From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 11BE1C05025
	for <linux-mm@archiver.kernel.org>; Wed, 20 Sep 2023 21:00:28 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 55A136B019D; Wed, 20 Sep 2023 17:00:27 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 50A7A6B019F; Wed, 20 Sep 2023 17:00:27 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 3AAC66B01A3; Wed, 20 Sep 2023 17:00:27 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14])
	by kanga.kvack.org (Postfix) with ESMTP id 2737B6B019D
	for <linux-mm@kvack.org>; Wed, 20 Sep 2023 17:00:27 -0400 (EDT)
Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay08.hostedemail.com (Postfix) with ESMTP id D6DE4140392
	for <linux-mm@kvack.org>; Wed, 20 Sep 2023 21:00:26 +0000 (UTC)
X-FDA: 81258194052.29.0A98244
Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201])
	by imf21.hostedemail.com (Postfix) with ESMTP id 09BCF1C000A
	for <linux-mm@kvack.org>; Wed, 20 Sep 2023 21:00:24 +0000 (UTC)
Authentication-Results: imf21.hostedemail.com;
	dkim=pass header.d=google.com header.s=20230601 header.b=sU0DYYay;
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf21.hostedemail.com: domain of 3aF0LZQYKCH8vhdqmfjrrjoh.frpolqx0-ppnydfn.ruj@flex--seanjc.bounces.google.com designates 209.85.219.201 as permitted sender) smtp.mailfrom=3aF0LZQYKCH8vhdqmfjrrjoh.frpolqx0-ppnydfn.ruj@flex--seanjc.bounces.google.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1695243625;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=WD85YU6GCdPtOsLZeVlIeZZfzAYdtoOH/7wu6gyWXNI=;
	b=ZA2WDiNBzIqI8tQeJPsSAfFReZaofpFxUNMM6qu4KiThb4fZzb/Bfrde1DoqAEihpz5jXe
	L9A80kVyThBbgF91uZZQ9+oB99iBDvggBsqP7aQIbW3akzXeSt+EqDZrjnC/ghf1O4DlBF
	qIAYd4siX6LNXOoERYBL69ClXI3MWX8=
ARC-Authentication-Results: i=1;
	imf21.hostedemail.com;
	dkim=pass header.d=google.com header.s=20230601 header.b=sU0DYYay;
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf21.hostedemail.com: domain of 3aF0LZQYKCH8vhdqmfjrrjoh.frpolqx0-ppnydfn.ruj@flex--seanjc.bounces.google.com designates 209.85.219.201 as permitted sender) smtp.mailfrom=3aF0LZQYKCH8vhdqmfjrrjoh.frpolqx0-ppnydfn.ruj@flex--seanjc.bounces.google.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1695243625; a=rsa-sha256;
	cv=none;
	b=w2YsrYBZuQHkKtiHREXgYHLt+oTqT/8NRs0+aXvVpGboatrM+zgKxQ0Xwc5to+1RWBtgKP
	KGIL89JtuwtX/ViCr8xM0BoFkiTme1TfaZROp3sz1sWIs1smjSju+Jv0VUKcaOIyE/JRWp
	dLsVnT9tAzwZVp4gyBh5Ru1JRJhoiLQ=
Received: by mail-yb1-f201.google.com with SMTP id 3f1490d57ef6-d8186d705a9so421046276.3
        for <linux-mm@kvack.org>; Wed, 20 Sep 2023 14:00:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1695243624; x=1695848424; darn=kvack.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=WD85YU6GCdPtOsLZeVlIeZZfzAYdtoOH/7wu6gyWXNI=;
        b=sU0DYYayKK7IMIBlehrI2L87BRZuWWcy4HNU8iWxNxn9jEHbuFYcrlLnu21nyh5ldY
         gfcludO80DmU4fvq/Wh+AoTU9agZscwEKBDWU27jOWp99g7ux/GsDrKGXWtPg87i7j7S
         NmE9eHHA0hSDV4xlRMKZv5wt12GKN2CQ5pOePm54exqeywlZSNr9z0mEVXfebIE+RgjG
         zQyv2l0oO1Z7YzZ21UjY3gIs08s+33WJh0xY+10rIrR9Qa3+TkdmdFtdauhKxHArWQzH
         eBdowIF6XdDi6nL8eNzRRY47XQLmD7WGj7GNxLPfIBE7xyRCBatLcXJplJkpLyGLlqbf
         99sw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1695243624; x=1695848424;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=WD85YU6GCdPtOsLZeVlIeZZfzAYdtoOH/7wu6gyWXNI=;
        b=e2hORW1wvIPckNmyJaBsFzsBWLfkEu8van6W+9rk+CJTiTSTlWRZcj4uuka0QXk9A5
         RfTpOgPyk9ANNhzLwtd+JbrltRitYNUcXhe7o4btbf2RuY1eVNCxFPDdMxRwNgfxpsmR
         mKs8pyPhh4zdvXy+XA0fuXb/RGvEl2cXoA3FUmjazkw74HhXFJ63UbOfbiSinOBzKPuc
         rNDqpe+wY4WztMOhd5jXt5cN0XiB2UrcB6FDxstXRRom+jxfjLIeMARg/fJNRpWDVN6W
         /BsykRQe9qrWcwwBNPPbvPMT9Qt72zwaq0EszbamMRMaJ97mdh8OqzBtL3BBqKlYo3k/
         /aGg==
X-Gm-Message-State: AOJu0YwzGyN9EewC+9parjRhiMsudEgNzJlVUwx2hb0DfdMphJJIMJYT
	9plq1vP+qvqECnIx4pY+dCnA0ZQti3o=
X-Google-Smtp-Source: AGHT+IE6bowhyf6hyHthYBPyW6IZfmwFxVZA3ErkF6QZibGvin1ESoG81Vf7MPhR8G5wDRxCxsmQT8EV7w4=
X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a25:496:0:b0:d7f:2cb6:7d88 with SMTP id
 144-20020a250496000000b00d7f2cb67d88mr58003ybe.13.1695243624102; Wed, 20 Sep
 2023 14:00:24 -0700 (PDT)
Date: Wed, 20 Sep 2023 14:00:22 -0700
In-Reply-To: <ZQP6ZqXH81V24Lj/@yzhao56-desk.sh.intel.com>
Mime-Version: 1.0
References: <20230914015531.1419405-1-seanjc@google.com> <20230914015531.1419405-12-seanjc@google.com>
 <ZQP6ZqXH81V24Lj/@yzhao56-desk.sh.intel.com>
Message-ID: <ZQtdZmJ3SekURjiQ@google.com>
Subject: Re: [RFC PATCH v12 11/33] KVM: Introduce per-page memory attributes
From: Sean Christopherson <seanjc@google.com>
To: Yan Zhao <yan.y.zhao@intel.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>, Marc Zyngier <maz@kernel.org>, 
	Oliver Upton <oliver.upton@linux.dev>, Huacai Chen <chenhuacai@kernel.org>, 
	Michael Ellerman <mpe@ellerman.id.au>, Anup Patel <anup@brainfault.org>, 
	Paul Walmsley <paul.walmsley@sifive.com>, Palmer Dabbelt <palmer@dabbelt.com>, 
	Albert Ou <aou@eecs.berkeley.edu>, "Matthew Wilcox (Oracle)" <willy@infradead.org>, 
	Andrew Morton <akpm@linux-foundation.org>, Paul Moore <paul@paul-moore.com>, 
	James Morris <jmorris@namei.org>, "Serge E. Hallyn" <serge@hallyn.com>, kvm@vger.kernel.org, 
	linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, 
	linux-mips@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, 
	kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, 
	linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, 
	linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, 
	Chao Peng <chao.p.peng@linux.intel.com>, Fuad Tabba <tabba@google.com>, 
	Jarkko Sakkinen <jarkko@kernel.org>, Anish Moorthy <amoorthy@google.com>, 
	Yu Zhang <yu.c.zhang@linux.intel.com>, Isaku Yamahata <isaku.yamahata@intel.com>, 
	Xu Yilun <yilun.xu@intel.com>, Vlastimil Babka <vbabka@suse.cz>, 
	Vishal Annapurve <vannapurve@google.com>, Ackerley Tng <ackerleytng@google.com>, 
	Maciej Szmigiero <mail@maciej.szmigiero.name>, David Hildenbrand <david@redhat.com>, 
	Quentin Perret <qperret@google.com>, Michael Roth <michael.roth@amd.com>, Wang <wei.w.wang@intel.com>, 
	Liam Merwick <liam.merwick@oracle.com>, Isaku Yamahata <isaku.yamahata@gmail.com>, 
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>
Content-Type: text/plain; charset="us-ascii"
X-Rspam-User: 
X-Rspamd-Server: rspam12
X-Rspamd-Queue-Id: 09BCF1C000A
X-Stat-Signature: athgooem1ffbadfji6b8kmi583bdjkk6
X-HE-Tag: 1695243624-451605
X-HE-Meta: U2FsdGVkX197kK6dx/ZPBBSHQckHoKHfB7MxP1G3xk2vLnD1faBdXIKEYvf1XBZ31c2+MJoQJ3evAphim7P2ild/MQropzpbKTueQk1XBeZdb6y6s9XwSy1vdN/SuRUJv/KKPXWwcnnd1s/mdq5TfzYnUzW8EoqMNu0rslDHxODsEFNsJ5CX5DA/TlMtXBtwGOlUCL7DCRA4M6beD4aR5+5tTdCjYlUmlpMfBi13QASYH8XnLKuLkj1Z8oxzOIehlAUQU5/FkQSIeYU8tpIcO5DYV51zffSmbIeMeEMdKcJtGyabd+YznsI4VnOoxupXwcIIDa8ucXPfU6l0tBMbyW4Pr2PZ0iq4ajmbaDdJ5a5fZpDiheglZR2yVtmSk80PHIBrGbGir/3YPPehtTUDZ0fC5abKY4UoYaPaGcQbAae6LDxUfqpCtdRdelxC47x4WkgwY/r6yUA82muXsk0dvU1LDLEmVKvFh2um0dgFNo7w8kN4W/F2WIdRbMYCAOXkWZLz7CBKisaS+hfskpMdVTCiTdHvOJnu3OBhQGCkmhUFpo3JNcz0Ze+MrFZE3Dbl20x4n3xYyTQ9a8o+K/aoYu9GSyq1god9rNQoiwGRTw98B3X4Lme3DbuuTY7QPqM0MqyeZ+2yn2Tde8z3Ag1U6EDo2HI0K8y5Jdi+VLMWUrd+Fxum7Kc2Ay+pViV2ItGKwdj2qPU72t/EvkgUhIlCWttDT7/GBmJC9tjo8WyU/siZJa71WvLlG0agxGU3SVXYAnBgZmv9P4eoJAQuCR6MukSBYUeuVSU2qn4onZdWFl4OL99kA/q49xga/J9enTps3TahrPLlCq4YheLDgOYacXwxHws/TaU5Y+TlyBoK1PsN/rjpP13QJYYwoIm9mocj7zSuFIlhs59ii0fRBEs6lVWZITYRZMFCTgHDZX00v4KEhvR6QOtaFN82H6eS6X5eiAo5Z+PPYJBaaDUaKOt
 riSxSH0w
 RChPSQzl8Le3WASST0r5cIYS54SA1OazFd6Dx9FkM4j+J2haMl/+4R+H/6V7MdcZ5uLap1Co1mubrj4H4B0gYKZQG+LUh0SQFp67lhKolBvb9MNn4ruPrRjYoOg7S61kzsQ55/ZaCtHNgrdXnmDBfzjeDGIj9FnNtOU8v8pSb2yz77xLB8OUrwh+od9xcLhzGu6f684DYl3Ipa5GBPIJsG9TJael9KjbAFaRMNl+2oppCba+LftzBkc69TPBGzf9ZfFU1CKYAzCyikSxcHQ3KBypvQyFxKwjUpdy/haxex+GI0TkPJer5lQ6SF9ud7+IE2cdWyGC8Dr7kDFyv+J2/9uloKok/1dqB4jbjqNoyxkpHa3hLpKOBS8OEZkqvZo2rpZAzo8igblGYy6elGf1M4TH1cXvDVsV3PQpHGIBgGeJ083B0Uw9QctO3cBnktEeDgx4Kb1ijU1lKD9JDszU8pojKC1ZDUuAug0wupau07ppk+iTiOubS3tICc89ydPj6J/LYKvSHvGBifLx5yHrRMx7T8U/ja4C74A9Vi3eVEiortx3v7xvePObulgpwxkj2gd5WDSOsFpIRVmwKg+gsLKQnXwMZgjUWYrEkxNYV7Lno/iZeDIWr3KfAdEYdWfF/SGEN4xCVbTv44u2K6eHfmkXrXSecFp+0lvatw4YeeCfa32U=
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Fri, Sep 15, 2023, Yan Zhao wrote:
> On Wed, Sep 13, 2023 at 06:55:09PM -0700, Sean Christopherson wrote:
> > From: Chao Peng <chao.p.peng@linux.intel.com>
> > 
> > In confidential computing usages, whether a page is private or shared is
> > necessary information for KVM to perform operations like page fault
> > handling, page zapping etc. There are other potential use cases for
> > per-page memory attributes, e.g. to make memory read-only (or no-exec,
> > or exec-only, etc.) without having to modify memslots.
> > 
> ...
> >> +bool kvm_range_has_memory_attributes(struct kvm *kvm, gfn_t start, gfn_t end,
> > +				     unsigned long attrs)
> > +{
> > +	XA_STATE(xas, &kvm->mem_attr_array, start);
> > +	unsigned long index;
> > +	bool has_attrs;
> > +	void *entry;
> > +
> > +	rcu_read_lock();
> > +
> > +	if (!attrs) {
> > +		has_attrs = !xas_find(&xas, end);
> > +		goto out;
> > +	}
> > +
> > +	has_attrs = true;
> > +	for (index = start; index < end; index++) {
> > +		do {
> > +			entry = xas_next(&xas);
> > +		} while (xas_retry(&xas, entry));
> > +
> > +		if (xas.xa_index != index || xa_to_value(entry) != attrs) {
> Should "xa_to_value(entry) != attrs" be "!(xa_to_value(entry) & attrs)" ?

No, the exact comparsion is deliberate.  The intent of the API is to determine
if the entire range already has the desired attributes, not if there is overlap
between the two.

E.g. if/when RWX attributes are supported, the exact comparison is needed to
handle a RW => R conversion.

> > +			has_attrs = false;
> > +			break;
> > +		}
> > +	}
> > +
> > +out:
> > +	rcu_read_unlock();
> > +	return has_attrs;
> > +}
> > +
> ...
> > +/* Set @attributes for the gfn range [@start, @end). */
> > +static int kvm_vm_set_mem_attributes(struct kvm *kvm, gfn_t start, gfn_t end,
> > +				     unsigned long attributes)
> > +{
> > +	struct kvm_mmu_notifier_range pre_set_range = {
> > +		.start = start,
> > +		.end = end,
> > +		.handler = kvm_arch_pre_set_memory_attributes,
> > +		.on_lock = kvm_mmu_invalidate_begin,
> > +		.flush_on_ret = true,
> > +		.may_block = true,
> > +	};
> > +	struct kvm_mmu_notifier_range post_set_range = {
> > +		.start = start,
> > +		.end = end,
> > +		.arg.attributes = attributes,
> > +		.handler = kvm_arch_post_set_memory_attributes,
> > +		.on_lock = kvm_mmu_invalidate_end,
> > +		.may_block = true,
> > +	};
> > +	unsigned long i;
> > +	void *entry;
> > +	int r = 0;
> > +
> > +	entry = attributes ? xa_mk_value(attributes) : NULL;
> Also here, do we need to get existing attributes of a GFN first ?

No?  @entry is the new value that will be set for all entries.  This line doesn't
touch the xarray in any way.  Maybe I'm just not understanding your question.