From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id DCCD9C6379F
	for <linux-mm@archiver.kernel.org>; Fri, 13 Jan 2023 23:29:38 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 7141B8E0002; Fri, 13 Jan 2023 18:29:38 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 69CF68E0001; Fri, 13 Jan 2023 18:29:38 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 516CD8E0002; Fri, 13 Jan 2023 18:29:38 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14])
	by kanga.kvack.org (Postfix) with ESMTP id 3F3BE8E0001
	for <linux-mm@kvack.org>; Fri, 13 Jan 2023 18:29:38 -0500 (EST)
Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay03.hostedemail.com (Postfix) with ESMTP id 157F7A07D2
	for <linux-mm@kvack.org>; Fri, 13 Jan 2023 23:29:38 +0000 (UTC)
X-FDA: 80351370036.09.3BADDC9
Received: from mail-pj1-f53.google.com (mail-pj1-f53.google.com [209.85.216.53])
	by imf24.hostedemail.com (Postfix) with ESMTP id 6D934180007
	for <linux-mm@kvack.org>; Fri, 13 Jan 2023 23:29:36 +0000 (UTC)
Authentication-Results: imf24.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=KI84PoD5;
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf24.hostedemail.com: domain of seanjc@google.com designates 209.85.216.53 as permitted sender) smtp.mailfrom=seanjc@google.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1673652576;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=ZQbX+PJeFGPE/epzSLyMXyeM3puvzgeaNuzCa8J0EXw=;
	b=pnv46p6xKoQj1jZRZeZ8aF3ylPFFKKndlmP/otFamo/WihpV04Ngw40leOAe1pSFFFdHke
	SdXIlxGCAuPa4M8vWE/LdYhXv6Z44FxoUJPskDMZuWNCBOctTgCig56bsmJuJ5VoC2tB7h
	G61yZE1dEJ0PmWvwBAYgIGE+PEYBpyU=
ARC-Authentication-Results: i=1;
	imf24.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=KI84PoD5;
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf24.hostedemail.com: domain of seanjc@google.com designates 209.85.216.53 as permitted sender) smtp.mailfrom=seanjc@google.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1673652576; a=rsa-sha256;
	cv=none;
	b=Y1LsRyL3QYZ9JpspCMrrpsGU6kvlFFYQ9PxpznRLygA9iEHFyrpuh6Nnh4rE84Xwa0mfw0
	vfXBBhHjdot2/agvQ3B+dVRq0iG/O2GAR9VhbaBFHCC/bcAue5/a/6zC26UqbSpNnuX4XW
	xrqp35T3tnA6xq0C0pVnz4lmv8m2SvU=
Received: by mail-pj1-f53.google.com with SMTP id o13so20378361pjg.2
        for <linux-mm@kvack.org>; Fri, 13 Jan 2023 15:29:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=ZQbX+PJeFGPE/epzSLyMXyeM3puvzgeaNuzCa8J0EXw=;
        b=KI84PoD5hlyAFNUuR0aDNZVOeTIPetcODuXQFOLsthx0M9PBbd4Ii4NEbvq7AksXu7
         toZuH3SuWrDmOxlRgY9v/sD5jNWPLQf6dKrCbnokAUAIQEtbRDiSfZWcl/1I3UQVFAEb
         a6/l7wl7AA00DOx0ry/KDkad9zplSEVZSJFkd/VMKfI133Y6qU9QwZssXXrbCDw5Nb9m
         dzGrv28dPEYNNVmjwYaPASFLrerbq2hEC4XqdUUCBoLLJ4B4Gtckq/k2ywJKN2rpzvVv
         ocA532ET5RmMjB9lD97Ske8J4o2bErglLd6L5RaQkIXwXXqhqMDkO9X/qFp6RwMMIFsr
         LLbw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=ZQbX+PJeFGPE/epzSLyMXyeM3puvzgeaNuzCa8J0EXw=;
        b=Q8Hf9Dwh6h1QlEu1M62h+hI9lJJEaPXR8j8BjS8ek1BEp2Ai2o4NDGlhhWZhDqpLMk
         7V4wLYs8bNYt/0GMMKS1XP4gLAr82p7Yn4YcGU2uXMxVmr4A2zzjdKT0sjfBO3F5znIN
         OPRkdRXdYebqhU/3Ev6igpr9DStOT8/XY5u4+1uKExdH4/ZF5F5ikIbF79tbzANLrJVp
         Z20OF2Hf9JSv+30wRZO7aPmfXoZH5rC2vLb5PJ56dj2g18mCUP4ABZBVyISAegUiQgJ9
         N5wwEMtVcQ8YZnlhyGtDCr+RA8ol9YpiKKFPtmuS7vKkjD6ShA3pgVB1i3Nee107qRKz
         AIkw==
X-Gm-Message-State: AFqh2krCDuxrNFxjq/cYfF70QdWsOqiMwhDSJeJATgmkg5Ubzi8axxfc
	Zl/eW8GKsux4LVNO2R1Wf+zyDA==
X-Google-Smtp-Source: AMrXdXuw7u5n3rdsoSl403MwiroTsQpSA4OUWBZMOT9napmmz7jBR90tsEYJogYGPCeapKIvBrQTcA==
X-Received: by 2002:a17:902:d409:b0:189:6624:58c0 with SMTP id b9-20020a170902d40900b00189662458c0mr1300675ple.3.1673652575167;
        Fri, 13 Jan 2023 15:29:35 -0800 (PST)
Received: from google.com (7.104.168.34.bc.googleusercontent.com. [34.168.104.7])
        by smtp.gmail.com with ESMTPSA id q14-20020a17090311ce00b00189c536c72asm14777597plh.148.2023.01.13.15.29.34
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 13 Jan 2023 15:29:34 -0800 (PST)
Date: Fri, 13 Jan 2023 23:29:31 +0000
From: Sean Christopherson <seanjc@google.com>
To: Chao Peng <chao.p.peng@linux.intel.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org,
	linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org,
	linux-api@vger.kernel.org, linux-doc@vger.kernel.org,
	qemu-devel@nongnu.org, Paolo Bonzini <pbonzini@redhat.com>,
	Jonathan Corbet <corbet@lwn.net>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
	Wanpeng Li <wanpengli@tencent.com>,
	Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
	Arnd Bergmann <arnd@arndb.de>,
	Naoya Horiguchi <naoya.horiguchi@nec.com>,
	Miaohe Lin <linmiaohe@huawei.com>, x86@kernel.org,
	"H . Peter Anvin" <hpa@zytor.com>, Hugh Dickins <hughd@google.com>,
	Jeff Layton <jlayton@kernel.org>,
	"J . Bruce Fields" <bfields@fieldses.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Shuah Khan <shuah@kernel.org>, Mike Rapoport <rppt@kernel.org>,
	Steven Price <steven.price@arm.com>,
	"Maciej S . Szmigiero" <mail@maciej.szmigiero.name>,
	Vlastimil Babka <vbabka@suse.cz>,
	Vishal Annapurve <vannapurve@google.com>,
	Yu Zhang <yu.c.zhang@linux.intel.com>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	luto@kernel.org, jun.nakajima@intel.com, dave.hansen@intel.com,
	ak@linux.intel.com, david@redhat.com, aarcange@redhat.com,
	ddutile@redhat.com, dhildenb@redhat.com,
	Quentin Perret <qperret@google.com>, tabba@google.com,
	Michael Roth <michael.roth@amd.com>, mhocko@suse.com,
	wei.w.wang@intel.com
Subject: Re: [PATCH v10 8/9] KVM: Handle page fault for private memory
Message-ID: <Y8HpW9VNVlIdiH+P@google.com>
References: <20221202061347.1070246-1-chao.p.peng@linux.intel.com>
 <20221202061347.1070246-9-chao.p.peng@linux.intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20221202061347.1070246-9-chao.p.peng@linux.intel.com>
X-Rspamd-Queue-Id: 6D934180007
X-Rspamd-Server: rspam09
X-Rspam-User: 
X-Stat-Signature: bq61z6wjxk8m4u5na5mbgds4ha7xuakp
X-HE-Tag: 1673652576-612924
X-HE-Meta: U2FsdGVkX19Q1HMEePZkAap8N5MPhthmeMflY4551lJhucHazbvx3K/kpT3+zOOslnM9dY1K6OF1o/96koOlI4p15bl/o01q52wAlOg7aHbKWnAq0BCze0dEFN2Fmb500BMRfJ/NaJqZfs9i6fSh/DdBKcamXVQ1Ij6uKIiRCsFEUsP9rLNirQE9od7SgGnK2FwFeIsVfbiDEjevxOkSTmMDoAZu1gMETc5+dLJq2dq73nzBSU+e3+0LJ2c+ybGakvMIx/XYzfVWPUf7T8tqhZxIjUPZx6jGK3NR1XWR/aENt7SxdS/byJJKZvy3c44uNrytaQaDM2VyrxkRvAQAWy+fRU5jlYXegi1it6ya3d/05GdcPB9LKfaf7qSVjHMxUNyGXTjZEP+vmh69U7/+QwN8EKlPpfT2e2YfSHy14PIMpFdEnNN330Q1gnilLQrsKrH2BWvFjrzaHRTJegq6Q7oTL7wyZORCB9ZbuGqJe+YRYisdNCos2MumKs/9a7/f2upmHfuDqw8brELJdQvK7caS3zBcBcp5hcR7CLnelD1kfy0pzAQPsSmljREVJF7YrgkGf4wsalJMUGgLgtfeZxv5BKNn5RnBAcEN3J8OqPfN6Vq2Tjn2VzrY+a5r18E4HXQoxZ1AcmHv0aGbuU1IivFrnLfH9eUu1avVRPWXs0C3d2Hab4/QVC3UR89fCZ90qPE+O0gWle7rreGluxScAi+RtrKTmOSf4sYUEC1xHwpvnN5FkVqZwTgFvpLa2U1CGNIpNpNWHYxcHa/d4tm8LQu5tuiKhBHI+3ADdO2UW68otPS2N2vxSfzqDV2xps6s+m24lQotN8QlxZdAI82dJSW5+IJvZXJq0IecPq0992kDgZPIEhlRh4bQiHRmcmjXhHQil4MydcJQ7Qxpkho98Ph6W14a51FIZyCaI0MRjaA/vZK543KBzY9PnIWSFE3QgVM1nEKSgYXu4+4fNH9
 yDxzLoeH
 PpWxtmF3vnTgqDvsk5kDxpjPR5Zz8TdK20Vb+icAjvUOuH1a1v2YDVTMg3XPq6rlxk9jHaEL+wjg4bB0mjUKH8vUyzIZ23P0LZVNb
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Fri, Dec 02, 2022, Chao Peng wrote:
> @@ -5599,6 +5652,9 @@ int noinline kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, u64 err
>  			return -EIO;
>  	}
>  
> +	if (r == RET_PF_USER)
> +		return 0;
> +
>  	if (r < 0)
>  		return r;
>  	if (r != RET_PF_EMULATE)
> @@ -6452,7 +6508,8 @@ static bool kvm_mmu_zap_collapsible_spte(struct kvm *kvm,
>  		 */
>  		if (sp->role.direct &&
>  		    sp->role.level < kvm_mmu_max_mapping_level(kvm, slot, sp->gfn,
> -							       PG_LEVEL_NUM)) {
> +							       PG_LEVEL_NUM,
> +							       false)) {

Passing %false is incorrect.  It might not cause problems because KVM currently
doesn't allowing modifying private memslots (that likely needs to change to allow
dirty logging), but it's wrong since nothing guarantees KVM is operating on SPTEs
for shared memory.

One option would be to take the patches from the TDX series that add a "private"
flag to the shadow page role, but I'd rather not add the role until it's truly
necessary.

For now, I think we can do this without impacting performance of guests that don't
support private memory.

int kvm_mmu_max_mapping_level(struct kvm *kvm,
			      const struct kvm_memory_slot *slot, gfn_t gfn,
			      int max_level)
{
	bool is_private = kvm_slot_can_be_private(slot) &&
			  kvm_mem_is_private(kvm, gfn);

	return __kvm_mmu_max_mapping_level(kvm, slot, gfn, max_level, is_private);
}

> diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
> index 25099c94e770..153842bb33df 100644
> --- a/include/linux/kvm_host.h
> +++ b/include/linux/kvm_host.h
> @@ -2335,4 +2335,34 @@ static inline void kvm_arch_set_memory_attributes(struct kvm *kvm,
>  }
>  #endif /* __KVM_HAVE_ARCH_SET_MEMORY_ATTRIBUTES */
>  
> +#ifdef CONFIG_HAVE_KVM_MEMORY_ATTRIBUTES
> +static inline bool kvm_mem_is_private(struct kvm *kvm, gfn_t gfn)
> +{

This code, i.e. the generic KVM changes, belongs in a separate patch.  It'll be
small, but I want to separate x86's page fault changes from the restrictedmem
support adding to common KVM.

This should also short-circuit based on CONFIG_HAVE_KVM_RESTRICTED_MEM, though
I would name that CONFIG_KVM_PRIVATE_MEMORY since in KVM's world, it's all about
private vs. shared at this time.

> +	return xa_to_value(xa_load(&kvm->mem_attr_array, gfn)) &
> +	       KVM_MEMORY_ATTRIBUTE_PRIVATE;
> +}
> +#else
> +static inline bool kvm_mem_is_private(struct kvm *kvm, gfn_t gfn)
> +{
> +	return false;
> +}
> +
> +#endif /* CONFIG_HAVE_KVM_MEMORY_ATTRIBUTES */
> +
> +#ifdef CONFIG_HAVE_KVM_RESTRICTED_MEM
> +static inline int kvm_restricted_mem_get_pfn(struct kvm_memory_slot *slot,
> +					gfn_t gfn, kvm_pfn_t *pfn, int *order)
> +{
> +	int ret;
> +	struct page *page;
> +	pgoff_t index = gfn - slot->base_gfn +
> +			(slot->restricted_offset >> PAGE_SHIFT);
> +
> +	ret = restrictedmem_get_page(slot->restricted_file, index,
> +				     &page, order);

This needs handle errors.  If "ret" is non-zero, "page" is garbage.

> +	*pfn = page_to_pfn(page);
> +	return ret;
> +}
> +#endif /* CONFIG_HAVE_KVM_RESTRICTED_MEM */
> +
>  #endif
> -- 
> 2.25.1
>