Received: by 2002:a05:7208:9594:b0:7e:5202:c8b4 with SMTP id gs20csp1464810rbb; Mon, 26 Feb 2024 10:03:03 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCV091naKbly390y/lljSsJUaHy+mxobi3VnCgHPnolKD+40yAs0Ez0Rd/OLdakX3B9y1hOt0FYjZphIlpHEz9bon/HNK8nBm6n9xciBsQ== X-Google-Smtp-Source: AGHT+IGPB9qRx9NTpabEbjVJzrjjcyHYDgkl9jpARH9BBSFHpypPbIOecfEOdbcLXspyAsUAzLis X-Received: by 2002:a05:6a20:250a:b0:1a0:6c87:9197 with SMTP id j10-20020a056a20250a00b001a06c879197mr7444110pzd.58.1708970582910; Mon, 26 Feb 2024 10:03:02 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708970582; cv=pass; d=google.com; s=arc-20160816; b=YEsXm5yPNSmeK9Q3rLzNqf9HIuv+EtzephVwjV98OtdU2YknzGMpZpdk55tSD0ta2b esK6jBDknsUrR5GN51/RXsqEwHkLrNVOKQ8insKpSkcsPsjtcfM2mzD9o3/r+XFkJX+n dC6ZwR+ITUxnlC8r9y9UvIm4P6q4HoxVKyuRSeihuo7VaA93mzEOsAjPslvse6ggftTL iJPQq0j71Sp/PpBkyq7zkgMO5mFmjKKtAnfhJtX0QjHg1ys0erUJXDg4MKe2ADt587Cb ve9acCujjOYIjQuiwEhSto/XWR+lt5hZt5RiWG3Tld/ECUeUL+4kpPTu5BSeukedLz4K NyJA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:subject:cc:to:from:date:dkim-signature; bh=/1ajdhON17MAHHWcFAjsYWD9KkCFiAK55IR5Xm1OgTE=; fh=m3OEjHiXYvVNy3TYrseGZ6IzJiOJfEaDJE5RufTYtCY=; b=KlbMvjSRDdMeIVAWPO4k+EvL3xF/WpcNT40UK/XkberHJo9DaGvauVk3VCHhfL+VFe DQUaiws3LUCviFwJqBsfkL7TlnV6uDowhigSZez9y/JoUgPgFsCM+0yrnzeEgQ71YzhI EDR1q5x+hHLQYi3h/wvsZm+hyZJNSGbpXtg3tXnsUB8Avy3pLZc+d+nyrg28oogbSHsx JgytQqi+lnI4oUOJ4jjqbe4HrYYT+eREcGgj0JGMUx0Y2g3k2kRXuPKnCvmFcVvnzhPC vXigQkxBDJXAc4SyyqKUV/2yOOE8Lqg//cPjS/+Z4FdQP3sqpzVCFiATUi6yKh7CuStD DJpw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=MdQH+B+Q; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-82117-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82117-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id v27-20020a63481b000000b005dc493c9496si4014596pga.507.2024.02.26.10.03.02 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 10:03:02 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-82117-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=MdQH+B+Q; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-82117-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82117-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 4A9FC2940B4 for ; Mon, 26 Feb 2024 18:03:02 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 2697012F581; Mon, 26 Feb 2024 18:02:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="MdQH+B+Q" Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0E58012F362; Mon, 26 Feb 2024 18:02:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.9 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708970567; cv=none; b=U5SI+/iZYSahvDPWhiPPTuncjjRaS9U/3rCy2ZRror6E5SYxMfRXkFqn3wVNT8qiSbJoia6XQUlhb8shMkLKjOmWFGanlZcYk++LU9dWClZTkkfcPNogiIrFIWVKgTYU++Uv4HYwjT1OC5J96qF5W7VoGTyc6YUpwiFxdUI0Pdc= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708970567; c=relaxed/simple; bh=5UKky+Hm3LQkv7vqoNqO+TpAezTPnjT2mPmj06qXkbM=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=avGqxRf6mLJM1cB92Z7YJSeqKcNEjbbst6/VuTLwOjy0B9nYp3fTdBZsOeRBwCmNOvUvZadvF1OnECSP/k7Q1JfvebBkQY5XsXje4QJ8g8Y8MrWn+AQFmoMxoiap7Y+oHgPpKTbGfQnTfU58irPEszyiGgdZ1niErhSfH++CR/4= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=MdQH+B+Q; arc=none smtp.client-ip=192.198.163.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1708970565; x=1740506565; h=date:from:to:cc:subject:message-id:references: mime-version:content-transfer-encoding:in-reply-to; bh=5UKky+Hm3LQkv7vqoNqO+TpAezTPnjT2mPmj06qXkbM=; b=MdQH+B+QCKQtEjqTdWmwAV7tKD6Odm32XMUUJ/PwHOneUpBYiTKeS76r W7Gf8fkEV5A7r+R1VQND1G/f0RQoWtBmeqNs7cUiOnz2no0WfYU+nYhAp 2aPH77G3OTA2GkUwh2pITttEVKuBcEYIfYxLPGAdC5qsG6FqCjvWXYMP9 zd2ZHY2DJXIPth3gYN0qkl7OpPiGibnwBFUz7i7e7kIhlnC7mYt5k5u4T QTEFCgEcixGogU1gsKOryaQq8v7/T4qUyFWamj5b2QcIdz0/eMLeuMhX/ GGacelmdhD0RGPIBo0qMS6lOLwNo0rRL60Ev7H2GZBSWZeDqoZ7KQUE9S A==; X-IronPort-AV: E=McAfee;i="6600,9927,10996"; a="13981118" X-IronPort-AV: E=Sophos;i="6.06,186,1705392000"; d="scan'208";a="13981118" Received: from orviesa005.jf.intel.com ([10.64.159.145]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Feb 2024 10:02:44 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.06,186,1705392000"; d="scan'208";a="11530823" Received: from ls.sc.intel.com (HELO localhost) ([172.25.112.31]) by orviesa005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Feb 2024 10:02:43 -0800 Date: Mon, 26 Feb 2024 10:02:43 -0800 From: Isaku Yamahata To: Paolo Bonzini Cc: isaku.yamahata@intel.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, isaku.yamahata@gmail.com, erdemaktas@google.com, Sean Christopherson , Sagi Shahar , Kai Huang , chen.bo@intel.com, hang.yuan@intel.com, tina.zhang@intel.com, isaku.yamahata@linux.intel.com Subject: Re: [PATCH v18 040/121] KVM: x86/mmu: Disallow fast page fault on private GPA Message-ID: <20240226180243.GD177224@ls.amr.corp.intel.com> References: <91c797997b57056224571e22362321a23947172f.1705965635.git.isaku.yamahata@intel.com> <20240226175510.GC177224@ls.amr.corp.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20240226175510.GC177224@ls.amr.corp.intel.com> On Mon, Feb 26, 2024 at 09:55:10AM -0800, Isaku Yamahata wrote: > On Mon, Feb 12, 2024 at 06:01:54PM +0100, > Paolo Bonzini wrote: > > > On Tue, Jan 23, 2024 at 12:55 AM wrote: > > > > > > From: Isaku Yamahata > > > > > > TDX requires TDX SEAMCALL to operate Secure EPT instead of direct memory > > > access and TDX SEAMCALL is heavy operation. Fast page fault on private GPA > > > doesn't make sense. Disallow fast page fault on private GPA. > > > > > > Signed-off-by: Isaku Yamahata > > > Reviewed-by: Paolo Bonzini > > > --- > > > arch/x86/kvm/mmu/mmu.c | 12 ++++++++++-- > > > 1 file changed, 10 insertions(+), 2 deletions(-) > > > > > > diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c > > > index b2924bd9b668..54d4c8f1ba68 100644 > > > --- a/arch/x86/kvm/mmu/mmu.c > > > +++ b/arch/x86/kvm/mmu/mmu.c > > > @@ -3339,8 +3339,16 @@ static int kvm_handle_noslot_fault(struct kvm_vcpu *vcpu, > > > return RET_PF_CONTINUE; > > > } > > > > > > -static bool page_fault_can_be_fast(struct kvm_page_fault *fault) > > > +static bool page_fault_can_be_fast(struct kvm *kvm, struct kvm_page_fault *fault) > > > { > > > + /* > > > + * TDX private mapping doesn't support fast page fault because the EPT > > > + * entry is read/written with TDX SEAMCALLs instead of direct memory > > > + * access. > > > + */ > > > + if (kvm_is_private_gpa(kvm, fault->addr)) > > > + return false; > > > > I think this does not apply to SNP? If so, it would be better to check > > the SPTE against the shared-page mask inside the do...while loop. > > No, this won't apply to SNP. Let me update the patch corresponding in v19. shared-page mask is against GPA or faulting address. Not SPTE unlike SNP. So it doesn't make sense to check inside the do..while loop. -- Isaku Yamahata