Received: by 2002:a05:7208:9594:b0:7e:5202:c8b4 with SMTP id gs20csp2289506rbb; Tue, 27 Feb 2024 18:03:20 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXM8Tf+mAh6mWuPiaXtLuEfVcGvOzHPeNlzKhZsXCzUY10omqUOkiAAFOVK02Fp9vv0i2cjWro01sbjliK4gVC9WrgerzRtRNjz7IB5ww== X-Google-Smtp-Source: AGHT+IG/uVAKWOCmXW+7hgUHn61jLM7Nd9vBsUWJ2789T/bT+eHBdUhkjMjxsk5ordTT0lHZnVi4 X-Received: by 2002:a2e:8410:0:b0:2d1:1de5:3c42 with SMTP id z16-20020a2e8410000000b002d11de53c42mr6859832ljg.24.1709085800152; Tue, 27 Feb 2024 18:03:20 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709085800; cv=pass; d=google.com; s=arc-20160816; b=BIEvqgnl+AQIFxs8kQFzuL56O38d9IW2phmcNyWdhPkZARlCWkzuRfs2zjbo/3u5OQ vA/W+g3Fat/IiR9YORt9DSVsePmVLHOweOJnHYgBTxRTJoX4Wv2EC6pePNUI0jnMj5i2 hAV5OvvbFwFYPbgomR0B5vPoIfBuKIjaR9m3EaH2Fu7XlvtPXjvjTsuIIF5G0UPQ0QOr RVI0J/R/AyeS3R/O0F2DCbSbI9ix20cokGulUu9pdTWqXo012Ko3mqynY0FFVqP6lglm kxEJj3btdQwvZtl9smSJAl4qGmJlx9dZWqmPlUld1toqox43fDg1HRCjfQ+qiU11gCeR 6HKA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :dkim-signature; bh=2cRk3uqvSbJiBHA3pyhGkClPVcG1HOgMZ3vlrWdyKlg=; fh=3MI4bsUq5Tu0FLJus7Axcem2jDGCHw+ZY2hxOAue5HI=; b=Y7/Lrc63D6NzmNE/VUQhE5W1J22mcBYJlFnJQO+M5ih7TW8oVcoE+ZYQR4uM6R/pzf tQ8VosK+HVK/0pxzG79wErL+evp9vpjv5pzgQQ8wVXoVO/NEnBlU+PbgcCK3opJZFbl2 P6D32NI7dkqIKxdrFRCmgdqmc0HgcYeTuI1W2xMDQQOBiHkgJ0ZBElnVfRVXfap7B8em h3D4XMRcyDqUSuqYi3XT57kThQ/elIOrx3m/NnrKwjNKO/7OA7D3C5WC9deart9M/AhO HvLYZ3JRmB8b0uo5tXz7RnFK42F928ibqJDcj57rEsGRDNUvf5sCT972hZ+aLLYRK/Xm illQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=RNfKPtf0; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-84399-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-84399-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id c12-20020aa7c98c000000b0056586fb16d9si1178442edt.422.2024.02.27.18.03.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 18:03:20 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-84399-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=RNfKPtf0; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-84399-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-84399-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id AC40D1F2F3DA for ; Wed, 28 Feb 2024 02:03:19 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 75AFE6AC0; Wed, 28 Feb 2024 02:03:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="RNfKPtf0" Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 19AD04400 for ; Wed, 28 Feb 2024 02:03:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709085785; cv=none; b=QJqsHSw4JAposygSjpY/0Zxo70asxQf86t+ReXePx/f3IiMS9jeUoIft5dNiMpg398lPtdxvYskPf29y/H1WF90GOv0qT4CMsx8yGgLz0isSZG2yGhz2OgCJCpfQuKi4Q+7P9NUl/u2vGrt0WZVf75eRltv4uN5WPhnSskt49jc= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709085785; c=relaxed/simple; bh=4on74mCYLeE6XaAwNoUjaXzsgV6wvEl6lBJmqfetf9k=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=KKeib2hlhYbEFUV9xfMh8tQ77PI7SEyogCGDb/9VhO2AvZ4aRJz7ZoDmtoeQgnaNVve12cG0NNYi/j+R+kMoBz1aIqYd90XVsihCIthk3ZPwbhsIJGDX5CtImAW6i/Njplv98bw+uGCpiPoRORtl8BjwGZ8fMEDit2+66eYL3Es= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=RNfKPtf0; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-6093f75fc81so438407b3.1 for ; Tue, 27 Feb 2024 18:03:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709085783; x=1709690583; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=2cRk3uqvSbJiBHA3pyhGkClPVcG1HOgMZ3vlrWdyKlg=; b=RNfKPtf0FOjno52HqOg1L+E2Ncf7KNg1pCXFiGPr8aQp2k1Fi0+Jbav4dmR7Sdg3Sx WIQQIack4+Hf8X89I8XQFmO+Knxc5pqXlO+fN+7sJPZo4o9Lt9Nf4EFf+vixHYdK6O3j nhLQjY5zZH92KRoHJexIMSHoAducE43vF268hY986rYShBnPtlxz7HyPrQKyqpzE7Ihj r+UtbUhJcvBwCvQWQuo6WI2t3w3KhUGmF+mc5/tv2C4M7A5+hBcmcj/gEqVOLOh8WTlR pAlo40RZFcq0N7P1xXkBSg+0Pgf47tWAbpWeLrSvvbg3306mMWatgFJq7kvUnzzpKGQQ IYVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709085783; x=1709690583; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=2cRk3uqvSbJiBHA3pyhGkClPVcG1HOgMZ3vlrWdyKlg=; b=aY/HrmzU8JEBd3HJh3A9P+aKnI274L9JinDyXq0R/tNpNfjF+eiNHSZZB89IDc2xNG H97DKiQFILvT2ZgUw5Tr058gS/ZV+mScoska7V2D8wcIZQzcNpmpl8DnqCu5Uq3W1VRo WCHHZCQEz94/Iao7HKrDSTlmub5qqtqST69Oi2knaNtcGepSoNZOpIZC6pqBb5Mr2V/Q Ma1MakrU2I4SnYECt4puIJkqGBXApYnf4DQlhvos0Gw0Hs2oLvDNthMZTpGy4OcFUhaW 3poiEszDZ8Lbj/5GYdGUcWuJJl3vm1Fdqu1eLN/S/9U3yEij7jJH3v2igX45dwVOVQIW cLAA== X-Gm-Message-State: AOJu0YxD2J0aFAbs+Tf81GPqyhvtZw7RrOrzy06Uzh7t1eADFGhftBre rz/Q8voHko/gGWedWgQpMobgVDtplrL9dn/lOP/hcT1YVmWg7Mkii+iNv4/IzHy2mlzmZAI+KnJ kcg== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:fe08:0:b0:608:f15:5ba7 with SMTP id j8-20020a81fe08000000b006080f155ba7mr907857ywn.0.1709085783122; Tue, 27 Feb 2024 18:03:03 -0800 (PST) Date: Tue, 27 Feb 2024 18:03:01 -0800 In-Reply-To: <20240227232100.478238-15-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240227232100.478238-1-pbonzini@redhat.com> <20240227232100.478238-15-pbonzini@redhat.com> Message-ID: Subject: Re: [PATCH 14/21] KVM: x86/mmu: pass error code back to MMU when async pf is ready From: Sean Christopherson To: Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, michael.roth@amd.com, isaku.yamahata@intel.com, thomas.lendacky@amd.com Content-Type: text/plain; charset="us-ascii" On Tue, Feb 27, 2024, Paolo Bonzini wrote: > Right now the error code is not used when an async page fault is completed. > This is not a problem in the current code, but it is untidy. For protected > VMs we need to check that the page attributes match the current state of the > page. Async page faults can only occur on shared pages (because > private pages go through kvm_faultin_pfn_private() instead of > __gfn_to_pfn_memslot()), but it is risky to rely on the polarity of > PFERR_GUEST_ENC_MASK and the high 32 bits of the error code being zero. > So, for clarity and future-proofing of the code, pipe the error code > from kvm_arch_setup_async_pf() to kvm_arch_async_page_ready() via the > architecture-specific async page fault data. > > Extracted from a patch by Isaku Yamahata. > > Signed-off-by: Paolo Bonzini > --- > arch/x86/include/asm/kvm_host.h | 1 + > arch/x86/kvm/mmu/mmu.c | 14 +++++++------- > 2 files changed, 8 insertions(+), 7 deletions(-) > > diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h > index a4514c2ef0ec..24e30ca2ca8f 100644 > --- a/arch/x86/include/asm/kvm_host.h > +++ b/arch/x86/include/asm/kvm_host.h > @@ -1839,6 +1839,7 @@ struct kvm_arch_async_pf { > gfn_t gfn; > unsigned long cr3; > bool direct_map; > + u64 error_code; > }; > > extern u32 __read_mostly kvm_nr_uret_msrs; > diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c > index f58ca6cb789a..c9890e5b6e4c 100644 > --- a/arch/x86/kvm/mmu/mmu.c > +++ b/arch/x86/kvm/mmu/mmu.c > @@ -4260,18 +4260,18 @@ static u32 alloc_apf_token(struct kvm_vcpu *vcpu) > return (vcpu->arch.apf.id++ << 12) | vcpu->vcpu_id; > } > > -static bool kvm_arch_setup_async_pf(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, > - gfn_t gfn) > +static bool kvm_arch_setup_async_pf(struct kvm_vcpu *vcpu, > + struct kvm_page_fault *fault) > { > struct kvm_arch_async_pf arch; > > arch.token = alloc_apf_token(vcpu); > - arch.gfn = gfn; > + arch.gfn = fault->gfn; > arch.direct_map = vcpu->arch.mmu->root_role.direct; > arch.cr3 = kvm_mmu_get_guest_pgd(vcpu, vcpu->arch.mmu); > > - return kvm_setup_async_pf(vcpu, cr2_or_gpa, > - kvm_vcpu_gfn_to_hva(vcpu, gfn), &arch); > + return kvm_setup_async_pf(vcpu, fault->addr, > + kvm_vcpu_gfn_to_hva(vcpu, fault->gfn), &arch); > } > > void kvm_arch_async_page_ready(struct kvm_vcpu *vcpu, struct kvm_async_pf *work) > @@ -4290,7 +4290,7 @@ void kvm_arch_async_page_ready(struct kvm_vcpu *vcpu, struct kvm_async_pf *work) > work->arch.cr3 != kvm_mmu_get_guest_pgd(vcpu, vcpu->arch.mmu)) > return; > > - kvm_mmu_do_page_fault(vcpu, work->cr2_or_gpa, 0, true, NULL); > + kvm_mmu_do_page_fault(vcpu, work->cr2_or_gpa, work->arch.error_code, true, NULL); This is silly. If we're going to bother plumbing in the error code, then we should use it to do sanity checks. Things have gone off the rails if end up with an async #PF on private memory. > } > > static inline u8 kvm_max_level_for_order(int order) > @@ -4395,7 +4395,7 @@ static int __kvm_faultin_pfn(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault > trace_kvm_async_pf_repeated_fault(fault->addr, fault->gfn); > kvm_make_request(KVM_REQ_APF_HALT, vcpu); > return RET_PF_RETRY; > - } else if (kvm_arch_setup_async_pf(vcpu, fault->addr, fault->gfn)) { > + } else if (kvm_arch_setup_async_pf(vcpu, fault)) { > return RET_PF_RETRY; > } > } > -- > 2.39.0 > >