Received: by 2002:a05:7412:d1aa:b0:fc:a2b0:25d7 with SMTP id ba42csp28141rdb; Sun, 28 Jan 2024 11:56:12 -0800 (PST) X-Google-Smtp-Source: AGHT+IGgSVY5ratMHAKVHd5mx4rhtnSo/EknG9+AVPLqbNeygEV4YOQyBn/9bB9fyP1h+zJqLz2y X-Received: by 2002:a17:906:d923:b0:a35:b73b:e626 with SMTP id rn3-20020a170906d92300b00a35b73be626mr493813ejb.73.1706471772304; Sun, 28 Jan 2024 11:56:12 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706471772; cv=pass; d=google.com; s=arc-20160816; b=byenh7LrsMwFo3WHfppMCSmnFMbRf9gnY169H7eYxwt23xRM31EuZAlyNqJaXgugCi YsHR29vfDFU1FrB9JmccWjYTUk7dzb4zbJ2pIRXiT23qBEaU3lZZLiFMoX+P+exk4S6W yx48U8tJDlLfPpcEtD+itfMDRo0KR1sH2H5/dGyvxJUJEJnNYxaqjaIF3llx6Ghz/mGa rBRvt0UQdqNMpQUS7CjHxZTeMaK/l++qmvXB/7a2T4Hi/47ynGYQd73356hz7lvkRsf1 n5SFPOoTyVv2tGjvNsQ59rEzuLD7D1F1+7vWXWwnvgj+jOKoYX7FmJ9bWyDkma4o5EUK P+Ug== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to:subject :user-agent:mime-version:list-unsubscribe:list-subscribe:list-id :precedence:date:message-id:dkim-signature; bh=zcJsdRU5LfjtECwyKv3NrGI7EYZyEUKEVx31QXktpH4=; fh=8scsGQn+hJ1HvbMI23kGOdGh/wtWpH4wdCi8Q1zCFc4=; b=x6u71XrtqLYnTSNPGOYO6uaZYIVcxLyiPgYzi5EvWJMXzIVmqk+RlxRTjMKaxT/fAi jGP6AeXpEH16LefcEJ89Wk7F4JSnFx9+PlPm/IdUZcdv9hRvMZjtq6mXRSS/z7GNeL/J RBkxe3eVhxCmnICcx7sCDhaOQ4D41kGJKnnGzt6dnuON8eAZsV9I+kGyW4OV5gx/2mbc NaurJNxqw+wuOObuzBlaMXwtJV6NRIdso31dCwvlOBbOCoP4s4HTTbsivOH8Cxj9yREp pRQhZaL09NJcuWH1BiDOvJBrDv4QFj0Fi0ULtIZt3czdQO+BLKXrCXhsYp575X8A/kCN AWWQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=P7XXZ82h; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-41637-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-41637-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id v21-20020a170906565500b00a2fba12f3aasi2749914ejr.8.2024.01.28.11.56.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 28 Jan 2024 11:56:12 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-41637-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=P7XXZ82h; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-41637-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-41637-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id B2BAA1F228AB for ; Sun, 28 Jan 2024 13:56:54 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 6101823779; Sun, 28 Jan 2024 13:56:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="P7XXZ82h" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D7AEA23763; Sun, 28 Jan 2024 13:56:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.55.52.93 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706450203; cv=none; b=hcXwbakS2HDc8YzzIAz0GQxte/t1ZzM0YGhhherckfVSoyqmkSh4aaVRAqelPa+aDi8l1vAkJw6IBusV3MENAGZzVIaG67zhdGGPkmMvSO8k6YQHTSLJIdL00AWVyU1kEBVCzDsYXS+lD9ssh4LlHdS3TxHAWhWdc+f6WRNmrPQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706450203; c=relaxed/simple; bh=HYf5vkbs92Q5b1nQIaJMZebTNdj/neOAHlaFnh9VJUM=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=oBFHgWJI5zvhYFDD4ohxSBAxVVu3snHYA2yGhv6gpXPKWdItllPtMox7SYBxuvp2Cfdcm2NxHrL8K3g1Vebp5sWEJ0PY1JATirjUF83q3KCJ1lTSGAr4OJfyNEC8lv6XrIThrIqY8PGGEgHYC7Nn9I+NrRGIVAOdRwFP1eq5VxI= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=P7XXZ82h; arc=none smtp.client-ip=192.55.52.93 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706450201; x=1737986201; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=HYf5vkbs92Q5b1nQIaJMZebTNdj/neOAHlaFnh9VJUM=; b=P7XXZ82h2e8Zros2RZi6ilf1T0ytJxgoDJkJGwcpppGpN4+ymjsCYUZL noQYd9RxYV+0KOn9sAISBQUaNI744ne8hMz4DdQpBKQJH4wo+KOFYygRh zvDe5DO1xNCngCFgrPfSakG7aGp97Y3zmueLA5kYyYrsCebphmnHkW12v z0yw6EQShtIr8w7GyRCzqSKwHOf1XqgXTCIXtT6DkqL0YZ2ev4W+rC8+p Mi2wRecuVZcWU5DDKD9YfS5n2uaUutx6RWkRnBBsnZqU9nT7Lrzmm/u5v 4GWOXwixpMguAz5MnwzoEKPcEg+RSV1bh5JUtcrV/f9inho5a6LWQfxzp Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10966"; a="399928943" X-IronPort-AV: E=Sophos;i="6.05,220,1701158400"; d="scan'208";a="399928943" Received: from orviesa005.jf.intel.com ([10.64.159.145]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Jan 2024 05:56:41 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,220,1701158400"; d="scan'208";a="3041313" Received: from binbinwu-mobl.ccr.corp.intel.com (HELO [10.93.8.92]) ([10.93.8.92]) by orviesa005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Jan 2024 05:56:38 -0800 Message-ID: Date: Sun, 28 Jan 2024 21:56:35 +0800 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v18 040/121] KVM: x86/mmu: Disallow fast page fault on private GPA To: isaku.yamahata@intel.com Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , Kai Huang , chen.bo@intel.com, hang.yuan@intel.com, tina.zhang@intel.com References: <91c797997b57056224571e22362321a23947172f.1705965635.git.isaku.yamahata@intel.com> From: Binbin Wu In-Reply-To: <91c797997b57056224571e22362321a23947172f.1705965635.git.isaku.yamahata@intel.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 1/23/2024 7:53 AM, isaku.yamahata@intel.com wrote: > From: Isaku Yamahata > > TDX requires TDX SEAMCALL to operate Secure EPT instead of direct memory > access and TDX SEAMCALL is heavy operation. Fast page fault on private GPA > doesn't make sense. Disallow fast page fault on private GPA. > > Signed-off-by: Isaku Yamahata > Reviewed-by: Paolo Bonzini Reviewed-by: Binbin Wu > --- > arch/x86/kvm/mmu/mmu.c | 12 ++++++++++-- > 1 file changed, 10 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c > index b2924bd9b668..54d4c8f1ba68 100644 > --- a/arch/x86/kvm/mmu/mmu.c > +++ b/arch/x86/kvm/mmu/mmu.c > @@ -3339,8 +3339,16 @@ static int kvm_handle_noslot_fault(struct kvm_vcpu *vcpu, > return RET_PF_CONTINUE; > } > > -static bool page_fault_can_be_fast(struct kvm_page_fault *fault) > +static bool page_fault_can_be_fast(struct kvm *kvm, struct kvm_page_fault *fault) > { > + /* > + * TDX private mapping doesn't support fast page fault because the EPT > + * entry is read/written with TDX SEAMCALLs instead of direct memory > + * access. > + */ > + if (kvm_is_private_gpa(kvm, fault->addr)) > + return false; > + > /* > * Page faults with reserved bits set, i.e. faults on MMIO SPTEs, only > * reach the common page fault handler if the SPTE has an invalid MMIO > @@ -3450,7 +3458,7 @@ static int fast_page_fault(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault) > u64 *sptep; > uint retry_count = 0; > > - if (!page_fault_can_be_fast(fault)) > + if (!page_fault_can_be_fast(vcpu->kvm, fault)) > return ret; > > walk_shadow_page_lockless_begin(vcpu);