Received: by 2002:ab2:710b:0:b0:1ef:a325:1205 with SMTP id z11csp762067lql; Mon, 11 Mar 2024 17:40:14 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUyybzMvHFTqH8no92ZVc+k9h0Rg3+IhvInLgqr9MZHFAV+CyobeKqZlPskCjGqCVloPNbJeuPx4aC+vbI0hrvusMZIDR3RWC1vfRH2mQ== X-Google-Smtp-Source: AGHT+IG499M+A0nVaIwGQMllShPNx/B5xEqf6/e2BrDwbMOl3mTG0LutWb9XHNGogPBrwIPMetGv X-Received: by 2002:a25:b214:0:b0:dcf:288e:21ca with SMTP id i20-20020a25b214000000b00dcf288e21camr5813549ybj.11.1710204014303; Mon, 11 Mar 2024 17:40:14 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710204014; cv=pass; d=google.com; s=arc-20160816; b=QO6IO6UAv0pNOvijO1GfI+WI788CX9bbnjZgEiOM393I9tWVBPfj3lKCeO3S/zUT1L 9xa7UrgRTzGHTp9Mhjz4uFIA8Whq12jvwA+BtNITYpl1N4dw8s41IcpECbQGR6ECC1wi ILa6kOsh+cbOILjQv14AsRRFafNG+0wdwCy7kcx9HEvgjbAxax/FsDxk3Kh2q/rAl4+K hJzmUXl+tOixXvfktUYP7jzCCsp1zmNcaT+SMAhuXEyWLD99HHYsKVMrase5jNiUROWa 8PP5avL4K0FgDqdNpH+y4NbnEw+URf0O8jMXxibo+lq8XOjO3GTAIBmybWmqadrNaiO1 8i1g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:references:cc:to:subject:from :user-agent:mime-version:list-unsubscribe:list-subscribe:list-id :precedence:date:message-id:dkim-signature; bh=8bVq7EWkFirTznnZuA/Gn+Ru6VgFaf0u9MsfmSuRBsM=; fh=wvhsEN5wdZpeT3jt6CIENZ5oHABDPvDvbGU+3XTBurI=; b=cBrPlqh69YFsEXwimqxTVTVRrC50Ej+LbliOvyDkmzcQdedWjcShiuWgolozBfAxMW h/pq95btq19JX6I1XO7FG9aRL6rEsdu5bQrA/xOs81kmaEUoSwz8pJsCy/C04b9lo28R Sr8THFDQRcoUn9GI10iZT93x5+9VymqGO/bP7nS6EO43ysPMlZVyhbk+8m2d9oQk3AZB vnGrHMSptrdX28ljlbQX62jR437KjVWJMwBYnozwuhxLayg2l/Rn6lYtdJcLFzR8bCby GKSVkZ4QjBQ+DGhQAADHzChf2MXh26P0rUNWCuy3SPKG2pnBdlMZ/r6EKsJON+OCICD7 IkmA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=TYeK7gbU; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-99702-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-99702-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id v6-20020ac85786000000b0042f1b27c480si6585378qta.520.2024.03.11.17.40.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Mar 2024 17:40:14 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-99702-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=TYeK7gbU; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-99702-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-99702-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id F25D41C20DC3 for ; Tue, 12 Mar 2024 00:40:13 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1D0BD15BB; Tue, 12 Mar 2024 00:40:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="TYeK7gbU" Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3C15063C; Tue, 12 Mar 2024 00:40:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.14 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710204004; cv=none; b=aAveOlbGuNVA5abAlIXVRTX1CFGFazN/kNeQ9CjPMwexl/9AkKxhd/tUbpzuI3P+2506pz/USbZ4QOnoHRfKOr5GfUIoR0mD7OCMPid5msMsUjh2IfxNG/c0d2qzpdwnLK6Qndf3qxKlud/aYTDxh7JPMfXADoPMRmCkftPyvLc= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710204004; c=relaxed/simple; bh=TVP1c9LRa4PI7mhKO6pbClkiwq07NdPr2Iczsma9oJg=; h=Message-ID:Date:MIME-Version:From:Subject:To:Cc:References: In-Reply-To:Content-Type; b=X+E+m1RSxxN6U8FaDClwRkhLYisQBRmxGG3S01eQgwGcC64khd3WeBIShUPdpx4J2VTasBZzNHmBQYQpw2sSjsWCYK+GT7lMdYdtCVyrMzbdjEczYAh8hoiDwTbFdOa8bahMZgUwP3QhxponKjoKdPCq7UgIb2baCbM5H/iRdWo= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=TYeK7gbU; arc=none smtp.client-ip=192.198.163.14 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1710204002; x=1741740002; h=message-id:date:mime-version:from:subject:to:cc: references:in-reply-to:content-transfer-encoding; bh=TVP1c9LRa4PI7mhKO6pbClkiwq07NdPr2Iczsma9oJg=; b=TYeK7gbU7gnoI33tXvGWqcxtew1sDQCvx0rBZURx1HxuD6aV26TXJqpw Tty9ntKKPSWFt7WKHEn7mBTuajGmWMkl99FbJbsSWpKZ7ZABlE+HyZDTB l3FESIZC4byJkAcmPfIwPkJsXvgnkb5Z7ycrJMcO9XyOBQ/uhteWbb2tP wlAurUc4g3LHQD1ttxHX+CTR7zcikpTzVRy8KCACKaXr8LH6KVV4xr26I 9iDyUn1BFWOlRoBqFdYDeyozAVPVJ6k9zXIlD2wL5C0UbyUOlRUocAExf cqWTxiYUU9hjCGlSiMVU13/nsKodn71nNE6Qez/XS2tZY4zbgRqhWo2xB Q==; X-IronPort-AV: E=McAfee;i="6600,9927,11010"; a="5078310" X-IronPort-AV: E=Sophos;i="6.07,118,1708416000"; d="scan'208";a="5078310" Received: from fmviesa005.fm.intel.com ([10.60.135.145]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Mar 2024 17:40:01 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,118,1708416000"; d="scan'208";a="15835061" Received: from binbinwu-mobl.ccr.corp.intel.com (HELO [10.125.242.247]) ([10.125.242.247]) by fmviesa005-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Mar 2024 17:39:59 -0700 Message-ID: Date: Tue, 12 Mar 2024 08:39:57 +0800 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird From: Binbin Wu Subject: Re: [PATCH 21/21] KVM: x86: Add gmem hook for determining max NPT mapping level To: Paolo Bonzini , michael.roth@amd.com Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, seanjc@google.com, isaku.yamahata@intel.com, thomas.lendacky@amd.com References: <20240227232100.478238-1-pbonzini@redhat.com> <20240227232100.478238-22-pbonzini@redhat.com> In-Reply-To: <20240227232100.478238-22-pbonzini@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 2/28/2024 7:21 AM, Paolo Bonzini wrote: > From: Michael Roth > > In the case of SEV-SNP, whether or not a 2MB page can be mapped via a > 2MB mapping in the guest's nested page table depends on whether or not > any subpages within the range have already been initialized as private > in the RMP table. The existing mixed-attribute tracking in KVM is > insufficient here, for instance: > > - gmem allocates 2MB page > - guest issues PVALIDATE on 2MB page > - guest later converts a subpage to shared > - SNP host code issues PSMASH to split 2MB RMP mapping to 4K > - KVM MMU splits NPT mapping to 4K Is here a sentence missing that "guest converts the shared subpage back to private"? Otherwise, it conflicts with the following statement "there are no mixed attributes". > At this point there are no mixed attributes, and KVM would normally > allow for 2MB NPT mappings again, but this is actually not allowed > because the RMP table mappings are 4K and cannot be promoted on the > hypervisor side, so the NPT mappings must still be limited to 4K to > match this. > > Add a hook to determine the max NPT mapping size in situations like > this. > > Signed-off-by: Michael Roth > Message-Id:<20231230172351.574091-31-michael.roth@amd.com> > Signed-off-by: Paolo Bonzini > --- > arch/x86/include/asm/kvm-x86-ops.h | 1 + > arch/x86/include/asm/kvm_host.h | 1 + > arch/x86/kvm/mmu/mmu.c | 7 +++++++ > 3 files changed, 9 insertions(+) > > diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h > index 42474acb7375..436e3c157fae 100644 > --- a/arch/x86/include/asm/kvm-x86-ops.h > +++ b/arch/x86/include/asm/kvm-x86-ops.h > @@ -140,6 +140,7 @@ KVM_X86_OP(vcpu_deliver_sipi_vector) > KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons); > KVM_X86_OP_OPTIONAL(get_untagged_addr) > KVM_X86_OP_OPTIONAL_RET0(gmem_prepare) > +KVM_X86_OP_OPTIONAL_RET0(gmem_validate_fault) > KVM_X86_OP_OPTIONAL(gmem_invalidate) > > #undef KVM_X86_OP > diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h > index e523b204697d..259e6bb1e447 100644 > --- a/arch/x86/include/asm/kvm_host.h > +++ b/arch/x86/include/asm/kvm_host.h > @@ -1806,6 +1806,7 @@ struct kvm_x86_ops { > gva_t (*get_untagged_addr)(struct kvm_vcpu *vcpu, gva_t gva, unsigned int flags); > int (*gmem_prepare)(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); > void (*gmem_invalidate)(kvm_pfn_t start, kvm_pfn_t end); > + int (*gmem_validate_fault)(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, u8 *max_level); > }; > > struct kvm_x86_nested_ops { > diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c > index 6b4cb71668df..bcf12ac489f9 100644 > --- a/arch/x86/kvm/mmu/mmu.c > +++ b/arch/x86/kvm/mmu/mmu.c > @@ -4339,6 +4339,13 @@ static int kvm_faultin_pfn_private(struct kvm_vcpu *vcpu, > fault->max_level); > fault->map_writable = !(fault->slot->flags & KVM_MEM_READONLY); > > + r = static_call(kvm_x86_gmem_validate_fault)(vcpu->kvm, fault->pfn, > + fault->gfn, &fault->max_level); > + if (r) { > + kvm_release_pfn_clean(fault->pfn); > + return r; > + } > + > return RET_PF_CONTINUE; > } >