Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp2608870rdg; Mon, 16 Oct 2023 09:16:43 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGJjXYw3VsYrGS54Q4Smef59HdsFztJtaxIzurfnr61dcxjWqTV3Y5O5ZFt88vd+suQ7huv X-Received: by 2002:a05:6a00:1794:b0:6bc:c242:792e with SMTP id s20-20020a056a00179400b006bcc242792emr4660109pfg.27.1697473003419; Mon, 16 Oct 2023 09:16:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697473003; cv=none; d=google.com; s=arc-20160816; b=mWoWJNC4+wTtPgAvGmDqRGbMPYbgvIw9OCTMPay03r7Ljerw1O5pCInQ8t26jIAHJ3 K+uASHy82CmDe1VKdLKbiG28cIKrHC/nrhDvB4jwqFOv5LGxywFryYlIk7vNwj34waa8 LNur8SN3sH9ObXSP8XCU8rRm2+gskEnT/+zpK8Y7tunUCApPY1h1WEr+dWmnAqusTVev QsM+dswFmu/lOymW6ILWmO67HfDzpOU5iSAyiEM4qYzVdb1w5G0OL3ib6DzQRdPlRHSS NMRog4fsFeHG292m2kGcrrVBI5AXkQiV89YfPP7rL35PjO3n5VYuQay0nC0Ru9k2VZw6 k8vg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=C5aL1F1YHvXEm1qBdo2/jng47yCyd6C4XmmVT24lPsc=; fh=WyjNXnowVZ7mVWXVPMK2tIOSbq1wyQigBp90E6vPJMw=; b=gPQgECmOqgtxc1QGXOhMVNuB2LwgKjpgfr23XGfIAn53S4/WuXK+1IuwD1zpAohzwp HqQHewVriATeK5b5qB11/cPMDnEWwu+0I4sPQ4YfOLFNZoYiovaf7Ef9xrEWLlRnMQql AI5MIxG5SBRwQ6oSMjsPrnycp6xI38/Mdi/ixZp5FHx9lEI6vfSev37uo4iaO+I4CZoz 4Wu6WrAkMWWoaBdw/o1raOzldNCb2A4H2CEkmU/Ur8c/6cQbSBKDPZEpyVOFjik42UhF h8YEEs9HuVSHx0GxLoMsgNLoqvhDg09U3Da/LzybNEfPBquMtB0ju5dF7lpCZd8IkC+c wkOw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="he+W/zGi"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id g17-20020aa796b1000000b00690d42e3347si108149pfk.157.2023.10.16.09.16.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Oct 2023 09:16:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="he+W/zGi"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 4B720802FA6E; Mon, 16 Oct 2023 09:16:42 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232483AbjJPQQh (ORCPT + 99 others); Mon, 16 Oct 2023 12:16:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34170 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229459AbjJPQQg (ORCPT ); Mon, 16 Oct 2023 12:16:36 -0400 Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EC1CEEE; Mon, 16 Oct 2023 09:16:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697472993; x=1729008993; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=i1nXNTgbx5yU2YQigLMbiNkBsRCdyOP6ibBVXR58JR4=; b=he+W/zGinw/bS9oFF6XT+6kLXEqgaHFWlL9xvK9I/GyEOEB9d7A9B3n8 ZKgIdQ0V+EcvXbp/4rcMLdm7/NdmoCXPDyXwqUP6PncckX09IXDGCvoRq rZFbCIlfsTb18Jg98p+28+JmI84AhtvtcYAb9ACEwJxhq8pcTEmsglk9C G70gTQDJBBrxOmSPBRXz56CKOTIR73P/6H/1blaqJmka8ztHJmdXxyG+k oyfF/YotPC0uQmeAE56babLI7hwk0CdGQ+d48QymIWuQosCHfojUbia9H wG2ddytj3vRqKjK4ypNLWtAG3TZX/kyxz+GEbR9d7IB2D6SHIGunOfLbU g==; X-IronPort-AV: E=McAfee;i="6600,9927,10865"; a="364921731" X-IronPort-AV: E=Sophos;i="6.03,229,1694761200"; d="scan'208";a="364921731" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Oct 2023 09:15:41 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10865"; a="846448091" X-IronPort-AV: E=Sophos;i="6.03,229,1694761200"; d="scan'208";a="846448091" Received: from ls.sc.intel.com (HELO localhost) ([172.25.112.31]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Oct 2023 09:15:40 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , David Matlack , Kai Huang , Zhi Wang , chen.bo@intel.com, hang.yuan@intel.com, tina.zhang@intel.com, Chao Gao Subject: [PATCH v16 040/116] KVM: x86/mmu: Assume guest MMIOs are shared Date: Mon, 16 Oct 2023 09:13:52 -0700 Message-Id: <4a2f5e6d6b1892f6f745685ed436fb5746db8c24.1697471314.git.isaku.yamahata@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Mon, 16 Oct 2023 09:16:42 -0700 (PDT) From: Chao Gao Guest TD doesn't necessarily invoke MAP_GPA to convert the virtual MMIO range to shared before accessing it. When TD tries to access the virtual device's MMIO as shared, an EPT violation is raised first. kvm_mem_is_private() checks whether the GFN is shared or private. If MAP_GPA is not called for the GPA, KVM thinks the GPA is private and refuses shared access, and doesn't set up shared EPT entry. The guest can't make progress. Instead of requiring the guest to invoke MAP_GPA for regions of virtual MMIOs assume regions of virtual MMIOs are shared in KVM as well (i.e., GPAs either have no kvm_memory_slot or are backed by host MMIOs). So that guests can access those MMIO regions. Signed-off-by: Chao Gao --- arch/x86/kvm/mmu/mmu.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index eee5a46f5ce3..4ac34a0cc33e 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -4367,7 +4367,12 @@ static int __kvm_faultin_pfn(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault return RET_PF_EMULATE; } - if (fault->is_private != kvm_mem_is_private(vcpu->kvm, fault->gfn)) { + /* + * !fault->slot means MMIO. Don't require explicit GPA conversion for + * MMIO because MMIO is assigned at the boot time. + */ + if (fault->slot && + fault->is_private != kvm_mem_is_private(vcpu->kvm, fault->gfn)) { if (vcpu->kvm->arch.vm_type == KVM_X86_SW_PROTECTED_VM) return RET_PF_RETRY; kvm_mmu_prepare_memory_fault_exit(vcpu, fault); -- 2.25.1