From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 83F4AC433F5 for ; Thu, 24 Feb 2022 08:08:09 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 06CD68D0002; Thu, 24 Feb 2022 03:08:09 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 01BAE8D0001; Thu, 24 Feb 2022 03:08:08 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E260C8D0002; Thu, 24 Feb 2022 03:08:08 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (relay.hostedemail.com [64.99.140.26]) by kanga.kvack.org (Postfix) with ESMTP id C0F348D0001 for ; Thu, 24 Feb 2022 03:08:08 -0500 (EST) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 6E2EE23062 for ; Thu, 24 Feb 2022 08:08:08 +0000 (UTC) X-FDA: 79176945456.02.B744849 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by imf26.hostedemail.com (Postfix) with ESMTP id 46C5F140005 for ; Thu, 24 Feb 2022 08:08:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1645690087; x=1677226087; h=date:from:to:cc:subject:message-id:reply-to:references: mime-version:in-reply-to; bh=zEoJWzKmpcYe9rSTl+BlseiX6qsVqXPhxybFv18kU3Y=; b=RtWgqQHIYAURx7jS+13WwVctYZ1NVFYCco8HHGqGRbmEmufyBuf91WSr 8T8er7CXO1wqkK2uvhe0N4SUg20E2ruwrukw0PJwyYEIFkkSlARw+JcH4 pI2g2YENX1BIR+VpoYElWd/gChyyhpb2K8Fu/Mi186w7fExb3JLRSUkkI x1fzpkIlcCvS3YODfn7omVMnqDsqFcy9LPJ6KFA7aCv2RL5G+pWdFOLKU aY9IiXy0BYme5lOT64zBaWO8qWkc/P/Vgs0S0kwH08TwR55kvGQZoZ1uP J2QiUhLMS/ma9wSH/8m9RNCA6mdSaCzRPRJZ51ii04tJQQlPFJDMXTaG/ A==; X-IronPort-AV: E=McAfee;i="6200,9189,10267"; a="252096329" X-IronPort-AV: E=Sophos;i="5.88,393,1635231600"; d="scan'208";a="252096329" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Feb 2022 00:08:05 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,393,1635231600"; d="scan'208";a="637745308" Received: from chaop.bj.intel.com (HELO localhost) ([10.240.192.101]) by fmsmga002.fm.intel.com with ESMTP; 24 Feb 2022 00:07:58 -0800 Date: Thu, 24 Feb 2022 16:07:39 +0800 From: Chao Peng To: "Maciej S. Szmigiero" Cc: Yu Zhang , Paolo Bonzini , linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Jonathan Corbet , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , kvm@vger.kernel.org, Borislav Petkov , x86@kernel.org, "H . Peter Anvin" , Hugh Dickins , Jeff Layton , "J . Bruce Fields" , Andrew Morton , "Kirill A . Shutemov" , luto@kernel.org, jun.nakajima@intel.com, dave.hansen@intel.com, ak@linux.intel.com, david@redhat.com, qemu-devel@nongnu.org Subject: Re: [PATCH v4 12/12] KVM: Expose KVM_MEM_PRIVATE Message-ID: <20220224080739.GA6672@chaop.bj.intel.com> Reply-To: Chao Peng References: <20220118132121.31388-1-chao.p.peng@linux.intel.com> <20220118132121.31388-13-chao.p.peng@linux.intel.com> <20220217134548.GA33836@chaop.bj.intel.com> <45148f5f-fe79-b452-f3b2-482c5c3291c4@maciej.szmigiero.name> <20220223120047.GB53733@chaop.bj.intel.com> <7822c00f-5a2d-b6a2-2f81-cf3330801ad3@maciej.szmigiero.name> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <7822c00f-5a2d-b6a2-2f81-cf3330801ad3@maciej.szmigiero.name> User-Agent: Mutt/1.9.4 (2018-02-28) X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 46C5F140005 X-Stat-Signature: 49xmdqppk6zfs6os8jubnq6znaoba89k Authentication-Results: imf26.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=RtWgqQHI; spf=none (imf26.hostedemail.com: domain of chao.p.peng@linux.intel.com has no SPF policy when checking 134.134.136.65) smtp.mailfrom=chao.p.peng@linux.intel.com; dmarc=pass (policy=none) header.from=intel.com X-Rspam-User: X-HE-Tag: 1645690087-695342 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Feb 23, 2022 at 07:32:37PM +0100, Maciej S. Szmigiero wrote: > On 23.02.2022 13:00, Chao Peng wrote: > > On Tue, Feb 22, 2022 at 02:16:46AM +0100, Maciej S. Szmigiero wrote: > > > On 17.02.2022 14:45, Chao Peng wrote: > > > > On Tue, Jan 25, 2022 at 09:20:39PM +0100, Maciej S. Szmigiero wrote: > > > > > On 18.01.2022 14:21, Chao Peng wrote: > > > > > > KVM_MEM_PRIVATE is not exposed by default but architecture code can turn > > > > > > on it by implementing kvm_arch_private_memory_supported(). > > > > > > > > > > > > Also private memslot cannot be movable and the same file+offset can not > > > > > > be mapped into different GFNs. > > > > > > > > > > > > Signed-off-by: Yu Zhang > > > > > > Signed-off-by: Chao Peng > > > > > > --- > > > > > (..) > > > > > > static bool kvm_check_memslot_overlap(struct kvm_memslots *slots, int id, > > > > > > - gfn_t start, gfn_t end) > > > > > > + struct file *file, > > > > > > + gfn_t start, gfn_t end, > > > > > > + loff_t start_off, loff_t end_off) > > > > > > { > > > > > > struct kvm_memslot_iter iter; > > > > > > + struct kvm_memory_slot *slot; > > > > > > + struct inode *inode; > > > > > > + int bkt; > > > > > > kvm_for_each_memslot_in_gfn_range(&iter, slots, start, end) { > > > > > > if (iter.slot->id != id) > > > > > > return true; > > > > > > } > > > > > > + /* Disallow mapping the same file+offset into multiple gfns. */ > > > > > > + if (file) { > > > > > > + inode = file_inode(file); > > > > > > + kvm_for_each_memslot(slot, bkt, slots) { > > > > > > + if (slot->private_file && > > > > > > + file_inode(slot->private_file) == inode && > > > > > > + !(end_off <= slot->private_offset || > > > > > > + start_off >= slot->private_offset > > > > > > + + (slot->npages >> PAGE_SHIFT))) > > > > > > + return true; > > > > > > + } > > > > > > + } > > > > > > > > > > That's a linear scan of all memslots on each CREATE (and MOVE) operation > > > > > with a fd - we just spent more than a year rewriting similar linear scans > > > > > into more efficient operations in KVM. > > > > > (..) > > > > So linear scan is used before I can find a better way. > > > > > > Another option would be to simply not check for overlap at add or move > > > time, declare such configuration undefined behavior under KVM API and > > > make sure in MMU notifiers that nothing bad happens to the host kernel > > > if it turns out somebody actually set up a VM this way (it could be > > > inefficient in this case, since it's not supposed to ever happen > > > unless there is a bug somewhere in the userspace part). > > > > Specific to TDX case, SEAMMODULE will fail the overlapping case and then > > KVM prints a message to the kernel log. It will not cause any other side > > effect, it does look weird however. Yes warn that in the API document > > can help to some extent. > > So for the functionality you are adding this code for (TDX) this scan > isn't necessary and the overlapping case (not supported anyway) is safely > handled by the hardware (or firmware)? Yes, it will be handled by the firmware. > Then I would simply remove the scan and, maybe, add a comment instead > that the overlap check is done by the hardware. Sure. > > By the way, if a kernel log message could be triggered by (misbehaving) > userspace then it should be rate limited (if it isn't already). Thanks for mention. Chao > > > Thanks, > > Chao > > Thanks, > Maciej