From patchwork Sat Feb 3 00:23:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 196117 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:9bc1:b0:106:209c:c626 with SMTP id op1csp776125dyc; Fri, 2 Feb 2024 16:30:25 -0800 (PST) X-Google-Smtp-Source: AGHT+IHoU34azVOsjGfhm6zqTcYrMjWP6HeL0NBMXTmSBW7lnR09NjNxQHW4F1mL2qcELC1yPKY/ X-Received: by 2002:a05:6358:5bd6:b0:176:9e87:412c with SMTP id i22-20020a0563585bd600b001769e87412cmr9909963rwf.7.1706920224730; Fri, 02 Feb 2024 16:30:24 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706920224; cv=pass; d=google.com; s=arc-20160816; b=y9+SRSTifEXkrZrDxTmUYv1ezq9rrvRHXPW0cANlWogTe4E+IOv6wYWB/8QZ0/Pdl9 W7oM6ZVIyt5BCZIf9SB2VOkT+nZIVLzSs6Hr2y4InIsNLRO7PlmqsqDBysCdndlE12uI tDJFNcG5pUOO58aiV6PCoJvEOs2k1ZwE65tf9UyuYcNZr9doAUmTp13NQOzdmMS0B3g1 tGZGzlKjrN/8KB/LyA01DKLH8lhpm2jZLWedzUh93mShpe8/3EzbKQFGsai1vijzyGRG aO16yu4Li7XBLzta57wiuKIOfoeTLu54A+rrXXl/VlSU3ljjAWzuY7cI+2nl0N0z6Hr0 tobQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :reply-to:dkim-signature; bh=gdrXXYnWw+bLoNL2lm3uC9b/C5lFzeIuJK5MljquSco=; fh=Isd2ITQ/sPTqp61dhvNKzC0KvmoW5QtW2fC6rXvSqFM=; b=FAO6GJ7pI//ULTilOHDEj2BJl6SsyhB/Fw5bDBvxAIvEG+GB9UWSaI47sCFnI7kOkG yQnZxUeaSugv/ATGvDMx8ZR4NILHQkdqfjqOzYS7DYLglJ0g3tFGdMlDBr79FioDqyc6 yMQosP4/puoMf0Ef3MGGuyJmPJSzPY60nEi/a7QY1a+8Fm98mhuygnJZmojpph4HA76o QgqUnZKatCZWC2cZTGgQRtysbMnIguFpZfJFuzk8fBEIQiCu9qpp9yRZQ6u0b/QZACIK xrw309ii/gpOZSP33enBQI9QJtVMYmBcpoq5ebsdaVMl4os6LeVlI4SS9VC95rAPtafZ CczA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=2EnIrlHC; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-50771-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-50771-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com X-Forwarded-Encrypted: i=1; AJvYcCUDqtpZnR0SswDZUYMrxea25IPqkPgaCSZRpBce/1jhBQh04rONZB+0RnOzKZW9CwbUDGsD30fz+LpyG8I8YsZicAtbig== Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id c5-20020a63da05000000b005ca4098bf5fsi2387448pgh.620.2024.02.02.16.30.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Feb 2024 16:30:24 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-50771-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=2EnIrlHC; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-50771-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-50771-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id E9DACB25B1D for ; Sat, 3 Feb 2024 00:24:57 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 960608C1D; Sat, 3 Feb 2024 00:23:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="2EnIrlHC" Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0534646A4 for ; Sat, 3 Feb 2024 00:23:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706919832; cv=none; b=ErdbMh+jjJYX/CyPZDnbhL2/MV/NdpBaH54BCvmfPTwmTnR+7ftsHINvlzKI7DpHPgO/esA9MjbTEgOSWjgWBkRsKg2cJsYeDWqWbwJfLI/OGc9HsD8Htfh09cSOZcOkNi0TvDU1O5XdztUk+KDNZE5RStcMAnmV1Xvzds3FUf8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706919832; c=relaxed/simple; bh=+txod2hID5r4KzljZQHI8kZJi4ylAzG2GvBBhxnFqJs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=tiZwAOujONSWAw3DIE3Z0ZdGeyNnuqcLWEkH7XGmWNzlNWY03b5XryNRrFp15zWTUUfKL7p3kNIX3gLGr/hXAWOGnEeVlnJgZgNEtfgoY0el3JsC2YF810VKN3hNOVIy4YXL0805+U5UUd+SLzXoF1l8fVoYd33n4NOj6cwrLiA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=2EnIrlHC; arc=none smtp.client-ip=209.85.219.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-dc6b5d1899eso4899349276.0 for ; Fri, 02 Feb 2024 16:23:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1706919830; x=1707524630; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=gdrXXYnWw+bLoNL2lm3uC9b/C5lFzeIuJK5MljquSco=; b=2EnIrlHCTa0QDVqrK5SXKWbVSnY9Q5aNcoylD8hqad54bzA+m179YKbCBskIg2/sUu J39i3Tyj35w9CR8T/ESiYE5mj8AtB3HR7/Re2s/7/EYq2q/jsKyVig49i9cxPpiomnru yPwDEECDccrwfknqvvuRNUiLVE1Y3bs+e4vdAz7otOZC18sjmpMeF2XbW+dh9PtddqkT uEsko5VPT1He9zFO19qWgfQNH6lbi9HzrmTUALmomZ8ZNznvZoKrY1+ICrL/uSW3Eihs +D/jBkD4r0V4sx45sK6rxHyvc2dgH95wTDL8mn0qKeZjssnyp+O9Rwpi3YZjvtNP9Wj9 wSqg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706919830; x=1707524630; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=gdrXXYnWw+bLoNL2lm3uC9b/C5lFzeIuJK5MljquSco=; b=k1K8CZ/t8yLOx6g8pHpJwR93EDyfsXfAkZWBUeJ7+rNzoXjewqyDnuzOl7k+y+2AAQ KcIRacIRDGAHIHBHG4FHsm4bbDkmihanPaDdedz41aDumYYrq7roEiIQSar4EYn0cF6y w4JAdQC0hsQm3479stsl85HJoDKwod1z2OzSv0piEmWgQtqot55HY1HTRslvKnEVtm91 L2JcsxcsdX91VgbqTqbes2wf7yxrQOw0WE5SbqaIYjgB/5/RK0/lCoHH8w/aIk4BBspI GyGhqsPV55RhXcuzNIC20WXeX6mlyqxqq3HewgskBBUwgyEwqnBSxqKXIIo20TmZrC0g smpw== X-Gm-Message-State: AOJu0YyELD6+ocW28HH/+Vo3N2MLWzz05if4fbn8Ps8klD/2nwSD5rvk rCq0lcnjTdAgTq4rhzwLoBmX1r3+2nGf9AhrIfcbMOTbbCIXgl48yzKRZyhaFitA2FPiqUxHmZA hCQ== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:2208:b0:dc6:c9e8:8b0d with SMTP id dm8-20020a056902220800b00dc6c9e88b0dmr43666ybb.1.1706919830060; Fri, 02 Feb 2024 16:23:50 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 2 Feb 2024 16:23:41 -0800 In-Reply-To: <20240203002343.383056-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240203002343.383056-1-seanjc@google.com> X-Mailer: git-send-email 2.43.0.594.gd9cf4e227d-goog Message-ID: <20240203002343.383056-3-seanjc@google.com> Subject: [PATCH v2 2/4] KVM: x86: Drop dedicated logic for direct MMUs in reexecute_instruction() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Jim Mattson , Mingwei Zhang X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789835581577553080 X-GMAIL-MSGID: 1789835581577553080 Now that KVM doesn't pointlessly acquire mmu_lock for direct MMUs, drop the dedicated path entirely and always query indirect_shadow_pages when deciding whether or not to try unprotecting the gfn. For indirect, a.k.a. shadow MMUs, checking indirect_shadow_pages is harmless; unless *every* shadow page was somehow zapped while KVM was attempting to emulate the instruction, indirect_shadow_pages is guaranteed to be non-zero. Well, unless the instruction used a direct hugepage with 2-level paging for its code page, but in that case, there's obviously nothing to unprotect. And in the extremely unlikely case all shadow pages were zapped, there's again obviously nothing to unprotect. Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 2ec3e1851f2f..c502121b7bee 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -8785,27 +8785,27 @@ static bool reexecute_instruction(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, kvm_release_pfn_clean(pfn); - /* The instructions are well-emulated on direct mmu. */ - if (vcpu->arch.mmu->root_role.direct) { - if (vcpu->kvm->arch.indirect_shadow_pages) - kvm_mmu_unprotect_page(vcpu->kvm, gpa_to_gfn(gpa)); - - return true; - } - /* - * if emulation was due to access to shadowed page table - * and it failed try to unshadow page and re-enter the - * guest to let CPU execute the instruction. + * If emulation may have been triggered by a write to a shadowed page + * table, unprotect the gfn (zap any relevant SPTEs) and re-enter the + * guest to let the CPU re-execute the instruction in the hope that the + * CPU can cleanly execute the instruction that KVM failed to emulate. */ - kvm_mmu_unprotect_page(vcpu->kvm, gpa_to_gfn(gpa)); + if (vcpu->kvm->arch.indirect_shadow_pages) + kvm_mmu_unprotect_page(vcpu->kvm, gpa_to_gfn(gpa)); /* - * If the access faults on its page table, it can not - * be fixed by unprotecting shadow page and it should - * be reported to userspace. + * If the failed instruction faulted on an access to page tables that + * are used to translate any part of the instruction, KVM can't resolve + * the issue by unprotecting the gfn, as zapping the shadow page will + * result in the instruction taking a !PRESENT page fault and thus put + * the vCPU into an infinite loop of page faults. E.g. KVM will create + * a SPTE and write-protect the gfn to resolve the !PRESENT fault, and + * then zap the SPTE to unprotect the gfn, and then do it all over + * again. Report the error to userspace. */ - return !(emulation_type & EMULTYPE_WRITE_PF_TO_SP); + return vcpu->arch.mmu->root_role.direct || + !(emulation_type & EMULTYPE_WRITE_PF_TO_SP); } static bool retry_instruction(struct x86_emulate_ctxt *ctxt,