From: Binbin Wu <binbin.wu@linux•intel.com>
To: Sean Christopherson <seanjc@google•com>, Yan Zhao <yan.y.zhao@intel•com>
Cc: kvm@vger•kernel.org, David Hildenbrand <david@redhat•com>,
Yu Zhang <yu.c.zhang@linux•intel.com>,
linux-kernel@vger•kernel.org, linux-mm@kvack•org,
Chao Peng <chao.p.peng@linux•intel.com>,
linux-riscv@lists•infradead.org,
Isaku Yamahata <isaku.yamahata@gmail•com>,
Paul Moore <paul@paul-moore•com>, Marc Zyngier <maz@kernel•org>,
Huacai Chen <chenhuacai@kernel•org>,
James Morris <jmorris@namei•org>,
"Matthew Wilcox \(Oracle\)" <willy@infradead•org>,
Wang <wei.w.wang@intel•com>, Fuad Tabba <tabba@google•com>,
Jarkko Sakkinen <jarkko@kernel•org>,
"Serge E. Hallyn" <serge@hallyn•com>,
Maciej Szmigiero <mail@maciej•szmigiero.name>,
Albert Ou <aou@eecs•berkeley.edu>,
Vlastimil Babka <vbabka@suse•cz>,
Michael Roth <michael.roth@amd•com>,
Ackerley Tng <ackerleytng@google•com>,
Paul Walmsley <paul.walmsley@sifive•com>,
kvmarm@lists•linux.dev, linux-arm-kernel@lists•infradead.org,
Isaku Yamahata <isaku.yamahata@intel•com>,
Quentin Perret <qperret@google•com>,
Liam Merwick <liam.merwick@orac le.com>,
linux-mips@vger•kernel.org, Oliver Upton <oliver.upton@linux•dev>,
linux-security-module@vger•kernel.org,
Palmer Dabbelt <palmer@dabbelt•com>,
"Kirill A . Shutemov" <kirill.shutemov@linux•intel.com>,
kvm-riscv@lists•infradead.org, Anup Patel <anup@brainfault•org>,
linux-fsdevel@vger•kernel.org,
Paolo Bonzini <pbonzini@redhat•com>,
Andrew Morton <akpm@linux-foundation•org>,
Vishal Annapurve <vannapurve@google•com>,
linuxppc-dev@lists•ozlabs.org, Xu Yilun <yilun.xu@intel•com>,
Anish Moorthy <amoorthy@google•com>
Subject: Re: [RFC PATCH v12 18/33] KVM: x86/mmu: Handle page fault for private memory
Date: Thu, 21 Sep 2023 13:51:34 +0800 [thread overview]
Message-ID: <ef36db9d-bb9c-e042-2617-830cf44602de@linux.intel.com> (raw)
In-Reply-To: <ZQRpiOd1DNDDJQ3r@google.com>
On 9/15/2023 10:26 PM, Sean Christopherson wrote:
> On Fri, Sep 15, 2023, Yan Zhao wrote:
>> On Wed, Sep 13, 2023 at 06:55:16PM -0700, Sean Christopherson wrote:
>> ....
>>> +static void kvm_mmu_prepare_memory_fault_exit(struct kvm_vcpu *vcpu,
>>> + struct kvm_page_fault *fault)
>>> +{
>>> + kvm_prepare_memory_fault_exit(vcpu, fault->gfn << PAGE_SHIFT,
>>> + PAGE_SIZE, fault->write, fault->exec,
>>> + fault->is_private);
>>> +}
>>> +
>>> +static int kvm_faultin_pfn_private(struct kvm_vcpu *vcpu,
>>> + struct kvm_page_fault *fault)
>>> +{
>>> + int max_order, r;
>>> +
>>> + if (!kvm_slot_can_be_private(fault->slot)) {
>>> + kvm_mmu_prepare_memory_fault_exit(vcpu, fault);
>>> + return -EFAULT;
>>> + }
>>> +
>>> + r = kvm_gmem_get_pfn(vcpu->kvm, fault->slot, fault->gfn, &fault->pfn,
>>> + &max_order);
>>> + if (r) {
>>> + kvm_mmu_prepare_memory_fault_exit(vcpu, fault);
>>> + return r;
>>> + }
>>> +
>>> + fault->max_level = min(kvm_max_level_for_order(max_order),
>>> + fault->max_level);
>>> + fault->map_writable = !(fault->slot->flags & KVM_MEM_READONLY);
>>> +
>>> + return RET_PF_CONTINUE;
>>> +}
>>> +
>>> static int __kvm_faultin_pfn(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault)
>>> {
>>> struct kvm_memory_slot *slot = fault->slot;
>>> @@ -4293,6 +4356,14 @@ static int __kvm_faultin_pfn(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault
>>> return RET_PF_EMULATE;
>>> }
>>>
>>> + if (fault->is_private != kvm_mem_is_private(vcpu->kvm, fault->gfn)) {
>> In patch 21,
>> fault->is_private is set as:
>> ".is_private = kvm_mem_is_private(vcpu->kvm, cr2_or_gpa >> PAGE_SHIFT)",
>> then, the inequality here means memory attribute has been updated after
>> last check.
>> So, why an exit to user space for converting is required instead of a mere retry?
>>
>> Or, is it because how .is_private is assigned in patch 21 is subjected to change
>> in future?
> This. Retrying on SNP or TDX would hang the guest. I suppose we could special
> case VMs where .is_private is derived from the memory attributes, but the
> SW_PROTECTED_VM type is primary a development vehicle at this point. I'd like to
> have it mimic SNP/TDX as much as possible; performance is a secondary concern.
So when .is_private is derived from the memory attributes, and if I
didn't miss
anything, there is no explicit conversion mechanism introduced yet so
far, does
it mean for pure sw-protected VM (withouth SNP/TDX), the page fault will be
handled according to the memory attributes setup by host/user vmm, no
implicit
conversion will be triggered, right?
>
> E.g. userspace needs to be prepared for "spurious" exits due to races on SNP and
> TDX, which this can theoretically exercise. Though the window is quite small so
> I doubt that'll actually happen in practice; which of course also makes it less
> important to retry instead of exiting.
next prev parent reply other threads:[~2023-09-21 5:52 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-14 1:54 [RFC PATCH v12 00/33] KVM: guest_memfd() and per-page attributes Sean Christopherson
2023-09-14 1:54 ` [RFC PATCH v12 01/33] KVM: Tweak kvm_hva_range and hva_handler_t to allow reusing for gfn ranges Sean Christopherson
2023-09-15 6:47 ` Xiaoyao Li
2023-09-15 21:05 ` Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 02/33] KVM: Use gfn instead of hva for mmu_notifier_retry Sean Christopherson
2023-09-14 3:07 ` Binbin Wu
2023-09-14 14:19 ` Sean Christopherson
2023-09-20 6:07 ` Xu Yilun
2023-09-20 13:55 ` Sean Christopherson
2023-09-21 2:39 ` Xu Yilun
2023-09-21 14:24 ` Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 03/33] KVM: PPC: Drop dead code related to KVM_ARCH_WANT_MMU_NOTIFIER Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 04/33] KVM: PPC: Return '1' unconditionally for KVM_CAP_SYNC_MMU Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 05/33] KVM: Convert KVM_ARCH_WANT_MMU_NOTIFIER to CONFIG_KVM_GENERIC_MMU_NOTIFIER Sean Christopherson
2023-10-09 16:42 ` Anup Patel
2023-09-14 1:55 ` [RFC PATCH v12 06/33] KVM: Introduce KVM_SET_USER_MEMORY_REGION2 Sean Christopherson
2023-09-15 6:59 ` Xiaoyao Li
2023-09-14 1:55 ` [RFC PATCH v12 07/33] KVM: Add KVM_EXIT_MEMORY_FAULT exit to report faults to userspace Sean Christopherson
2023-09-22 6:03 ` Xiaoyao Li
2023-09-22 14:30 ` Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 08/33] KVM: Add a dedicated mmu_notifier flag for reclaiming freed memory Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 09/33] KVM: Drop .on_unlock() mmu_notifier hook Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 10/33] KVM: Set the stage for handling only shared mappings in mmu_notifier events Sean Christopherson
2023-09-18 1:14 ` Binbin Wu
2023-09-18 15:57 ` Sean Christopherson
2023-09-18 18:07 ` Michael Roth
2023-09-19 0:08 ` Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 11/33] KVM: Introduce per-page memory attributes Sean Christopherson
2023-09-15 6:32 ` Yan Zhao
2023-09-20 21:00 ` Sean Christopherson
2023-09-21 1:21 ` Yan Zhao
2023-09-25 17:37 ` Sean Christopherson
2023-09-18 7:51 ` Binbin Wu
2023-09-20 21:03 ` Sean Christopherson
2023-09-27 5:19 ` Binbin Wu
2023-10-03 12:47 ` Fuad Tabba
2023-10-03 15:59 ` Sean Christopherson
2023-10-03 18:33 ` Fuad Tabba
2023-10-03 20:51 ` Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 12/33] mm: Add AS_UNMOVABLE to mark mapping as completely unmovable Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 13/33] security: Export security_inode_init_security_anon() for use by KVM Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 14/33] KVM: Add KVM_CREATE_GUEST_MEMFD ioctl() for guest-specific backing memory Sean Christopherson
2023-09-15 6:11 ` Yan Zhao
2023-09-18 16:36 ` Michael Roth
2023-09-20 23:44 ` Sean Christopherson
2023-09-19 9:01 ` Binbin Wu
2023-09-20 14:24 ` Sean Christopherson
2023-09-21 5:58 ` Binbin Wu
2023-09-21 19:10 ` Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 15/33] KVM: Add transparent hugepage support for dedicated guest memory Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 16/33] KVM: x86: "Reset" vcpu->run->exit_reason early in KVM_RUN Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 17/33] KVM: x86: Disallow hugepages when memory attributes are mixed Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 18/33] KVM: x86/mmu: Handle page fault for private memory Sean Christopherson
2023-09-15 5:40 ` Yan Zhao
2023-09-15 14:26 ` Sean Christopherson
2023-09-18 0:54 ` Yan Zhao
2023-09-21 14:59 ` Sean Christopherson
2023-09-21 5:51 ` Binbin Wu [this message]
2023-09-14 1:55 ` [RFC PATCH v12 19/33] KVM: Drop superfluous __KVM_VCPU_MULTIPLE_ADDRESS_SPACE macro Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 20/33] KVM: Allow arch code to track number of memslot address spaces per VM Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 21/33] KVM: x86: Add support for "protected VMs" that can utilize private memory Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 22/33] KVM: selftests: Drop unused kvm_userspace_memory_region_find() helper Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 23/33] KVM: selftests: Convert lib's mem regions to KVM_SET_USER_MEMORY_REGION2 Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 24/33] KVM: selftests: Add support for creating private memslots Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 25/33] KVM: selftests: Add helpers to convert guest memory b/w private and shared Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 26/33] KVM: selftests: Add helpers to do KVM_HC_MAP_GPA_RANGE hypercalls (x86) Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 27/33] KVM: selftests: Introduce VM "shape" to allow tests to specify the VM type Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 28/33] KVM: selftests: Add GUEST_SYNC[1-6] macros for synchronizing more data Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 29/33] KVM: selftests: Add x86-only selftest for private memory conversions Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 30/33] KVM: selftests: Add KVM_SET_USER_MEMORY_REGION2 helper Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 31/33] KVM: selftests: Expand set_memory_region_test to validate guest_memfd() Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 32/33] KVM: selftests: Add basic selftest for guest_memfd() Sean Christopherson
2023-09-14 1:55 ` [RFC PATCH v12 33/33] KVM: selftests: Test KVM exit behavior for private memory/access Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ef36db9d-bb9c-e042-2617-830cf44602de@linux.intel.com \
--to=binbin.wu@linux$(echo .)intel.com \
--cc=ackerleytng@google$(echo .)com \
--cc=aou@eecs$(echo .)berkeley.edu \
--cc=chao.p.peng@linux$(echo .)intel.com \
--cc=chenhuacai@kernel$(echo .)org \
--cc=david@redhat$(echo .)com \
--cc=isaku.yamahata@gmail$(echo .)com \
--cc=isaku.yamahata@intel$(echo .)com \
--cc=jarkko@kernel$(echo .)org \
--cc=jmorris@namei$(echo .)org \
--cc=kvm@vger$(echo .)kernel.org \
--cc=kvmarm@lists$(echo .)linux.dev \
--cc=liam.merwick@orac \
--cc=linux-arm-kernel@lists$(echo .)infradead.org \
--cc=linux-kernel@vger$(echo .)kernel.org \
--cc=linux-mm@kvack$(echo .)org \
--cc=linux-riscv@lists$(echo .)infradead.org \
--cc=mail@maciej$(echo .)szmigiero.name \
--cc=maz@kernel$(echo .)org \
--cc=michael.roth@amd$(echo .)com \
--cc=paul.walmsley@sifive$(echo .)com \
--cc=paul@paul-moore$(echo .)com \
--cc=qperret@google$(echo .)com \
--cc=seanjc@google$(echo .)com \
--cc=serge@hallyn$(echo .)com \
--cc=tabba@google$(echo .)com \
--cc=vbabka@suse$(echo .)cz \
--cc=wei.w.wang@intel$(echo .)com \
--cc=willy@infradead$(echo .)org \
--cc=yan.y.zhao@intel$(echo .)com \
--cc=yu.c.zhang@linux$(echo .)intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox