Received: by 2002:a05:7412:cfc7:b0:fc:a2b0:25d7 with SMTP id by7csp1025352rdb; Mon, 19 Feb 2024 01:30:19 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXnP++gADivEd/z+W9tD4ewaSvHIEClJhADRXh/QHpist0+FJTejT05QBK0dtmxNj0qE/4MQuxD6e/1RysmpideQIv+AH6mqXV9gEkKCQ== X-Google-Smtp-Source: AGHT+IGUuN335cNnVA6ctpYN4XHBeoV2B7s2KjrslCToU2bgxXUY+4E/dSwqTWdfdWd6sFIocoQL X-Received: by 2002:a05:6870:f6a3:b0:21e:b3aa:18fc with SMTP id el35-20020a056870f6a300b0021eb3aa18fcmr3580465oab.4.1708335019636; Mon, 19 Feb 2024 01:30:19 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708335019; cv=pass; d=google.com; s=arc-20160816; b=VxQbEHC2G0rMtrdt6TB9f3M6Au0u02uoWLcm2ZV+UME+ugv/pmiO34KmOXkbkW9jkW FRrHCZNl+eWNd64nThTk1bmgyR9Qxw+S3n9BzdyUAWdLwJK7A373N3zvgBhGiUTSLPGi s3gLUmrw9r7Ydzel42gHFzQHQKN+IhW4JMBTcTfWNtN47+aA0OxSJu8JwVeAaQAd8Rns ihjRp8v6w+nvUiMXGZSZ9dEIkeBt3rVAFzrIxnfDcz9lmGbwqU1OwAnxlSWK/DQjq4gb KM+kX3Sjo75T3b3H1nn2FWgCOiKq/buL1+0P8ZM9LFf7HEeA+oSNMNhKSxqXk8eXEk4k 4UZA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to:subject :user-agent:mime-version:list-unsubscribe:list-subscribe:list-id :precedence:date:message-id:dkim-signature; bh=7UM2w6YCA8vVkLxzkX3iJlLxb2vNXo5tLzkUm3SKbYw=; fh=8scsGQn+hJ1HvbMI23kGOdGh/wtWpH4wdCi8Q1zCFc4=; b=cxnvkvoyl7NU4otPFCX2PerC3tgbSE/6UhuDT1EvH0NefRrlPCg04doPYnbReUllSp CYxi+XkPrkUIaoxMQp2ppLl6ojykjZ81Vi5zkyF2rE63TJmWu4uNADwlt/667MTEsJfW 4eVw3LZzRsM/ncvf3p4D9zlBTDuss6p2IeepjOpnV1G9Bl0Q2RmbaFU1XXUECYSptmwc uiO8LOp8GVL0ECujlANkZ+xMPBU9nMmHMt/Y9qW4RK+FnrzlycBZSJOajlLYBQr5r64c 6hQoyErEBAPj7X5cqZ794oQkxHQnSgRo+o0lb3aAN2Q+rADQlMFFu7fqtkGLjWq9UGB6 aPfw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=nMKnJG5V; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-70733-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-70733-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id s20-20020a656914000000b005d8c18c7c65si4095967pgq.671.2024.02.19.01.30.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Feb 2024 01:30:19 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-70733-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=nMKnJG5V; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-70733-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-70733-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 39855B219FF for ; Mon, 19 Feb 2024 05:21:24 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1FD9C1F958; Mon, 19 Feb 2024 05:21:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="nMKnJG5V" Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 941FC1CD23; Mon, 19 Feb 2024 05:21:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.10 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708320069; cv=none; b=kArV/Phw00yOqBwc4uqm+9BAShDrh528RLgVZZs9V4ZaILq1U+SmLf17oPUZGBPeHVvFfZ2pRn4TcqgW8BTkKOcxd2BqEov4oVXAMQQ4NZYWO/vCSQfhwyMdJ1qBTgTYcZZxWoHMEx7WAzAx9L+gYO5APjzyYNoojd+KlxrXetA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708320069; c=relaxed/simple; bh=pN0VCoWunX2OLnCNR54V/+S+F1vbvvcHeczduh6bbys=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=gO7C6k7zzATboDRS+UZo1LgGRu8T20C12X0gUka4VX15l3/elKQ10F+V9tKy1Kph6twnCrnt4I7Jvh8reS6rl3gq3Yg+u7BgU+AxRLnpku7eZZDlFrO6JmyEovOsljY9wzjKmv7S1XWnxlQ3uJ+dn02piukKVsRzQbIvP1lVhG4= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=nMKnJG5V; arc=none smtp.client-ip=198.175.65.10 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1708320065; x=1739856065; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=pN0VCoWunX2OLnCNR54V/+S+F1vbvvcHeczduh6bbys=; b=nMKnJG5VKSkiSay0HOpWEJcsB9xR+qZ16nDkNycTukJmkDQ2ce3CZCa1 kYp3ycD0l9X9IzOXOvyxNzc2wjVKs2So3s1+l00/9L51ULBIZEyC5gNgP /Zhsyr0XykUS3my26ytS+ha7vPTGy26G9l2VcGnf13Oc1meG9WEH+Gnyb ELfwH0WrcfasAmLOXRZTPaq1xKGrpdcEPpDZarWySzy93aom7t33hUQP4 ivZJjc0gJhczK6TzMQz4v5y7layxsCvsmakgKEnFjs1ddUT9fcUuAN0mV 8dmei8Q45MBwIkcWhRoRLwndoPgGy+yU5Fyyg4hjEpQKa022AD4CZQTEn A==; X-IronPort-AV: E=McAfee;i="6600,9927,10988"; a="19812948" X-IronPort-AV: E=Sophos;i="6.06,170,1705392000"; d="scan'208";a="19812948" Received: from fmviesa003.fm.intel.com ([10.60.135.143]) by orvoesa102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Feb 2024 21:21:04 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.06,170,1705392000"; d="scan'208";a="8977536" Received: from binbinwu-mobl.ccr.corp.intel.com (HELO [10.238.1.66]) ([10.238.1.66]) by fmviesa003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Feb 2024 21:21:00 -0800 Message-ID: Date: Mon, 19 Feb 2024 13:20:58 +0800 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v18 061/121] KVM: TDX: MTRR: implement get_mt_mask() for TDX To: isaku.yamahata@intel.com Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , Kai Huang , chen.bo@intel.com, hang.yuan@intel.com, tina.zhang@intel.com References: <83048a3bba898a4a81215f3c62489b03e307d180.1705965635.git.isaku.yamahata@intel.com> From: Binbin Wu In-Reply-To: <83048a3bba898a4a81215f3c62489b03e307d180.1705965635.git.isaku.yamahata@intel.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 1/23/2024 7:53 AM, isaku.yamahata@intel.com wrote: > From: Isaku Yamahata > > Because TDX virtualize cpuid[0x1].EDX[MTRR: bit 12] to fixed 1, guest TD > thinks MTRR is supported. Although TDX supports only WB for private GPA, > it's desirable to support MTRR for shared GPA. As guest access to MTRR > MSRs causes #VE and KVM/x86 tracks the values of MTRR MSRs, the remining s/remining/remaining > part is to implement get_mt_mask method for TDX for shared GPA. > > Pass around shared bit from kvm fault handler to get_mt_mask method so that > it can determine if the gfn is shared or private. Implement get_mt_mask() > following vmx case for shared GPA and return WB for private GPA. But the shared bit is not consumed in get_mt_mask()? > the existing vmx_get_mt_mask() can't be directly used as CPU state(CR0.CD) > is protected. GFN passed to kvm_mtrr_check_gfn_range_consistency() should > include shared bit. > > Suggested-by: Kai Huang > Signed-off-by: Isaku Yamahata > --- > arch/x86/kvm/vmx/main.c | 10 +++++++++- > arch/x86/kvm/vmx/tdx.c | 23 +++++++++++++++++++++++ > arch/x86/kvm/vmx/x86_ops.h | 2 ++ > 3 files changed, 34 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c > index 569f2f67094c..0784290d846f 100644 > --- a/arch/x86/kvm/vmx/main.c > +++ b/arch/x86/kvm/vmx/main.c > @@ -232,6 +232,14 @@ static void vt_load_mmu_pgd(struct kvm_vcpu *vcpu, hpa_t root_hpa, > vmx_load_mmu_pgd(vcpu, root_hpa, pgd_level); > } > > +static u8 vt_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio) > +{ > + if (is_td_vcpu(vcpu)) > + return tdx_get_mt_mask(vcpu, gfn, is_mmio); > + > + return vmx_get_mt_mask(vcpu, gfn, is_mmio); > +} > + > static int vt_mem_enc_ioctl(struct kvm *kvm, void __user *argp) > { > if (!is_td(kvm)) > @@ -351,7 +359,7 @@ struct kvm_x86_ops vt_x86_ops __initdata = { > > .set_tss_addr = vmx_set_tss_addr, > .set_identity_map_addr = vmx_set_identity_map_addr, > - .get_mt_mask = vmx_get_mt_mask, > + .get_mt_mask = vt_get_mt_mask, > > .get_exit_info = vmx_get_exit_info, > > diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c > index 4002e7e7b191..4cbcedff4f16 100644 > --- a/arch/x86/kvm/vmx/tdx.c > +++ b/arch/x86/kvm/vmx/tdx.c > @@ -439,6 +439,29 @@ int tdx_vm_init(struct kvm *kvm) > return 0; > } > > +u8 tdx_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio) > +{ > + if (is_mmio) > + return MTRR_TYPE_UNCACHABLE << VMX_EPT_MT_EPTE_SHIFT; > + > + if (!kvm_arch_has_noncoherent_dma(vcpu->kvm)) > + return (MTRR_TYPE_WRBACK << VMX_EPT_MT_EPTE_SHIFT) | VMX_EPT_IPAT_BIT; > + > + /* > + * TDX enforces CR0.CD = 0 and KVM MTRR emulation enforces writeback. > + * TODO: implement MTRR MSR emulation so that > + * MTRRCap: SMRR=0: SMRR interface unsupported > + * WC=0: write combining unsupported > + * FIX=0: Fixed range registers unsupported > + * VCNT=0: number of variable range regitsers = 0 > + * MTRRDefType: E=1, FE=0, type=writeback only. Don't allow other value. > + * E=1: enable MTRR > + * FE=0: disable fixed range MTRRs > + * type: default memory type=writeback > + */ > + return MTRR_TYPE_WRBACK << VMX_EPT_MT_EPTE_SHIFT; > +} > + > int tdx_vcpu_create(struct kvm_vcpu *vcpu) > { > struct kvm_tdx *kvm_tdx = to_kvm_tdx(vcpu->kvm); > diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h > index 441915e9293e..5a9aabf39c02 100644 > --- a/arch/x86/kvm/vmx/x86_ops.h > +++ b/arch/x86/kvm/vmx/x86_ops.h > @@ -150,6 +150,7 @@ int tdx_vm_ioctl(struct kvm *kvm, void __user *argp); > int tdx_vcpu_create(struct kvm_vcpu *vcpu); > void tdx_vcpu_free(struct kvm_vcpu *vcpu); > void tdx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event); > +u8 tdx_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio); > > int tdx_vcpu_ioctl(struct kvm_vcpu *vcpu, void __user *argp); > > @@ -176,6 +177,7 @@ static inline int tdx_vm_ioctl(struct kvm *kvm, void __user *argp) { return -EOP > static inline int tdx_vcpu_create(struct kvm_vcpu *vcpu) { return -EOPNOTSUPP; } > static inline void tdx_vcpu_free(struct kvm_vcpu *vcpu) {} > static inline void tdx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event) {} > +static inline u8 tdx_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio) { return 0; } > > static inline int tdx_vcpu_ioctl(struct kvm_vcpu *vcpu, void __user *argp) { return -EOPNOTSUPP; } >