Received: by 2002:ab2:6203:0:b0:1f5:f2ab:c469 with SMTP id o3csp495192lqt; Fri, 19 Apr 2024 01:59:40 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVk2uDncxcdbbq6OhPkka/hUFqf89laJeMP62sp4v/oF3XdE8/jf92xlxmm5YgeX8UMt1PmXz1k6SvbdtwAXEOqVg/jPvCndR+XlflMZQ== X-Google-Smtp-Source: AGHT+IGj0hQeCYoFZ4RrdltG70J28kVtrsvRM5/x4/YepIbqA/qYPPoVgpKO/uXJOHhNmlNxR6Vc X-Received: by 2002:a05:6830:1141:b0:6ea:3851:82d4 with SMTP id x1-20020a056830114100b006ea385182d4mr1424407otq.27.1713517180251; Fri, 19 Apr 2024 01:59:40 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713517180; cv=pass; d=google.com; s=arc-20160816; b=J/ttwEMGxan9B/+hj8dEfBF86agwGoVxMopyqSPI8ucu1/y4+1UoJruVLIQw/eGegr qGVPPq/BCSyc9N4GwS6B4s3wa9yXubUkyNGpzwb/B4aHkUrSqwdrWirE+VVgHwiQGfOe AFv9jGAOzI577+KNJSvBPPO3LNEuE4vWSdvqCURxNMVGQp3Gw79Nn0k2GPkpUY1poPus s1iZ1jPg7p7prfBW72Am0eB1Rz7sJOL9OOiVgpmlgIa0zVtHEflfKwospFRTTqFTq5h/ dbNFe3DMFAeXL50Fl49hxi+1ZD8FaaPCNj3q2lXjWYCVPkYGIdMDzwPJbxh8EFkgcKA4 5O/g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=H3n3T3dQQzJdP5pnfnrGlCZLigrTHAZ95pIVOwtMaJg=; fh=fhNDg/rgS8N1tOOUFS+PxlxZhbe2WE6Cy8nO5yBhacU=; b=Wt2FVs21FeRmKaLzAbk/iIauM4JiDViCF95WEqpHMf8gPOTD98CCQCxUr6SCdHVDfG u7gWw5UlqLmE42qZDow5r32GpX3yqWWV5oSCKX99F85rbydvYbr6FQZICARND1UR3pgc /W7XYkt9CRLmJgDelCNlVjWMReF2GD5+L90CmoRZTXhQ4w6c6/EPE8OoOHg23bKB/GTp sWBHsDCaZR+S6PjfmBc0hnZf3uUAL5YgrDSsJ0bwmneT+EExwIsExRXxps1EF1b2KaZO 5MyXV89auOCF66NbIE9XB3eZfDXjhHjnNVXZylvFeXnPTusWh5LF3RUd2EB7SSjAefLq raQg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=DUgu6JdS; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-151197-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-151197-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id r189-20020a632bc6000000b005db9566a62fsi2979731pgr.697.2024.04.19.01.59.39 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Apr 2024 01:59:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-151197-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=DUgu6JdS; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-151197-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-151197-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id CC687281DC2 for ; Fri, 19 Apr 2024 08:59:39 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id D9D7F757F7; Fri, 19 Apr 2024 08:59:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="DUgu6JdS" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5C24A38D for ; Fri, 19 Apr 2024 08:59:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713517174; cv=none; b=agfGWRYYfFdtk7u9Qf4zZ39fAkYh3lurj5vx7IKeJT9aTUJSx2f/vOU3OocJrNOpr6cpkmPFBCSlTo7uh+7WPvp60CmRGZrUy/DLJpODcz+5zH5hin9MetDWB5I3a1I1zrLZ+0K/6WRkpRLtl3hSDDPKjOpuNhzUKIAJNJEj5JA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713517174; c=relaxed/simple; bh=iRkpDnaskXPP0egnn6MrAKOO3BaX7qM3TsGiRSbbcL0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=oGnwJxvwhyZAHCdlWgNj5ClwmSASJY2nHXKgTp65giMgySuHMg/uveJoIfZhHCE7FZmMKPv+1tp4wduAlKZQe/QjNT4rzQDJD6VyT0Qqinzeuh5c1nZMMxQ4TMV4B9jvHkohdcxDvs3Ckars9I/KB7g55sD83a8CqOYPOZmG5mM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=DUgu6JdS; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1713517171; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=H3n3T3dQQzJdP5pnfnrGlCZLigrTHAZ95pIVOwtMaJg=; b=DUgu6JdStsA60aPgxEVpLivOjch6jqy/qkyWgOmmWQhCBEQv9oxR5UMTRZcIjtr59R55pv lRKJN2luMZxlwcpfMRKo7gWZgwvIEBUxzFlZi7CWo86OxAd+k3DAMJ6fD2K1XJwB9ef5na 0e8YboDV9Mx5xAvEs2X6ZipD5PaDsrA= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-610-lTWG8KZGOyiE9Yfm2zaZqA-1; Fri, 19 Apr 2024 04:59:29 -0400 X-MC-Unique: lTWG8KZGOyiE9Yfm2zaZqA-1 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B27823804073; Fri, 19 Apr 2024 08:59:28 +0000 (UTC) Received: from virtlab701.virt.lab.eng.bos.redhat.com (virtlab701.virt.lab.eng.bos.redhat.com [10.19.152.228]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8024F2037D42; Fri, 19 Apr 2024 08:59:28 +0000 (UTC) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: isaku.yamahata@intel.com, xiaoyao.li@intel.com, binbin.wu@linux.intel.com, seanjc@google.com, rick.p.edgecombe@intel.com Subject: [PATCH 1/6] KVM: Document KVM_PRE_FAULT_MEMORY ioctl Date: Fri, 19 Apr 2024 04:59:22 -0400 Message-ID: <20240419085927.3648704-2-pbonzini@redhat.com> In-Reply-To: <20240419085927.3648704-1-pbonzini@redhat.com> References: <20240419085927.3648704-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.4 From: Isaku Yamahata Adds documentation of KVM_PRE_FAULT_MEMORY ioctl. [1] It populates guest memory. It doesn't do extra operations on the underlying technology-specific initialization [2]. For example, CoCo-related operations won't be performed. Concretely for TDX, this API won't invoke TDH.MEM.PAGE.ADD() or TDH.MR.EXTEND(). Vendor-specific APIs are required for such operations. The key point is to adapt of vcpu ioctl instead of VM ioctl. First, populating guest memory requires vcpu. If it is VM ioctl, we need to pick one vcpu somehow. Secondly, vcpu ioctl allows each vcpu to invoke this ioctl in parallel. It helps to scale regarding guest memory size, e.g., hundreds of GB. [1] https://lore.kernel.org/kvm/Zbrj5WKVgMsUFDtb@google.com/ [2] https://lore.kernel.org/kvm/Ze-TJh0BBOWm9spT@google.com/ Suggested-by: Sean Christopherson Signed-off-by: Isaku Yamahata Message-ID: <9a060293c9ad9a78f1d8994cfe1311e818e99257.1712785629.git.isaku.yamahata@intel.com> Signed-off-by: Paolo Bonzini --- Documentation/virt/kvm/api.rst | 50 ++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index f0b76ff5030d..bbcaa5d2b54b 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -6352,6 +6352,56 @@ a single guest_memfd file, but the bound ranges must not overlap). See KVM_SET_USER_MEMORY_REGION2 for additional details. +4.143 KVM_PRE_FAULT_MEMORY +------------------------ + +:Capability: KVM_CAP_PRE_FAULT_MEMORY +:Architectures: none +:Type: vcpu ioctl +:Parameters: struct kvm_pre_fault_memory (in/out) +:Returns: 0 on success, < 0 on error + +Errors: + + ========== =============================================================== + EINVAL The specified `gpa` and `size` were invalid (e.g. not + page aligned). + ENOENT The specified `gpa` is outside defined memslots. + EINTR An unmasked signal is pending and no page was processed. + EFAULT The parameter address was invalid. + EOPNOTSUPP Mapping memory for a GPA is unsupported by the + hypervisor, and/or for the current vCPU state/mode. + ========== =============================================================== + +:: + + struct kvm_pre_fault_memory { + /* in/out */ + __u64 gpa; + __u64 size; + /* in */ + __u64 flags; + __u64 padding[5]; + }; + +KVM_PRE_FAULT_MEMORY populates KVM's stage-2 page tables used to map memory +for the current vCPU state. KVM maps memory as if the vCPU generated a +stage-2 read page fault, e.g. faults in memory as needed, but doesn't break +CoW. However, KVM does not mark any newly created stage-2 PTE as Accessed. + +In some cases, multiple vCPUs might share the page tables. In this +case, the ioctl can be called in parallel. + +Shadow page tables cannot support this ioctl because they +are indexed by virtual address or nested guest physical address. +Calling this ioctl when the guest is using shadow page tables (for +example because it is running a nested guest with nested page tables) +will fail with `EOPNOTSUPP` even if `KVM_CHECK_EXTENSION` reports +the capability to be present. + +`flags` must currently be zero. + + 5. The kvm_run structure ======================== -- 2.43.0