Received: by 2002:a05:7412:e794:b0:fa:551:50a7 with SMTP id o20csp1363926rdd; Wed, 10 Jan 2024 18:02:47 -0800 (PST) X-Google-Smtp-Source: AGHT+IFy4qyGWbu6vhMPavwjdLPC988bmDYMcWK9KFLcKagrq5elCW7uuUli1tEkoLpMNTmTWe19 X-Received: by 2002:a05:6830:1543:b0:6dd:bb74:4362 with SMTP id l3-20020a056830154300b006ddbb744362mr505579otp.37.1704938567456; Wed, 10 Jan 2024 18:02:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704938567; cv=none; d=google.com; s=arc-20160816; b=I4jvNnTDQzRWpWq0rDhAu4CqLc1BbapHPCHB1pXhA7ycU4/g9apvCwpZ7JVCA0LEMF lltVlFdr8c9q07tFs60JWrR42e/atrH96hhFznluRPlIqhByCyF4QwUYayUsWipttIUm 4fxxDAlnIvihVbGV2S9Seq/MbD4Ybt1VsaPf4aA5Jd8Yq4Nw79Nr8wh1w2QDpkFwbMpk SbFcPHoMVcTfVZJKmuLQFOt8wWTV09v/slGxP1MS9e9TOBLcTT5pUhY+ZqB+1HeRQfJs jcuNg9olKA7ojrrxlVMTV+KrcIkj+5wY6jhhVb2M4PGz0vBJwcO3+7nyDcKA0RZCwhNc SHAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :reply-to:dkim-signature; bh=MERWwVvejuOoLKFvXvHDQW4SBfvZPExzmuJgrpmkPtA=; fh=YsubNrZQ0gWuK57m7npwpfEBQGmQ6VfO6ArPkYLo2pk=; b=XWIytnCtnLFrtPK9TwkHL2KyFOTOHh8sC82yDmFkPDWmsb7e2AXfkzSosy2mtEJ9Xl kFCGIhZ8QecT6L1IfDH9IOw0cWCh9q8UfLn7ZtVpj8gWax5+MGP2Qzpil6wSK0bK8bzg R5+Acv0vlJ/F48l3nYTm9Pgxx40BQIux27m71kvjmtblmudcsCW6oGXSiyfhhZFn5cgx ZIndfRcvU+fGMSnv7UAVA/L/jQHkxbhWpc79Cm+jyIbAxyVMyTWFHbXwjlYlxc+udoui RKU10uWc4tJePq+7kbC4HvNlGwCJEEjvUkc6YvpP68Rp3PKH/kVyDU/Wmqs6uGKbu4Cp n1Uw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=KsyZc9+X; spf=pass (google.com: domain of linux-kernel+bounces-22947-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-22947-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id j190-20020a6380c7000000b005cef24b3015si45182pgd.219.2024.01.10.18.02.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Jan 2024 18:02:47 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-22947-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=KsyZc9+X; spf=pass (google.com: domain of linux-kernel+bounces-22947-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-22947-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 10A8428B9E4 for ; Thu, 11 Jan 2024 02:02:47 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id A80EACA62; Thu, 11 Jan 2024 02:01:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="KsyZc9+X" Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7FB2D63B2 for ; Thu, 11 Jan 2024 02:01:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-1d3f888ee39so20291035ad.3 for ; Wed, 10 Jan 2024 18:01:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1704938462; x=1705543262; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=MERWwVvejuOoLKFvXvHDQW4SBfvZPExzmuJgrpmkPtA=; b=KsyZc9+X753QEbMYIxIFHgh2aSpt1CIkEbAzz4Gc+jChvwQU96S3a9W6Enby7BQD/z BaqVCAGI9HujSMaaKdCbJTFetadmlmI+M20+kqOquSeFibmGd3qqvk7/dPMU4Rry+1X9 6gsfoBc1TZlboafJSMMWgiwh76fB4hU94l36MRUeD7sZJd5z4yCNKDcEYOpzK4xapGYg ABTaIQ8eX3WRMDbEAiJPNoJaUW/sLIUb1YBUbMLQpFGPtF5owgev6/JVBhRo2fS2opJ9 AysvSTtSGsuAHM9HXt9LkbcRmk5JufHD/zTto1KxysEIe8jxQcOfUhP7Dp7/uw/O4Y0W rSKg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704938462; x=1705543262; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=MERWwVvejuOoLKFvXvHDQW4SBfvZPExzmuJgrpmkPtA=; b=FM+FPKtTLiLDXJJgftST5I7tnHBWmyFVsrly1MY7PcljWosi9kj1herEem86rPkjR9 k+TdsuZBo19l7nYquHR6T+1CueKxVVfJprgE+1P6laxMy/jjGNk7gGjVv4h0p2l0fTXC K2NonecXTxNvbEfxIaZAIXR1URJx5l5VAJGnr+nT9QKDcrGWP3H0ckEAmlBknOzQh79Z gdQekVXx7grUOwKwtOflbLasgPY6wOjaQs+VXMt5LPhTRuWLmxkEDoP6C0grWVX22Iba JSry+Modv+Hp6dhKHlPWkUUVBCxP5LddDDsy0j2xs7WUorNKeYsLSd615NbumKGS6en5 Sifw== X-Gm-Message-State: AOJu0YziMbK3w2mvNE0qfbbPmyMDd4aVyF3XFOP+ikSc1O3tD2YQSWpR YZPsu2Ju/2z/mop/pYkPJ0YcF0gmNglaCTQAxw== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:f68f:b0:1d4:c27a:db7d with SMTP id l15-20020a170902f68f00b001d4c27adb7dmr2556plg.0.1704938461751; Wed, 10 Jan 2024 18:01:01 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 10 Jan 2024 18:00:45 -0800 In-Reply-To: <20240111020048.844847-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240111020048.844847-1-seanjc@google.com> X-Mailer: git-send-email 2.43.0.275.g3460e3d667-goog Message-ID: <20240111020048.844847-6-seanjc@google.com> Subject: [PATCH 5/8] KVM: x86/mmu: Skip invalid TDP MMU roots when write-protecting SPTEs From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, David Matlack , Pattara Teerapong Content-Type: text/plain; charset="UTF-8" When write-protecting SPTEs, don't process invalid roots as invalid roots are unreachable, i.e. can't be used to access guest memory and thus don't need to be write-protected. Note, this is *almost* a nop for kvm_tdp_mmu_clear_dirty_pt_masked(), which is called under slots_lock, i.e. is mutually exclusive with kvm_mmu_zap_all_fast(). But it's possible for something other than the "fast zap" thread to grab a reference to an invalid root and thus keep a root alive (but completely empty) after kvm_mmu_zap_all_fast() completes. The kvm_tdp_mmu_write_protect_gfn() case is more interesting as KVM write- protects SPTEs for reasons other than dirty logging, e.g. if a KVM creates a SPTE for a nested VM while a fast zap is in-progress. Add another TDP MMU iterator to visit only valid roots, and opportunistically convert kvm_tdp_mmu_get_vcpu_root_hpa() to said iterator. Signed-off-by: Sean Christopherson --- arch/x86/kvm/mmu/tdp_mmu.c | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c index 1a9c16e5c287..e0a8343f66dc 100644 --- a/arch/x86/kvm/mmu/tdp_mmu.c +++ b/arch/x86/kvm/mmu/tdp_mmu.c @@ -171,12 +171,19 @@ static struct kvm_mmu_page *tdp_mmu_next_root(struct kvm *kvm, * Holding mmu_lock for write obviates the need for RCU protection as the list * is guaranteed to be stable. */ -#define for_each_tdp_mmu_root(_kvm, _root, _as_id) \ +#define __for_each_tdp_mmu_root(_kvm, _root, _as_id, _only_valid) \ list_for_each_entry(_root, &_kvm->arch.tdp_mmu_roots, link) \ if (kvm_lockdep_assert_mmu_lock_held(_kvm, false) && \ - _as_id >= 0 && kvm_mmu_page_as_id(_root) != _as_id) { \ + ((_as_id >= 0 && kvm_mmu_page_as_id(_root) != _as_id) || \ + ((_only_valid) && (_root)->role.invalid))) { \ } else +#define for_each_tdp_mmu_root(_kvm, _root, _as_id) \ + __for_each_tdp_mmu_root(_kvm, _root, _as_id, false) + +#define for_each_valid_tdp_mmu_root(_kvm, _root, _as_id) \ + __for_each_tdp_mmu_root(_kvm, _root, _as_id, true) + static struct kvm_mmu_page *tdp_mmu_alloc_sp(struct kvm_vcpu *vcpu) { struct kvm_mmu_page *sp; @@ -224,11 +231,8 @@ hpa_t kvm_tdp_mmu_get_vcpu_root_hpa(struct kvm_vcpu *vcpu) lockdep_assert_held_write(&kvm->mmu_lock); - /* - * Check for an existing root before allocating a new one. Note, the - * role check prevents consuming an invalid root. - */ - for_each_tdp_mmu_root(kvm, root, kvm_mmu_role_as_id(role)) { + /* Check for an existing root before allocating a new one. */ + for_each_valid_tdp_mmu_root(kvm, root, kvm_mmu_role_as_id(role)) { if (root->role.word == role.word && kvm_tdp_mmu_get_root(root)) goto out; @@ -1639,7 +1643,7 @@ void kvm_tdp_mmu_clear_dirty_pt_masked(struct kvm *kvm, { struct kvm_mmu_page *root; - for_each_tdp_mmu_root(kvm, root, slot->as_id) + for_each_valid_tdp_mmu_root(kvm, root, slot->as_id) clear_dirty_pt_masked(kvm, root, gfn, mask, wrprot); } @@ -1757,7 +1761,7 @@ bool kvm_tdp_mmu_write_protect_gfn(struct kvm *kvm, bool spte_set = false; lockdep_assert_held_write(&kvm->mmu_lock); - for_each_tdp_mmu_root(kvm, root, slot->as_id) + for_each_valid_tdp_mmu_root(kvm, root, slot->as_id) spte_set |= write_protect_gfn(kvm, root, gfn, min_level); return spte_set; -- 2.43.0.275.g3460e3d667-goog