Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp249618rwb;
        Tue, 25 Jul 2023 15:21:25 -0700 (PDT)
X-Google-Smtp-Source: APBJJlHsYIL8u8P9FGiLJ6kCSaUHlIFEmJZNeYQDFrQjYfJosbghT8vD9rUzK2uULW4jejYiEsu4
X-Received: by 2002:a17:906:8251:b0:99b:5ba6:f2cf with SMTP id f17-20020a170906825100b0099b5ba6f2cfmr143624ejx.26.1690323685447;
        Tue, 25 Jul 2023 15:21:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1690323685; cv=none;
        d=google.com; s=arc-20160816;
        b=GKSzCq0zcANjcPuUuzUSBaLb913yoOyFjFV3lJrmsB6WLrCnSlWLwyhfLCJJcoCnOB
         vUN80ceIiyEC+/6jEoOaWUwujB7FAoqrrMBzlq7qemGmS8NXWObp3EmYm3g9xJcoh6Gv
         A4g90+Mpd1SBSmhLwaaB+nKJYxO49c2DW3aOoV4ZrjTfStRzVCzXTryKkGHdMrCwNun4
         1/R6AhT/TebC3QYC+jpLbEnYjNWpYwFwLEl3X5KkrE0PG2Q5FdaabQSMvpJ28jBWrkaO
         d8lJz4ejZG9kbI6nb1eIUpfKrZ6a22yj8oU4UVUVBjGZsci1JIU+BN7j9KbvtHi6miQT
         xRBw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=3Zfei6RcbafJKtKwNhKnPbjke98BGr1BcUQF48mvavs=;
        fh=juxwNcA6iKwLISFgUCNwdoIYC0NKLUseq3xZdq25RR4=;
        b=p+cYguNSGPBRkogPhSm6GUYkDa2QPuQA3WCLsQ79dS8PODsWGvX702AA1SneZJJI/n
         jB/zcMi08CTR9sZk9v2SPKMoeDS2qW+HeJTl4so2e0PkOXnHtRH+Nassn3UcqPNnqe2K
         S41p6oZz8fjOyvpKtuKvEi0u89Ab7ER8nXUBRS4KYMlW0FczUEWsmP0nJ1CaXxGwGvi6
         UVx7JcS8iabW8/jtsfqA6nWmqbF5bTDqmTYSWWFqfkXnfm7NPPQnqR42L1jIN4+n1uvW
         LRoo88zf+1Llt8H4jRN8ngfdq6jDufLHrTV5aFHI+vEeQhEWTcwoAhYO8V5E9Q+GY070
         1h4Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=XJ6Xbgx0;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id u13-20020a170906c40d00b0098e3698905fsi8519145ejz.625.2023.07.25.15.20.59;
        Tue, 25 Jul 2023 15:21:25 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=XJ6Xbgx0;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232192AbjGYWTn (ORCPT <rfc822;andrew.melo@gmail.com>
        + 99 others); Tue, 25 Jul 2023 18:19:43 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33742 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232135AbjGYWS0 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 25 Jul 2023 18:18:26 -0400
Received: from mga02.intel.com (mga02.intel.com [134.134.136.20])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A78B12681;
        Tue, 25 Jul 2023 15:16:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1690323372; x=1721859372;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=zcDt6w72s30vbUGADhv9UguzmHhSq0mDupruji6aYgE=;
  b=XJ6Xbgx0/nS4o7NKUY8Z5aLkBu/0YxF9otX3pIsDPYoVse23Ec7KiEWg
   5ZXQ+xvqJ23B0NOWpww/YbVJtT55fKXIKgZ+Sarc9Q7CuXY/FwAGkKwVz
   VV45F8OOReCDKEpeNYkJeuI+fxByxx8oKQ+E+D9J8SRlhqx9EPaa78GVc
   YZUr8rv1p/XhrKxzS/B6SDJlfshzW3ntMQAubNEfEXcCXMBXBegL7QOXq
   4Mo+juT1LX7E+yjwZGLZ52Ag1we7JZlf4t+9sfk7/5w7UdszyZCFqARc4
   QUdDjZs/q3kBu0o2BD/+Hri35h0Bw3F/wVJpl0ruF0NL1ndhEcktk4Ql9
   g==;
X-IronPort-AV: E=McAfee;i="6600,9927,10782"; a="357863232"
X-IronPort-AV: E=Sophos;i="6.01,231,1684825200"; 
   d="scan'208";a="357863232"
Received: from fmsmga005.fm.intel.com ([10.253.24.32])
  by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Jul 2023 15:15:35 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10782"; a="1056938904"
X-IronPort-AV: E=Sophos;i="6.01,231,1684825200"; 
   d="scan'208";a="1056938904"
Received: from ls.sc.intel.com (HELO localhost) ([172.25.112.31])
  by fmsmga005-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Jul 2023 15:15:34 -0700
From:   isaku.yamahata@intel.com
To:     kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc:     isaku.yamahata@intel.com, isaku.yamahata@gmail.com,
        Paolo Bonzini <pbonzini@redhat.com>, erdemaktas@google.com,
        Sean Christopherson <seanjc@google.com>,
        Sagi Shahar <sagis@google.com>,
        David Matlack <dmatlack@google.com>,
        Kai Huang <kai.huang@intel.com>,
        Zhi Wang <zhi.wang.linux@gmail.com>, chen.bo@intel.com,
        hang.yuan@intel.com, tina.zhang@intel.com
Subject: [PATCH v15 036/115] KVM: x86/mmu: Disallow fast page fault on private GPA
Date:   Tue, 25 Jul 2023 15:13:47 -0700
Message-Id: <a6b7da817490e15ada6d8c1e468760db5695536f.1690322424.git.isaku.yamahata@intel.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1690322424.git.isaku.yamahata@intel.com>
References: <cover.1690322424.git.isaku.yamahata@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE,
        T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no
        version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Isaku Yamahata <isaku.yamahata@intel.com>

TDX requires TDX SEAMCALL to operate Secure EPT instead of direct memory
access and TDX SEAMCALL is heavy operation.  Fast page fault on private GPA
doesn't make sense.  Disallow fast page fault on private GPA.

Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
---
 arch/x86/kvm/mmu/mmu.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index f0f8166a2b1d..163ff3308091 100644
--- a/arch/x86/kvm/mmu/mmu.c
+++ b/arch/x86/kvm/mmu/mmu.c
@@ -3375,8 +3375,16 @@ static int kvm_handle_noslot_fault(struct kvm_vcpu *vcpu,
 	return RET_PF_CONTINUE;
 }
 
-static bool page_fault_can_be_fast(struct kvm_page_fault *fault)
+static bool page_fault_can_be_fast(struct kvm *kvm, struct kvm_page_fault *fault)
 {
+	/*
+	 * TDX private mapping doesn't support fast page fault because the EPT
+	 * entry is read/written with TDX SEAMCALLs instead of direct memory
+	 * access.
+	 */
+	if (kvm_is_private_gpa(kvm, fault->addr))
+		return false;
+
 	/*
 	 * Page faults with reserved bits set, i.e. faults on MMIO SPTEs, only
 	 * reach the common page fault handler if the SPTE has an invalid MMIO
@@ -3486,7 +3494,7 @@ static int fast_page_fault(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault)
 	u64 *sptep = NULL;
 	uint retry_count = 0;
 
-	if (!page_fault_can_be_fast(fault))
+	if (!page_fault_can_be_fast(vcpu->kvm, fault))
 		return ret;
 
 	walk_shadow_page_lockless_begin(vcpu);
-- 
2.25.1