7eaE/mUnUrP0ZzDj8eUVQGT7ZYu9yDUppg3MB2NMPHS/F1O19n/i0XdcJfWFZy r//Q== X-Gm-Message-State: AC+VfDzg/EmqwId8V2yPKqOKYTwRTI4iyNHcHZuuangmtVyV91SHj6kJ L+eXrn65/+mHO53jwsFXPzgw969ETMJM+bj98MFh3A== X-Received: by 2002:a1f:4103:0:b0:43f:e623:952 with SMTP id o3-20020a1f4103000000b0043fe6230952mr837973vka.2.1686223786516; Thu, 08 Jun 2023 04:29:46 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Erdem Aktas Date: Thu, 8 Jun 2023 04:29:35 -0700 Message-ID: Subject: Re: [PATCH v14 055/113] KVM: TDX: TDP MMU TDX support To: isaku.yamahata@intel.com Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, isaku.yamahata@gmail.com, Paolo Bonzini , Sean Christopherson , Sagi Shahar , David Matlack , Kai Huang , Zhi Wang , chen.bo@intel.com, Vishal Annapurve Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, May 28, 2023 at 9:21=E2=80=AFPM wrote: > > From: Isaku Yamahata > > +static int tdx_sept_drop_private_spte(struct kvm *kvm, gfn_t gfn, > + enum pg_level level, kvm_pfn_t pfn= ) > +{ > + int tdx_level =3D pg_level_to_tdx_sept_level(level); > + struct kvm_tdx *kvm_tdx =3D to_kvm_tdx(kvm); > + struct tdx_module_output out; > + gpa_t gpa =3D gfn_to_gpa(gfn); > + hpa_t hpa =3D pfn_to_hpa(pfn); > + hpa_t hpa_with_hkid; > + u64 err; > + > + /* TODO: handle large pages. */ > + if (KVM_BUG_ON(level !=3D PG_LEVEL_4K, kvm)) > + return -EINVAL; > + > + if (unlikely(!is_hkid_assigned(kvm_tdx))) { > + /* > + * The HKID assigned to this TD was already freed and cac= he > + * was already flushed. We don't have to flush again. > + */ > + err =3D tdx_reclaim_page(hpa, false, 0); > + if (KVM_BUG_ON(err, kvm)) > + return -EIO; > + tdx_unpin(kvm, pfn); > + return 0; > + } > + > + do { > + /* > + * When zapping private page, write lock is held. So no r= ace > + * condition with other vcpu sept operation. Race only w= ith > + * TDH.VP.ENTER. > + */ > + err =3D tdh_mem_page_remove(kvm_tdx->tdr_pa, gpa, tdx_lev= el, &out); > + } while (unlikely(err =3D=3D TDX_ERROR_SEPT_BUSY)); > + if (KVM_BUG_ON(err, kvm)) { > + pr_tdx_error(TDH_MEM_PAGE_REMOVE, err, &out); > + return -EIO; > + } > + > + hpa_with_hkid =3D set_hkid_to_hpa(hpa, (u16)kvm_tdx->hkid); > + do { > + /* > + * TDX_OPERAND_BUSY can happen on locking PAMT entry. Be= cause > + * this page was removed above, other thread shouldn't be > + * repeatedly operating on this page. Just retry loop. > + */ > + err =3D tdh_phymem_page_wbinvd(hpa_with_hkid); > + } while (unlikely(err =3D=3D (TDX_OPERAND_BUSY | TDX_OPERAND_ID_R= CX))); > + if (KVM_BUG_ON(err, kvm)) { > + pr_tdx_error(TDH_PHYMEM_PAGE_WBINVD, err, NULL); > + return -EIO; > + } It seems like when the TD is destroyed, all the TD private pages are removed with tdx_reclaim_page which also clears the page with movdir64b instruction. But when the page is removed while the TD is alive (in this case), the page content is never cleared with movdir64b which causes any poisoned cache line to be consumed by the host resulting in #MC exceptions in the host context. We should clear the page before returning it back to the free pool by calling tdx_clear_page((unsigned long)__va(hpa)) here. > > + tdx_unpin(kvm, pfn); > + return 0; > +} > + >