From patchwork Sun Oct 30 06:22:38 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Isaku Yamahata X-Patchwork-Id: 12861 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp1666036wru; Sat, 29 Oct 2022 23:28:39 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6Q9S9hiUqjp4/i8h2RzJ7Fw+Y6chh/O8sCFke+Cy8mHC1aiMBpISOVWxFnEDWq/8RhoG9U X-Received: by 2002:a05:6402:440f:b0:45d:297b:c70a with SMTP id y15-20020a056402440f00b0045d297bc70amr7516354eda.187.1667111319270; Sat, 29 Oct 2022 23:28:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667111319; cv=none; d=google.com; s=arc-20160816; b=mr2ee0shwwL5fBo5b+D48iZj8izXp7zekXo7nVp2BpHVOohQJivX29+WnuunGF+gSb Jsw6tXlVmIi6tynX/M5w1J1689B4y6y09BY5D/dPfhb3ToyJ/90+4OGSzGc5BuzrqtNY U6bEcIiTsJLA1tlgJ2EIo86JeZaw5/u9MHepsLkPgHF27naV5/nYPUlX7Ki17z3EGRtE dYuzJLyNWAcNqPiwHqPjP9+WyuWWNuYeNOoCVrcv7BumwXnyzjiwCKJTVguhELsR1pLp 5+s6yOksMMwxwfWV0BuwZdgDE1JMTLLVg/CEkqky0yvhmViP7gLuelZNSQPDmisxYhc1 mXEw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=O6IkLQ78XnWZRu+1P+/z2C6cr0iCNdcMOpVAoYVCYlk=; b=T731XXwaz84j+8uPt2+msQJ3A59c+7D2FdAr5gnYqC5WyyU9y/L4rHPA1x26r8jFed kb6E9LCFF2iD4jVuyOtwPrtBlgf5TgVv294FEfkTQEBEnZjrZObq8Ij/GB5z+D/H+yQU GDNc9oi4OrJ0MLI1fd5XP4sl1Q1jQ+s+jKQQaSSfhJ+mvbmRz+p/z/oVuyhTLNir7FmB h/vjikwru46e71iiryNy9khB6yiO8RjmkYTuc404PT/PWgcgbnzjWtY1tCXXfbVXQiuw IRTDmN8Vo8L2ldQf1sOBAoEeETTIOy8XoxpwVjS6l39L+DXtrE29ApfLqaTc+ovsEk58 BOGg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="Ouo/6yjm"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ne14-20020a1709077b8e00b0078ddc074afdsi4482489ejc.577.2022.10.29.23.28.15; Sat, 29 Oct 2022 23:28:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="Ouo/6yjm"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230361AbiJ3G03 (ORCPT + 99 others); Sun, 30 Oct 2022 02:26:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47136 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229907AbiJ3GYK (ORCPT ); Sun, 30 Oct 2022 02:24:10 -0400 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 11365F4; Sat, 29 Oct 2022 23:24:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667111049; x=1698647049; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=sa5y0Pbexso39/n1O3X/Rxg+kJKGCxQRecKftLrSJ9c=; b=Ouo/6yjm9Sni4wg2DlOc8sfn9PDy8PkkyA5aON+WuivBP/pd8EAUm9QT uAuF9I8Sakw0BFStZMAvFo4ZXL7hyeEVaoE9va1teMyuWuzz+u5RYTBmS GMqxQrmBJMCFt8bwsZYAGIA4RhqRJLRKwcgBkfUqry3qobxGvfWgtit+M 7/bQqOkUGjMHzGdS8Sf5amRv7GRz0Ll7TAt0q/IxAwSUCSc9Vk5n8CSXg iIGjna14+2y1HPpAojd53RjuKyhKV6idrwfBJ3saM36TSe6BE39nQSdN2 zFJY0e1kOCPEvdyJakQZ+O2ct+Rcu8rEBEsARd0eZ8wrp3VX/nAeiqSG7 A==; X-IronPort-AV: E=McAfee;i="6500,9779,10515"; a="395037149" X-IronPort-AV: E=Sophos;i="5.95,225,1661842800"; d="scan'208";a="395037149" Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Oct 2022 23:24:03 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10515"; a="878392964" X-IronPort-AV: E=Sophos;i="5.95,225,1661842800"; d="scan'208";a="878392964" Received: from ls.sc.intel.com (HELO localhost) ([143.183.96.54]) by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Oct 2022 23:24:03 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , David Matlack Subject: [PATCH v10 037/108] KVM: x86/mmu: Disallow fast page fault on private GPA Date: Sat, 29 Oct 2022 23:22:38 -0700 Message-Id: <6e3d747ef224b44ff1f14bcb26424a1a3c210fb9.1667110240.git.isaku.yamahata@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748092918504232425?= X-GMAIL-MSGID: =?utf-8?q?1748092918504232425?= From: Isaku Yamahata TDX requires TDX SEAMCALL to operate Secure EPT instead of direct memory access and TDX SEAMCALL is heavy operation. Fast page fault on private GPA doesn't make sense. Disallow fast page fault on private GPA. Signed-off-by: Isaku Yamahata Reviewed-by: Paolo Bonzini --- arch/x86/kvm/mmu/mmu.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 9098f77cdaa4..09defac49bf0 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -3238,8 +3238,16 @@ static int handle_abnormal_pfn(struct kvm_vcpu *vcpu, struct kvm_page_fault *fau return RET_PF_CONTINUE; } -static bool page_fault_can_be_fast(struct kvm_page_fault *fault) +static bool page_fault_can_be_fast(struct kvm *kvm, struct kvm_page_fault *fault) { + /* + * TDX private mapping doesn't support fast page fault because the EPT + * entry is read/written with TDX SEAMCALLs instead of direct memory + * access. + */ + if (kvm_is_private_gpa(kvm, fault->addr)) + return false; + /* * Page faults with reserved bits set, i.e. faults on MMIO SPTEs, only * reach the common page fault handler if the SPTE has an invalid MMIO @@ -3349,7 +3357,7 @@ static int fast_page_fault(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault) u64 *sptep = NULL; uint retry_count = 0; - if (!page_fault_can_be_fast(fault)) + if (!page_fault_can_be_fast(vcpu->kvm, fault)) return ret; walk_shadow_page_lockless_begin(vcpu);