Received: by 2002:a05:7412:3b8b:b0:fc:a2b0:25d7 with SMTP id nd11csp2580132rdb; Mon, 12 Feb 2024 09:11:00 -0800 (PST) X-Google-Smtp-Source: AGHT+IHJm4KypgGQaE3+bJKoftEwUG59tWfI7Mv/DvRP9BoTU7qoI65S1AuyRNUguCqYaKd9ohNg X-Received: by 2002:a05:6a20:c707:b0:19e:4793:6263 with SMTP id hi7-20020a056a20c70700b0019e47936263mr12958006pzb.52.1707757860700; Mon, 12 Feb 2024 09:11:00 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707757860; cv=pass; d=google.com; s=arc-20160816; b=crYotG0Y5an2HoA/HljN876rEpgUH0rEWtlaZY2skQeM6OcCwx+GSieE5VYupLcwR6 J+m53jICHA/54Bb2Nudv0X257THx/0DONo0tk9YcJyfQrmDL8tCxzYQuFpf0Qf1UWBmY 6nmiPOjDoMnQ8TocrkWSHTjnisSscb4mnRwHfrj+EBHXJyNGxxAMdbkUg72nzYPnGlfA 5sjRcd9EryahPZPYCxs1K5n/kgPDk/2FeMAwXzMDjs12D3x09Gai+h9As+x369D1WLR2 0NrBgcQwRPjumC3lTjJj+g+wg8ZBuMYscWYuWOwmSVHo7Y4WyrxmfnUJKG0GTk01f6LS OUgw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=9xp7gNBv2Jdgu6ipEnFwfAZMrvYa1++S5m681LZp5tw=; fh=G+i/2mVnwD7ovCZ2C+77R+6Vptnk2BVozYGbjNXl9d0=; b=jHSSGmpRycWT59H03WN4uT1eMiT+VaNNETw2jyTlRuEKf/oxpCTpbgEBCoczri4XIX /ZNPGWVz3xwU8frgOKxybqOGE6eKYz/JN1RQMUUXZo90lzNWvhLyFgMKjWT7qH/ib4UK 9+SK68rHzhBIFDLaol0/jUFNkJPQlOXnMb4djrSbv4fCU4BjBG+pmZ7oEz5pQZlCfLjl T8DCMAFNrtAQxpIvNfLL5cEkkVJSgJleuokhfPkseZO2r+NG91kt7RjdZQH/OojLXkJJ 25/dSRxIrnE3pownPQ4RYDRAZXfHmpC7r3fxKOVELoGqPcKu0WG7ughwi1K8wRjL2LGZ pLqw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=HzGLhoNJ; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-62030-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-62030-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com X-Forwarded-Encrypted: i=2; AJvYcCXJD+rOsJtFd2KXH9QI0lvbhLHG3ULKNQFbWxUy02AJlX/IRh6hklFFdw3Se5tEFUTqABKAUO3cd0RKgJD6JgeRetWGW7EMUMz0c56xJQ== Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id m67-20020a632646000000b005cdfdfcd033si500774pgm.180.2024.02.12.09.11.00 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Feb 2024 09:11:00 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-62030-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=HzGLhoNJ; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-62030-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-62030-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 5E71C2887F7 for ; Mon, 12 Feb 2024 17:03:04 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id E1C103E464; Mon, 12 Feb 2024 17:02:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="HzGLhoNJ" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 94F9D3D0C6 for ; Mon, 12 Feb 2024 17:02:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707757336; cv=none; b=qvMyR1EyuoV1iZx6wkDYcKJKwlZpylxzIjOYxQGhsX7Zd3GM7svvypdZgyPPrrQ7eI4g+Tk/qt3omydUzWrvVyjslIM5m2+J/cYveG3uutKgCCBcJIb599Uwmke68dRSI48w4Zwg+B4gctigAJCUEKMDFIvLn4w7/41MEsTSZkI= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707757336; c=relaxed/simple; bh=r+fd6gc2wHOtnEcUyphtPRN7b9wjmwB3NER9JLbp2/U=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=RZS4CW0nfed7tw5vkIt4rWXArhS/xV6Byw2iRqmlphjQMoKVQskFRORABKZkO94sF6gnsLQ4sog0PbTL13k5nIdSuRSKRLzYbbCIBywt9UM3fSXIo56J/eW64ncdemninQMhqdLNxz5AR6U7875m6TjKSqFIhLeNHOA88ZIrWbY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=HzGLhoNJ; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1707757333; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9xp7gNBv2Jdgu6ipEnFwfAZMrvYa1++S5m681LZp5tw=; b=HzGLhoNJeKx9lSA4r8mZjHEDd9NXLaJshBBRj92BueCVisn9BKcgZHiPwP053m0odtCAgV tgmlJj2+9tm3/8bID6hVzMTpPy2Px1MqFn+m3sadz0TURL1TT7WM3L5fgmp12nrCprLdB0 h0CDkQCNcpP2H7VktMK2+re4o6XEyzg= Received: from mail-oi1-f198.google.com (mail-oi1-f198.google.com [209.85.167.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-594-QeFnQR17P_aJdpzUYr87pw-1; Mon, 12 Feb 2024 12:02:09 -0500 X-MC-Unique: QeFnQR17P_aJdpzUYr87pw-1 Received: by mail-oi1-f198.google.com with SMTP id 5614622812f47-3bfd890774eso2531650b6e.1 for ; Mon, 12 Feb 2024 09:02:08 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707757327; x=1708362127; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9xp7gNBv2Jdgu6ipEnFwfAZMrvYa1++S5m681LZp5tw=; b=EszYSW+Oq2tOIUdyencABw2b1Pws5Wsn81CrY/OwOl98CBvOJhjkbcUOpRDFHW6GaG 0FCOfMZN/xDB0q4qae8nToADC9wUvkvK8GJMzmEuRYzYyXd02osixTN7u/rxDyg7nOED o3RyyZKdbCngsZd4p0q0ceIf1UVik60LKUJ68wmrCaKnjP54Lx+e3fHV3EKgIrfJoG15 ZbWi0epkKRvfCTN1/e/PBsFTCGk/KU+MVi+K8lQvbLeuEg6b3wwdPQ9S7ksSTrIYW567 Dupxz0UM8vdPZsCcrEdVP81q4jDXoqSPDMFLsXt9apd4mFXttZq/6lYHEC5wBkZAbZ0D 2sMg== X-Gm-Message-State: AOJu0YyLH9ybbqxipi/khTshFtq2dxrIXlDORDjZUFcV7yBqSnrWu2z8 iBNPtLVYPhyO720Yrc9gbDcK3OaxLFt5tk7u8Hh0Wghup2QXRrKc0OdOxLcmzNN2W0FTrn0DHCY SvvthMcmx3tqkxdpbrtMVrZt4R/OZlnXn1g1I4Zzuo2SFjV2LFyJBslJKDdJoiVq7Blj9FP8zF7 QiuJxYE530b8isIECr4f1uzdG8DdivTQSE4Bz7 X-Received: by 2002:a05:6808:138b:b0:3c0:31e5:35f1 with SMTP id c11-20020a056808138b00b003c031e535f1mr6116248oiw.36.1707757327454; Mon, 12 Feb 2024 09:02:07 -0800 (PST) X-Received: by 2002:a05:6808:138b:b0:3c0:31e5:35f1 with SMTP id c11-20020a056808138b00b003c031e535f1mr6116210oiw.36.1707757327107; Mon, 12 Feb 2024 09:02:07 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <91c797997b57056224571e22362321a23947172f.1705965635.git.isaku.yamahata@intel.com> In-Reply-To: <91c797997b57056224571e22362321a23947172f.1705965635.git.isaku.yamahata@intel.com> From: Paolo Bonzini Date: Mon, 12 Feb 2024 18:01:54 +0100 Message-ID: Subject: Re: [PATCH v18 040/121] KVM: x86/mmu: Disallow fast page fault on private GPA To: isaku.yamahata@intel.com Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, isaku.yamahata@gmail.com, erdemaktas@google.com, Sean Christopherson , Sagi Shahar , Kai Huang , chen.bo@intel.com, hang.yuan@intel.com, tina.zhang@intel.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, Jan 23, 2024 at 12:55=E2=80=AFAM wrote: > > From: Isaku Yamahata > > TDX requires TDX SEAMCALL to operate Secure EPT instead of direct memory > access and TDX SEAMCALL is heavy operation. Fast page fault on private G= PA > doesn't make sense. Disallow fast page fault on private GPA. > > Signed-off-by: Isaku Yamahata > Reviewed-by: Paolo Bonzini > --- > arch/x86/kvm/mmu/mmu.c | 12 ++++++++++-- > 1 file changed, 10 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c > index b2924bd9b668..54d4c8f1ba68 100644 > --- a/arch/x86/kvm/mmu/mmu.c > +++ b/arch/x86/kvm/mmu/mmu.c > @@ -3339,8 +3339,16 @@ static int kvm_handle_noslot_fault(struct kvm_vcpu= *vcpu, > return RET_PF_CONTINUE; > } > > -static bool page_fault_can_be_fast(struct kvm_page_fault *fault) > +static bool page_fault_can_be_fast(struct kvm *kvm, struct kvm_page_faul= t *fault) > { > + /* > + * TDX private mapping doesn't support fast page fault because th= e EPT > + * entry is read/written with TDX SEAMCALLs instead of direct mem= ory > + * access. > + */ > + if (kvm_is_private_gpa(kvm, fault->addr)) > + return false; I think this does not apply to SNP? If so, it would be better to check the SPTE against the shared-page mask inside the do...while loop. Paolo > /* > * Page faults with reserved bits set, i.e. faults on MMIO SPTEs,= only > * reach the common page fault handler if the SPTE has an invalid= MMIO > @@ -3450,7 +3458,7 @@ static int fast_page_fault(struct kvm_vcpu *vcpu, s= truct kvm_page_fault *fault) > u64 *sptep; > uint retry_count =3D 0; > > - if (!page_fault_can_be_fast(fault)) > + if (!page_fault_can_be_fast(vcpu->kvm, fault)) > return ret; > > walk_shadow_page_lockless_begin(vcpu); > -- > 2.25.1 >