Received: by 2002:a05:6358:7058:b0:131:369:b2a3 with SMTP id 24csp10206819rwp;
        Thu, 20 Jul 2023 16:51:03 -0700 (PDT)
X-Google-Smtp-Source: APBJJlGFxmKa20tsnGIouxuM46J5Xj2gLtGYzsBGZpj33y7uy8Il84+C/vNXf3ASRctWZBKlxIlw
X-Received: by 2002:a17:902:b185:b0:1b3:f5c3:7682 with SMTP id s5-20020a170902b18500b001b3f5c37682mr328098plr.68.1689897063218;
        Thu, 20 Jul 2023 16:51:03 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1689897063; cv=none;
        d=google.com; s=arc-20160816;
        b=QD0BifBCXciIOqxPKW7dsXXwgrjKn5xuG6BSwaBGoyq/Ol0LWvKckQ9kLw2I3P28U8
         ZHwZGXPZeILO8sn9eCgrLsZRSO2YBtycfd8VMO11YRdzqTlZ+j1lac8MfaqFO6/XH4cG
         jkFTHP65j83ZDCQVYjoKMsJKvdM6628z+kuprVGiuEvDV/41sDtBJ7KySbD+SV96BMIm
         aEvcLLyPWxeOR8cQiUw8vAvw+mhafHMn3/5mRQKNbfvYk9zqnGj6ZgUAroCnqxvnXTz5
         wisyDrv9TvDms6HSdo4M/+Tx7TkCXbaQCBjH4h2G+TtLbWRqDEbcBDNyaRNtd8CNxeYv
         x6fQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=mKFeMP16QguBcXAK981A6GP+yHg2nqgXxDoOggrb68E=;
        fh=rYmKEJt0ZlcHi+IxuHRr3qSzgk6Fcw/+tEUtlevgHBo=;
        b=Rt7vm+86OZOc6a2R4Y9iEB5V/E9Voq6MvHtia7yvTF2LSjfUzmSzeO9FpLsWfIQbCK
         JSewYCesIEazv/QXTIKrlxFCEMj4uyWZFvdM7p7v6buwjOC0EciOzTlMz7VYouzLVA+V
         VXzAVyD2EC8WUDKK4V/9ZSmKLKdMJmPVln7lEP4iGeFtFlvMj7hghV8v50ZKrC7zKxCh
         s0rP91POmKAJT0pM++7/SXFBUgaecskSkp8gFWW0TECnwKsfxPIRl6+iIgzznFVm5c1E
         Tb55NfnsVgb90XbsuPa8MASTKq/cYSf+t8aQXG9pa3QKsjGrk5gqa3DNrzz41bz+oCJA
         bbSA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=YnnuP6N0;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id j9-20020a170903024900b001b874c5f7a8si1946866plh.653.2023.07.20.16.50.51;
        Thu, 20 Jul 2023 16:51:03 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=YnnuP6N0;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229529AbjGTXdi (ORCPT <rfc822;andreas.gruenbacher@gmail.com>
        + 99 others); Thu, 20 Jul 2023 19:33:38 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42018 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229635AbjGTXdQ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 20 Jul 2023 19:33:16 -0400
Received: from mga11.intel.com (mga11.intel.com [192.55.52.93])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A8A19270D;
        Thu, 20 Jul 2023 16:33:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1689895995; x=1721431995;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=2Iou5yV+PtzR5uy8SPV1ytBA3jrafg+2C5na99bH7EU=;
  b=YnnuP6N0eq3VkuGvDrRPxeY8WZo+ypk9/elMCCuVp8lwinf6Xgprq//r
   pq9+q8IF+nhwyELwgeDeWkQnc/jBeaqsZCRNi9UnFXjymLSUusfp6pFR4
   3VGBqI7MIj2p366Nxmjh0GVSDuYubm1HjqK02w/hluydIop+6KmRjpjJW
   s8n7WrUP11foQw0lGd2aVRUl44VLTAwlUBaHQ9Zchvyj9quuCBKX50gjo
   75Q5bIlZrgHZ+d34l75ZdQLvNOwi0hID4Oca9fZz6nYiBaEkYLD+EnFaq
   hMscO5goZYfTd3UlvUzzSTW7eHenbd1eJuI73vLSBNWlEmp9+sXbZ5spb
   w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10777"; a="364355952"
X-IronPort-AV: E=Sophos;i="6.01,220,1684825200"; 
   d="scan'208";a="364355952"
Received: from fmsmga007.fm.intel.com ([10.253.24.52])
  by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Jul 2023 16:33:12 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10777"; a="727891799"
X-IronPort-AV: E=Sophos;i="6.01,220,1684825200"; 
   d="scan'208";a="727891799"
Received: from ls.sc.intel.com (HELO localhost) ([172.25.112.31])
  by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Jul 2023 16:33:12 -0700
From:   isaku.yamahata@intel.com
To:     kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc:     isaku.yamahata@intel.com, isaku.yamahata@gmail.com,
        Michael Roth <michael.roth@amd.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Sean Christopherson <seanjc@google.com>, erdemaktas@google.com,
        Sagi Shahar <sagis@google.com>,
        David Matlack <dmatlack@google.com>,
        Kai Huang <kai.huang@intel.com>,
        Zhi Wang <zhi.wang.linux@gmail.com>, chen.bo@intel.com,
        linux-coco@lists.linux.dev,
        Chao Peng <chao.p.peng@linux.intel.com>,
        Ackerley Tng <ackerleytng@google.com>,
        Vishal Annapurve <vannapurve@google.com>,
        Yuan Yao <yuan.yao@linux.intel.com>
Subject: [RFC PATCH v4 07/10] KVM: x86: Add gmem hook for initializing private memory
Date:   Thu, 20 Jul 2023 16:32:53 -0700
Message-Id: <21e488b6ced77c08d9e6718fcf57e100af409c64.1689893403.git.isaku.yamahata@intel.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1689893403.git.isaku.yamahata@intel.com>
References: <cover.1689893403.git.isaku.yamahata@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,
        RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE
        autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Michael Roth <michael.roth@amd.com>

All gmem pages are expected to be 'private' as defined by a particular
arch/platform. Platforms like SEV-SNP require additional operations to
move these pages into a private state, so implement a hook that can be
used to prepare this memory prior to mapping it into a guest.

In the case of SEV-SNP, whether or not a 2MB page can be mapped via a
2MB mapping in the guest's nested page table depends on whether or not
any subpages within the range have already been initialized as private
in the RMP table, so this hook will also be used by the KVM MMU to clamp
the maximum mapping size accordingly.

Signed-off-by: Michael Roth <michael.roth@amd.com>
Link: https://lore.kernel.org/r/20230612042559.375660-2-michael.roth@amd.com

---
Changes v2 -> v3:
- Newly added
---
 arch/x86/include/asm/kvm-x86-ops.h |  1 +
 arch/x86/include/asm/kvm_host.h    |  3 +++
 arch/x86/kvm/mmu/mmu.c             | 12 ++++++++++--
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h
index c0143906fe6d..a4cb248519cf 100644
--- a/arch/x86/include/asm/kvm-x86-ops.h
+++ b/arch/x86/include/asm/kvm-x86-ops.h
@@ -134,6 +134,7 @@ KVM_X86_OP(msr_filter_changed)
 KVM_X86_OP(complete_emulated_msr)
 KVM_X86_OP(vcpu_deliver_sipi_vector)
 KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons);
+KVM_X86_OP_OPTIONAL_RET0(gmem_prepare)
 
 #undef KVM_X86_OP
 #undef KVM_X86_OP_OPTIONAL
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index e4f2938bb1fc..de7f0dffa135 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1735,6 +1735,9 @@ struct kvm_x86_ops {
 	 * Returns vCPU specific APICv inhibit reasons
 	 */
 	unsigned long (*vcpu_get_apicv_inhibit_reasons)(struct kvm_vcpu *vcpu);
+
+	int (*gmem_prepare)(struct kvm *kvm, struct kvm_memory_slot *slot,
+			    kvm_pfn_t pfn, gfn_t gfn, u8 *max_level);
 };
 
 struct kvm_x86_nested_ops {
diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index a73ddb43a2cf..35bb14363828 100644
--- a/arch/x86/kvm/mmu/mmu.c
+++ b/arch/x86/kvm/mmu/mmu.c
@@ -4352,6 +4352,7 @@ static int kvm_faultin_pfn_private(struct kvm_vcpu *vcpu,
 				   struct kvm_page_fault *fault)
 {
 	int max_order, r;
+	u8 max_level;
 
 	if (!kvm_slot_can_be_private(fault->slot))
 		return kvm_do_memory_fault_exit(vcpu, fault);
@@ -4361,8 +4362,15 @@ static int kvm_faultin_pfn_private(struct kvm_vcpu *vcpu,
 	if (r)
 		return r;
 
-	fault->max_level = min(kvm_max_level_for_order(max_order),
-			       fault->max_level);
+	max_level = kvm_max_level_for_order(max_order);
+	r = static_call(kvm_x86_gmem_prepare)(vcpu->kvm, fault->slot, fault->pfn,
+					      fault->gfn, &max_level);
+	if (r) {
+		kvm_release_pfn_clean(fault->pfn);
+		return r;
+	}
+
+	fault->max_level = min(max_level, fault->max_level);
 	fault->map_writable = !(fault->slot->flags & KVM_MEM_READONLY);
 	return RET_PF_CONTINUE;
 }
-- 
2.25.1