Received: by 2002:ab2:3319:0:b0:1ef:7a0f:c32d with SMTP id i25csp933651lqc; Fri, 8 Mar 2024 17:11:46 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCV9IGgHIfQ9r1b0Oln82c+v0Re7Ief+n+LfKqN9gp4Cu5ldcx9X0yB26ui1T2bGGL/98f/8sFw9rOXruff0r0AHmrrMj/YGQfRtPyaKow== X-Google-Smtp-Source: AGHT+IHIP22AfXtWkrVY03Gt1uy2ct/v7+JwEXnDhM0svXoBc8gxmAjmJt9HXDLAEwR0+NldPdss X-Received: by 2002:adf:f4cb:0:b0:33d:8029:b136 with SMTP id h11-20020adff4cb000000b0033d8029b136mr473652wrp.55.1709946706064; Fri, 08 Mar 2024 17:11:46 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709946706; cv=pass; d=google.com; s=arc-20160816; b=TK1Uk9EEXvGH3vLc2M8aUWEEP50AzoTAS3DxPHeph+F1JpdXgN/xHct9ELcW2rqeSz a9WnTcXF5MQPCBe4t5gLYR8aiA276KyqPY+ZH5ljYmQBzVYjYD4dozm95blPDYoitZvs F3rNi9yqG3WCOblL78S3Ijak8XxkxaKnl+uQNo1PDIsvAu8pOiR5acG9h0uESaOZGvES tcIKwcAhjrVTa6dtnFCVTDALFYAN9LtCsPFP0/Bu86eiQDHpCYKQU7+ob/sjhGQdpGxf RXEK+DowsSUQ1SIt2eQD1fSjnbiQyc3JmsTMiatJdxz+glJYGn+Q+Kbq+7b/Hz64Y3kP KHGA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :reply-to:dkim-signature; bh=KHsK4PsKTic4mEiyDeXzOn255RqCA20uAznQ1bSFzaA=; fh=WAtyyKpEbI2zJfAMsOY1FvRaGTAhL3ZnV3q+kcqF73k=; b=kzT0UZOp4pUsg08Qbt1bnb7w5Rr8QwAW+VJAXdZ+PVrchWoKR0Rkvdqr+y5CYfaXua tExWgLl36/w10oypOtsr/+MMwTK3saQT3py0NOoiMcuTYT5Msh2KFRSKboepHVQ/FZn9 4O91OB4kaWDSfNfpXgarV+IPij95tRZHa4pFiqoahChGpbK7EWksV83fZOzRD8Sxij3f 4P8CKjJx9HhYEdU70kYUIdSUMeJq6JXOPgD3eNSVVqKeXuuIcY/IrDPrRbBH6Bhpsa1+ Em3X8gGEoZ1Zb8WUf01xVS3+kbhg+kl7qKEXsFSo2lTminWGoGjxpEIbA99eiX6XjD1Q JXCA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=DcDIPhkH; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-97723-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-97723-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id n6-20020aa7c446000000b00564881ab962si289141edr.205.2024.03.08.17.11.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Mar 2024 17:11:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-97723-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=DcDIPhkH; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-97723-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-97723-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 88FBC1F213C0 for ; Sat, 9 Mar 2024 01:11:45 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 55B522D042; Sat, 9 Mar 2024 01:09:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="DcDIPhkH" Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC2B023741 for ; Sat, 9 Mar 2024 01:09:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.202 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709946592; cv=none; b=lCbEfnBJCAq/8QFXVyLm0rW8ZTV5En3RdLPlseN6U8CDar5Xf+u+R65TLtVK41vYSS4clJoQC9qemg8PViDX1eFWXj2BxO/VK6Zk9+O/2oZKCsKxbJeChieVAH6JiIpnWiUP8vv6hkP6xhbAQAGnUnoswTi+gcxRXaKIkJyxYmg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709946592; c=relaxed/simple; bh=pFTfX6iZ1Av6zueA4bsWCN2aQ5NYvSaaP8k39tdO/qM=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=ZTCw9mdqHqRODLkaSCxZ/ZQCVyRE5TPMQLumBA8pAPRFlnyWj+EANbs/i3MulaP+Ve/xya1jTO8mpSbUjLDqi1Yg/57G9a3oBbBexV5Y8uX94JpY+HS2nB6KjBHoJNIiWU6sRUO7SvoMJXVA2M1ulJigwCfdm4i8nmRhTA+8vAE= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=DcDIPhkH; arc=none smtp.client-ip=209.85.219.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-dc6b26ce0bbso5637181276.1 for ; Fri, 08 Mar 2024 17:09:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709946590; x=1710551390; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=KHsK4PsKTic4mEiyDeXzOn255RqCA20uAznQ1bSFzaA=; b=DcDIPhkHUmysH3Y0TXJ6f42reNgGPRYwJ7d5pAArEpKw95XynkYbg3nX1HQDZnVJkT MGUgkxpwSuRUez2tbDwENhrcl7iF6q39Rcg9wEW+GVMhLNBtbmyr5I1xA9deXRkt+Yn8 xKO5MZNOIy+O+zYQJWLD226t7dajg96OTSRLYNUvBqa7HSkzKEBCHqgLU69UGLhM+Ra+ z/wp4+DFk5h+7ETohk0ad/Fmm9FvHuLvYDqhPUIrtX0HniBUvwpSGr0yiO/Z2aobPufv ZEueSir1eMJUljPUluh64QhcrpywZ8qAPg7JKiID/vQLEGiIaAlT25Nku5E4KBeiRIJL Qf2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709946590; x=1710551390; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=KHsK4PsKTic4mEiyDeXzOn255RqCA20uAznQ1bSFzaA=; b=foF2s2X9R55YiSGW5NpuYvGDp3diInSCZBwzB7+ChVMCKUH8yCO53lcEgAG2ibBgUn g9aNu7jK1ksCWEqjlitsZ+5KOMIJgcyeP+Sk0p6uHO135vyoFUkmozGHu4Ium4cuVo/B n3eLQPEW96bTOllpQBN0PBXv9piLYaoAvLV6HhZoyFOPuNm78UPmzLmwNHopb7/3D99W xJ+PiTrM2JoCaJMloxWXJGO9rGtLwBOsXJcCGmYmnqKY0gLrpgM6dt+BtPulAjWUu9QY 6XHCxNVZdv/JpM+L/dzLsSJfSOfnwEjZ4MyzFS1MQ99eIm2y1Q6q6xLmnro9ipZ2RnLi 3DBg== X-Forwarded-Encrypted: i=1; AJvYcCUzCmsZ05W72GseKAp1N6Glvof7kDbSGtqv9qCn+ibQrolXtHEpech2cDStlvcOAAadfAk+0MOPaXGH1a5T61gjAS0ooLaZaHUFW00q X-Gm-Message-State: AOJu0Yz94jFjYKWErS1HxpWiTTFPSwvjMbDlX3/+To41uNJEQhrypo2r bCEnCKR5uiEIPzkQ9xr9mxGPHHtnyE6pA6K/BjiXrr6j5st1iWmvyi6RfuhWHcuBFrMVqSqQhfF IXQ== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:1886:b0:dcd:3172:7279 with SMTP id cj6-20020a056902188600b00dcd31727279mr118649ybb.8.1709946589958; Fri, 08 Mar 2024 17:09:49 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Mar 2024 17:09:29 -0800 In-Reply-To: <20240309010929.1403984-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240309010929.1403984-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.278.ge034bb2e1d-goog Message-ID: <20240309010929.1403984-6-seanjc@google.com> Subject: [PATCH 5/5] KVM: VMX: Always honor guest PAT on CPUs that support self-snoop From: Sean Christopherson To: Paolo Bonzini , Sean Christopherson , Lai Jiangshan , "Paul E. McKenney" , Josh Triplett Cc: kvm@vger.kernel.org, rcu@vger.kernel.org, linux-kernel@vger.kernel.org, Kevin Tian , Yan Zhao , Yiwei Zhang Content-Type: text/plain; charset="UTF-8" Unconditionally honor guest PAT on CPUs that support self-snoop, as Intel has confirmed that CPUs that support self-snoop always snoop caches and store buffers. I.e. CPUs with self-snoop maintain cache coherency even in the presence of aliased memtypes, thus there is no need to trust the guest behaves and only honor PAT as a last resort, as KVM does today. Honoring guest PAT is desirable for use cases where the guest has access to non-coherent DMA _without_ bouncing through VFIO, e.g. when a virtual (mediated, for all intents and purposes) GPU is exposed to the guest, along with buffers that are consumed directly by the physical GPU, i.e. which can't be proxied by the host to ensure writes from the guest are performed with the correct memory type for the GPU. Cc: Yiwei Zhang Suggested-by: Yan Zhao Suggested-by: Kevin Tian Signed-off-by: Sean Christopherson --- arch/x86/kvm/mmu/mmu.c | 8 +++++--- arch/x86/kvm/vmx/vmx.c | 10 ++++++---- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 403cd8f914cd..7fa514830628 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -4622,14 +4622,16 @@ static int kvm_tdp_mmu_page_fault(struct kvm_vcpu *vcpu, bool kvm_mmu_may_ignore_guest_pat(void) { /* - * When EPT is enabled (shadow_memtype_mask is non-zero), and the VM + * When EPT is enabled (shadow_memtype_mask is non-zero), the CPU does + * not support self-snoop (or is affected by an erratum), and the VM * has non-coherent DMA (DMA doesn't snoop CPU caches), KVM's ABI is to * honor the memtype from the guest's PAT so that guest accesses to * memory that is DMA'd aren't cached against the guest's wishes. As a * result, KVM _may_ ignore guest PAT, whereas without non-coherent DMA, - * KVM _always_ ignores guest PAT (when EPT is enabled). + * KVM _always_ ignores or honors guest PAT, i.e. doesn't toggle SPTE + * bits in response to non-coherent device (un)registration. */ - return shadow_memtype_mask; + return !static_cpu_has(X86_FEATURE_SELFSNOOP) && shadow_memtype_mask; } int kvm_tdp_page_fault(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 17a8e4fdf9c4..5dc4c24ae203 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7605,11 +7605,13 @@ static u8 vmx_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio) /* * Force WB and ignore guest PAT if the VM does NOT have a non-coherent - * device attached. Letting the guest control memory types on Intel - * CPUs may result in unexpected behavior, and so KVM's ABI is to trust - * the guest to behave only as a last resort. + * device attached and the CPU doesn't support self-snoop. Letting the + * guest control memory types on Intel CPUs without self-snoop may + * result in unexpected behavior, and so KVM's (historical) ABI is to + * trust the guest to behave only as a last resort. */ - if (!kvm_arch_has_noncoherent_dma(vcpu->kvm)) + if (!static_cpu_has(X86_FEATURE_SELFSNOOP) && + !kvm_arch_has_noncoherent_dma(vcpu->kvm)) return (MTRR_TYPE_WRBACK << VMX_EPT_MT_EPTE_SHIFT) | VMX_EPT_IPAT_BIT; return (MTRR_TYPE_WRBACK << VMX_EPT_MT_EPTE_SHIFT); -- 2.44.0.278.ge034bb2e1d-goog