Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp1453477lqp; Fri, 22 Mar 2024 15:59:29 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXpWxoKynBPJl/NJ2H6TjMrC297c05EsdPb0PYbyipVOzlLR0GlcZd650xUBT07pTipDM7zoEr1+UVJW6qWRUJWnLZgQ/bGKWr1z0NJGg== X-Google-Smtp-Source: AGHT+IEHuvGm5meckUaS+sfUwFRdomhjFAe0jsGlixbBDS9LX8feMOiQ12EX2H1Vr+D2FfZbqa8m X-Received: by 2002:a17:903:2582:b0:1dc:418f:890b with SMTP id jb2-20020a170903258200b001dc418f890bmr1087219plb.40.1711148369637; Fri, 22 Mar 2024 15:59:29 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711148369; cv=pass; d=google.com; s=arc-20160816; b=0f0JzCljfh0gT6y8+RnEYS4cbLnPzrgfzwRB9NQuWF0rF+ZhvwYyXZqaInul5n5mZ9 VklIDU2T2dQC4hBbAGv+Wl+aZc8v9uxcVekB4buLbtOxFFzRpQbmHpzPNwrJ5R8vR+24 Ako8VIfpgLQXkoPETy/f5aCKf/hPTYR/ZcI7vuLLQ+4Hjfr6e6lGfcfOXly0TguQxp0M phK+/cSN8SepIwg0hzNbQ7oG5pDjXK40BVMFSVItGRze/AeF7BOtbXB021qkIb6gGclX PxN5NLG224woFXUvg66MbrMr4/mQJ4UfYqWm1pZwzxEKjyKzErCKN3uk15vjYw8I/ONc jQog== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:subject:cc:to:from:date:dkim-signature; bh=MH1ZF7dmfwXbCtR1/0KK/VXJo7zrjdhOmhxFWFsiyas=; fh=X7PcPzYR+fpkKS34eYVDJLqN7VuwVGjbmpBFYU38tSE=; b=z6CgnZ/rJEa1v1cMlO8AqEipeSock5/onNWrnd6rBHWoYEVCKYKWiG8gTy8fuXFb3h X9lsnp7kly2oDzg/byvgLGwvoY907ZLhBm1EG4rKeHCgsrABlQnXpWna3RSfr798TUsr 9CYgJGwcH6ex5QSO8bYkfBfHIMCMuIu5f3GFNhCc9ygv+qHD1QZchElOnokLIrJPa22j qz1FhbbRTEm51njQfCK+2GrLwLuidyv9/vZengy3YcNfjuXP1MmyMrbp/GU+DZdyEUtX zULSmEKW/4kHd7y1t8kWSqRnLftDp7H25/BtaeZwpZSAtV1e44+nH9+CRHy/GjUFXGhW K0hQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=DidtImfK; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-kernel+bounces-112082-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-112082-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id n18-20020a170902969200b001e09f99e94asi397738plp.605.2024.03.22.15.59.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Mar 2024 15:59:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-112082-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=DidtImfK; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-kernel+bounces-112082-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-112082-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id B5509B23016 for ; Fri, 22 Mar 2024 22:57:53 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B0BEF82C76; Fri, 22 Mar 2024 22:57:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="DidtImfK" Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 54E0D82891; Fri, 22 Mar 2024 22:57:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.18 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711148259; cv=none; b=i20D8vnpfn9RwiLAZfvQSXB/+LF04Oa7TK7bbyncdovrOr8Gp88sxHRDoqc/Yym+Am4jy3YWjY4+kwAEKq2Y7rgpzRtmLis/oIZVwMYK84eQ9gOijQ4ocoYP4dpYawdpTRpNnOXQToPXGkZ6CY/9uYxt1Bug68r1jzg861Lbats= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711148259; c=relaxed/simple; bh=96QHhdKY87Blduh4L8mp6CXq1rB2HO56b84NtbHpKTg=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=HmN5Q7td3Cg/yXxRLB+aTC5x4UjfexbUz75sYtClnbkPv0Lyy5Lmh5AtKffyXnXTmoUR/ESE6vjw9wzMeJLKOuUN9Oq5doJdq3KlQ5Qzx61QaYxRzHZX7+bKqQ3rH2TyLjLY2AXNa2duRAh4yhysiGpf6J/nhv2jd3TYE2ftvpI= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=DidtImfK; arc=none smtp.client-ip=192.198.163.18 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1711148258; x=1742684258; h=date:from:to:cc:subject:message-id:references: mime-version:content-transfer-encoding:in-reply-to; bh=96QHhdKY87Blduh4L8mp6CXq1rB2HO56b84NtbHpKTg=; b=DidtImfKk6SE3o7GTC3TQNt/lRaMslL2pJDqquj3aXsczfbgLSkFY/T6 GioOZPeqjMX6fIm6kPi7jVw8Ac42lo2V1C3KX5rfZNwAH7SOMj5ZrPgbl h13KqMuA5QD03KD1KSzM+lpBG9dK12G0MQ/LLnX7573n3l1TbIvW2JiB3 Ke4HEAI2nrP0KXy8u63Vwfr5vej2xKa0AwhAJnpmewV/8uAvu1uUg1B09 jf7FnqqtUS8c2TCrDW1Q9UFCE+Y5l7Ujzk9qfVpC+UPv+s6XGRdx9YYYZ lU3uhi9G6lM0JUt/qfWRoT6M+ygTaALVGtVe90ii9ZXQrFt55nlVIUZjf A==; X-IronPort-AV: E=McAfee;i="6600,9927,11021"; a="6048104" X-IronPort-AV: E=Sophos;i="6.07,147,1708416000"; d="scan'208";a="6048104" Received: from orviesa007.jf.intel.com ([10.64.159.147]) by fmvoesa112.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Mar 2024 15:57:37 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,147,1708416000"; d="scan'208";a="15470498" Received: from ls.sc.intel.com (HELO localhost) ([172.25.112.31]) by orviesa007-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Mar 2024 15:57:38 -0700 Date: Fri, 22 Mar 2024 15:57:36 -0700 From: Isaku Yamahata To: "Edgecombe, Rick P" Cc: "Yamahata, Isaku" , "Zhang, Tina" , "Yuan, Hang" , "Huang, Kai" , "Chen, Bo2" , "sagis@google.com" , "isaku.yamahata@linux.intel.com" , "linux-kernel@vger.kernel.org" , "Aktas, Erdem" , "kvm@vger.kernel.org" , "pbonzini@redhat.com" , "seanjc@google.com" , "isaku.yamahata@gmail.com" Subject: Re: [PATCH v19 120/130] KVM: TDX: Add a method to ignore dirty logging Message-ID: <20240322225736.GC1994522@ls.amr.corp.intel.com> References: <1491dd247829bf1a29df1904aeed5ed6b464d29c.1708933498.git.isaku.yamahata@intel.com> <20240315013511.GF1258280@ls.amr.corp.intel.com> <20240318171218.GA1645738@ls.amr.corp.intel.com> <6986b1ddf25f064d3609793979ca315567d7e875.camel@intel.com> <20240318231656.GC1645738@ls.amr.corp.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20240318231656.GC1645738@ls.amr.corp.intel.com> On Mon, Mar 18, 2024 at 04:16:56PM -0700, Isaku Yamahata wrote: > On Mon, Mar 18, 2024 at 05:43:33PM +0000, > "Edgecombe, Rick P" wrote: > > > On Mon, 2024-03-18 at 10:12 -0700, Isaku Yamahata wrote: > > > I categorize as follows. Unless otherwise, I'll update this series. > > > > > > - dirty log check > > >   As we will drop this ptach, we'll have no call site. > > > > > > - KVM_BUG_ON() in main.c > > >   We should drop them because their logic isn't complex. > > What about "KVM: TDX: Add methods to ignore guest instruction > > emulation"? Is it cleanly blocked somehow? > > KVM fault handler, kvm_mmu_page_fault(), is the caller into the emulation, > It should skip the emulation. > > As the second guard, x86_emulate_instruction(), calls > check_emulate_instruction() callback to check if the emulation can/should be > done. TDX callback can return it as X86EMUL_UNHANDLEABLE. Then, the flow goes > to user space as error. I'll update the vt_check_emulate_instruction(). Oops. It was wrong. It should be X86EMUL_RETRY_INSTR. RETRY_INSTR means, let vcpu execute the intrusion again, UNHANDLEABLE means, emulator can't emulate, inject exception or give up with KVM_EXIT_INTERNAL_ERROR. For TDX, we'd like to inject #VE to the guest so that the guest #VE handler can issue TDG.VP.VMCALL. The default non-present sept value has #VE suppress bit set. As first step, EPT violation occurs. then KVM sets up mmio_spte with #VE suppress bit cleared. Then X86EMUL_RETRY_INSTR tells kvm to resume vcpu to inject #VE. -- Isaku Yamahata