From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6867CC47DDF for ; Wed, 31 Jan 2024 01:13:06 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D0F3B6B0088; Tue, 30 Jan 2024 20:13:05 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id CE6AB6B0089; Tue, 30 Jan 2024 20:13:05 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BADD76B008A; Tue, 30 Jan 2024 20:13:05 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id A8E8D6B0088 for ; Tue, 30 Jan 2024 20:13:05 -0500 (EST) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 6E950120480 for ; Wed, 31 Jan 2024 01:13:05 +0000 (UTC) X-FDA: 81737832330.18.DB6776B Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) by imf24.hostedemail.com (Postfix) with ESMTP id B41B0180021 for ; Wed, 31 Jan 2024 01:13:03 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=jblqzmGR; spf=pass (imf24.hostedemail.com: domain of 3np65ZQYKCPUpbXkgZdlldib.Zljifkru-jjhsXZh.lod@flex--seanjc.bounces.google.com designates 209.85.215.201 as permitted sender) smtp.mailfrom=3np65ZQYKCPUpbXkgZdlldib.Zljifkru-jjhsXZh.lod@flex--seanjc.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1706663583; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=/GoosJvXV4tQVgQnoX094ue9LgaeDV/puMZ+zgV5v8A=; b=kfiQcb5WtpPIC2HwSLthOM0K9YPuHSlwC1KUdHpo6Zc4yjltPZC69ICmgnZ30eZ5YVHrdX IXnwhLUh21g5J4utee8W5q2Y/cNBmME95+zT7dYxoZQg4uBhQ2FbCrqfKX62W3aZwuNT28 vm9vsQCg+NYBz91rpW2/KQqozkcImk4= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1706663583; a=rsa-sha256; cv=none; b=7opPxSdQC4+T8gL0E5uSR880AAwPNy31N/aIhMeW7djI6eIT7vHQ+7JKMtehJZoc3LJP6d gRo2N/15FwgS3RyGK1Xp5ml1jHECkbMm1LCqYrMw3p3fTSeNO0ZygMEIb23mbqzciZUb/b nuFWwof5ejMJ/bUVTljZb2G9qLdJ1X4= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=jblqzmGR; spf=pass (imf24.hostedemail.com: domain of 3np65ZQYKCPUpbXkgZdlldib.Zljifkru-jjhsXZh.lod@flex--seanjc.bounces.google.com designates 209.85.215.201 as permitted sender) smtp.mailfrom=3np65ZQYKCPUpbXkgZdlldib.Zljifkru-jjhsXZh.lod@flex--seanjc.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-5ca5b61c841so3236391a12.3 for ; Tue, 30 Jan 2024 17:13:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1706663582; x=1707268382; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=/GoosJvXV4tQVgQnoX094ue9LgaeDV/puMZ+zgV5v8A=; b=jblqzmGRs4g2ySksjORCoBMVoFzsWdWTixm9/3mZKST6cpW4tzHqrG3c1KoOcLRHLU iJ79nqn23MQNJZcGHF8vNIk8akN+ZLnv7VZRu190PC9MCLWFQdiY7DdVY0MKRurZEyk7 +2vwhl7SN4LP3iUMFZBdNFL8p0vv7D73SaH0/FCJ6ENiqRum+JTNIBdKyLRQaztN6za9 JZih0r6bAmk/4c+DC5bn1q9sSNzU6CdUSdNCmJlX1/3EAEDCEY2iiCI7RZAoIBtJ0PH1 gei5DTiCPTY6+cbwAyDiSRstxF3KB5jKpTV8XLV62PL9My+vg7oBVYTHsjyQ4NsTDr2P RJrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706663582; x=1707268382; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=/GoosJvXV4tQVgQnoX094ue9LgaeDV/puMZ+zgV5v8A=; b=lbEe9d3oaXGVVgls1340/6bCpE26VKlOi96nArJK0NuvZ8x9ZGG+GaEou7nIKgSVpf disCR79aMRQzf+uiBzlqTWjWrqd6C5nr33K1PuETvib5CtyZLMZP/jL4BCpgaTOFq0Ib C3/NU+TN4aNHTwr83ZqI4nO8bwfnS0yyvIjCFmUmRSJfeYJD/aIer4oHiquRuUpzK+RG bJPCl2UOGieF55S4QeS7oLaP5iy8pVfzgKNH+RaYzM4VUKjtic/az7630hBuKCQZOYc4 O7+yPVzSXuDNjqMJaBF9mVDyf8h6KGWTac1R3wloXRIp2HdogzJZGc77zTQRgTJ7jKhg 8/fg== X-Gm-Message-State: AOJu0YxshQgbs7blfLdgYEOz6c9rJyuSzpHNl6wamkKiQPTYncsQttlm IJHYx1osZKwbpfR1y23xXYqLbjTtyt/KRoBnmmr1aLIZyy8PdN4QU1+eFYf4iTDVCOnBR658pw7 Bhg== X-Google-Smtp-Source: AGHT+IHXA4t0uhZ7tzthJIqQkUlU7edO5hP5ya6T+NaNmVk8RFxp+26SnKPKNqGEdvTVdg4s3sxwKV4qvvQ= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:d212:b0:1d9:1e1:76ca with SMTP id t18-20020a170902d21200b001d901e176camr715ply.10.1706663582547; Tue, 30 Jan 2024 17:13:02 -0800 (PST) Date: Tue, 30 Jan 2024 17:13:00 -0800 In-Reply-To: <20231016115028.996656-9-michael.roth@amd.com> Mime-Version: 1.0 References: <20231016115028.996656-1-michael.roth@amd.com> <20231016115028.996656-9-michael.roth@amd.com> Message-ID: Subject: Re: [PATCH RFC gmem v1 8/8] KVM: x86: Determine shared/private faults based on vm_type From: Sean Christopherson To: Michael Roth Cc: kvm@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, pbonzini@redhat.com, isaku.yamahata@intel.com, ackerleytng@google.com, vbabka@suse.cz, ashish.kalra@amd.com, nikunj.dadhania@amd.com, jroedel@suse.de, pankaj.gupta@amd.com Content-Type: text/plain; charset="us-ascii" X-Rspamd-Queue-Id: B41B0180021 X-Rspam-User: X-Stat-Signature: k36shz3jxf9hbaokacmgzuyw13aqnfm6 X-Rspamd-Server: rspam03 X-HE-Tag: 1706663583-505903 X-HE-Meta: U2FsdGVkX1/N1x+it78KSLwiebCR7dWY7rD8oJeCxLyGC81R1q1461GWaltfhWljit6CcWtifNgnxK/VWvH4K1MUo0P54U130oyzCDlOvaGBORrqm1fskjelbTOiQVlkpFGVSNLRylptXg8wJsS3qrrMPtF4cTY6AE+h+3d3IpP5/VQCC4otxqaSirrtKFCYe72Yka3y6SboNj9MPOSMmVhdtzbO9aaxdRBOwSP8uxI0CvF+rzrnPmZ3FZE0kZ+PXPVDYpo23cxQQH7RZB5cFBXLwd70N8NIZQj4rkKsl8eCFF5g07PCSWoNHMM+vjVzU8aafoGYfAmCkpNbCyhCI6oYLwem+Spa+15rkVKmiEU7gG/s6N31dbAwx9KSz+GmwVTVhYGCq4Dw+yz8e6QGpaN4JvK1jYNTSz9DzB9cgD0pv3jZ9727z4/kqVfxPN7cHt0n08hmEa+pQLiDBHVAleBohI8clyvImxKVT2Opwe5ETgMH3whFlwbUHnieh7v+Fk5PMm4r2DYxgvC9XhEfFR2U+0+qzAP1KRx56+GxUIXChrd+NpoNa7QCl4gloHP3l+fVP+4eEHM65xt/wQbqhAz0MehCpopsk6CT8qP9ofMv20bNVhDXESTjpxutC0+LpkT5EziKXixe7hQBfqzCHkFi5KdWTgv03OL7gsujiOGgSFy4R7zxvfsymIQnA8riQ9wTSZFGlEyv3+6vINF6ozimoAHCPK+JNqt62BgOI4L2O6Q1ETPAhtovlDLc1qPlMC7TGye/K6OiSw9/j/9VrlKp8JY6jmWj1mtJ8BAS6XnTbjfiskN9HXyfal7kdAG8uubhD12bcAxrixd+BnuweQDrFfhRnZ+4BBwvMZkh3BxPhxkEdPPre3HSsml8fnLnZXaa7N4RkFNhObEoz2ovqoREjCTeUxCQPY9/JTKSC5CUrvRgkSEvXK+gHR4q5u1VqHGuy2x6km3gjLzD5sp wJz6M+Tv ih2FRUvbW65YCXvIycvpCj6Bj4p2spSwT9mjgcfDfZsHbOWm8HDjHYDWAAxVukGYKXOWRzj+g79NQoi+gQX2Xop5NEwnIbP21OjibpmCgr4luEfPX5rUduWYhvkuqeOB29nb2LBqG5PYNSS5gYRuHTGuhEdKlv2r/3YLTMIm5s9FEGAUS+/uK3k/3PAtgrt+9pRPEcFanVPKEVGSBuQioIa3r+XeBP+t52l3nL73CjtHSTF+SSntKVy1TlQbERU5Al4lGLluZj26J45kCSSjOT7uY0vuCdh52gfVlKTq+Nk81V4mqQk+oGXkS9a6LArZeyj0tyyNsGUTBuDY0Pyv2TYHkBlSwO6t8faHVeMm82fes1J6MG8MUmax78ktmNy91+NSSFDzLkhgyPhYeYRFgTG5CvEfNmiUInclPIJMWD9aKOGbF4RME3TlPuC7DhzDgG9t7wFwDQ75on3T0W26RNYBPtlrvAzwA2UyObq81PdP9yaPeU7QVledrPZxq/EnAqRe7ir4eojL6YLEXZrNYFv49qn4Gvd0sd2kKz4osn5I7i4Swx2W5KtYvbT/TVo+bvKI9o8FaxF4NvfD9nwJFot4uFdezY6NVv1az0aRiFNO+6X472DHAEk0JoKsM8ZJ16im8 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000133, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Oct 16, 2023, Michael Roth wrote: > For KVM_X86_SNP_VM, only the PFERR_GUEST_ENC_MASK flag is needed to > determine with an #NPF is due to a private/shared access by the guest. > Implement that handling here. Also add handling needed to deal with > SNP guests which in some cases will make MMIO accesses with the > encryption bit. ... > @@ -4356,12 +4357,19 @@ static int __kvm_faultin_pfn(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault > return RET_PF_EMULATE; > } > > - if (fault->is_private != kvm_mem_is_private(vcpu->kvm, fault->gfn)) { > + /* > + * In some cases SNP guests will make MMIO accesses with the encryption > + * bit set. Handle these via the normal MMIO fault path. > + */ > + if (!slot && private_fault && kvm_is_vm_type(vcpu->kvm, KVM_X86_SNP_VM)) > + private_fault = false; Why? This is inarguably a guest bug. > + if (private_fault != kvm_mem_is_private(vcpu->kvm, fault->gfn)) { > kvm_mmu_prepare_memory_fault_exit(vcpu, fault); > return -EFAULT; > } > > - if (fault->is_private) > + if (private_fault) > return kvm_faultin_pfn_private(vcpu, fault); > > async = false; > diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h > index 759c8b718201..e5b973051ad9 100644 > --- a/arch/x86/kvm/mmu/mmu_internal.h > +++ b/arch/x86/kvm/mmu/mmu_internal.h > @@ -251,6 +251,24 @@ struct kvm_page_fault { > > int kvm_tdp_page_fault(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault); > > +static bool kvm_mmu_fault_is_private(struct kvm *kvm, gpa_t gpa, u64 err) > +{ > + bool private_fault = false; > + > + if (kvm_is_vm_type(kvm, KVM_X86_SNP_VM)) { > + private_fault = !!(err & PFERR_GUEST_ENC_MASK); > + } else if (kvm_is_vm_type(kvm, KVM_X86_SW_PROTECTED_VM)) { > + /* > + * This handling is for gmem self-tests and guests that treat > + * userspace as the authority on whether a fault should be > + * private or not. > + */ > + private_fault = kvm_mem_is_private(kvm, gpa >> PAGE_SHIFT); > + } This can be more simply: if (kvm_is_vm_type(kvm, KVM_X86_SNP_VM)) return !!(err & PFERR_GUEST_ENC_MASK); if (kvm_is_vm_type(kvm, KVM_X86_SW_PROTECTED_VM)) return kvm_mem_is_private(kvm, gpa >> PAGE_SHIFT);