Re: [PATCH v2 15/18] KVM: x86/mmu: rename kvm_mmu_new_pgd, introduce variant that calls get_guest_pgd

From: Maxim Levitsky <mlevitsk@redhat.com>
To: Sean Christopherson <seanjc@google.com>,
	Paolo Bonzini <pbonzini@redhat.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Subject: Re: [PATCH v2 15/18] KVM: x86/mmu: rename kvm_mmu_new_pgd, introduce variant that calls get_guest_pgd
Date: Thu, 24 Feb 2022 17:41:30 +0200	[thread overview]
Message-ID: <667adbb56835c359fbdbacefe4ecdf1153b0c126.camel@redhat.com> (raw)
In-Reply-To: <YhAI2rq9ms+rhFy5@google.com>

On Fri, 2022-02-18 at 21:00 +0000, Sean Christopherson wrote:
> On Fri, Feb 18, 2022, Paolo Bonzini wrote:
> > On 2/17/22 22:03, Paolo Bonzini wrote:
> > > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> > > index adcee7c305ca..9800c8883a48 100644
> > > --- a/arch/x86/kvm/x86.c
> > > +++ b/arch/x86/kvm/x86.c
> > > @@ -1189,7 +1189,7 @@ int kvm_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3)
> > >   		return 1;
> > >   	if (cr3 != kvm_read_cr3(vcpu))
> > > -		kvm_mmu_new_pgd(vcpu, cr3);
> > > +		kvm_mmu_update_root(vcpu);
> > >   	vcpu->arch.cr3 = cr3;
> > >   	kvm_register_mark_dirty(vcpu, VCPU_EXREG_CR3);
> > 
> > Uh-oh, this has to become:
> > 
> >  	vcpu->arch.cr3 = cr3;
> >  	kvm_register_mark_dirty(vcpu, VCPU_EXREG_CR3);
> > 	if (!is_pae_paging(vcpu))
> > 		kvm_mmu_update_root(vcpu);
> > 
> > The regression would go away after patch 16, but this is more tidy apart
> > from having to check is_pae_paging *again*.
> > 
> > Incremental patch:
> > 
> > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> > index adcee7c305ca..0085e9fba372 100644
> > --- a/arch/x86/kvm/x86.c
> > +++ b/arch/x86/kvm/x86.c
> > @@ -1188,11 +1189,11 @@ int kvm_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3)
> >  	if (is_pae_paging(vcpu) && !load_pdptrs(vcpu, cr3))
> >  		return 1;
> > -	if (cr3 != kvm_read_cr3(vcpu))
> > -		kvm_mmu_update_root(vcpu);
> > -
> >  	vcpu->arch.cr3 = cr3;
> >  	kvm_register_mark_dirty(vcpu, VCPU_EXREG_CR3);
> > +	if (!is_pae_paging(vcpu))
> > +		kvm_mmu_update_root(vcpu);
> > +
> >  	/* Do not call post_set_cr3, we do not get here for confidential guests.  */
> > 
> > An alternative is to move the vcpu->arch.cr3 update in load_pdptrs.
> > Reviewers, let me know if you prefer that, then I'll send v3.
> 
>   c) None of the above.
> 
> MOV CR3 never requires a new root if TDP is enabled, and the guest_mmu is used if
> and only if TDP is enabled.  Even when KVM intercepts CR3 when EPT=1 && URG=0, it
> does so only to snapshot vcpu->arch.cr3, there's no need to get a new PGD.
> 
> Unless I'm missing something, your original suggestion of checking tdp_enabled is
> the way to go.
> 
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 6e0f7f22c6a7..2b02029c63d0 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -1187,7 +1187,7 @@ int kvm_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3)
>         if (is_pae_paging(vcpu) && !load_pdptrs(vcpu, cr3))
>                 return 1;
> 
> -       if (cr3 != kvm_read_cr3(vcpu))
> +       if (!tdp_enabled && cr3 != kvm_read_cr3(vcpu))
>                 kvm_mmu_new_pgd(vcpu, cr3);
> 
>         vcpu->arch.cr3 = cr3;
> 
> 

Is this actually related to the discussion? The original issue that Paolo found in his patch
was that kvm_mmu_update_root now reads _current_ cr3, thus it has to be set before calling it.

I do agree that kvm_set_cr3 doesn't need to do anything when TDP is enabled, this is a different
issue which doesn't cause much harm (the fast_pgd_switch with direct roots will reuse current root),
but still would raise KVM_REQ_LOAD_MMU_PGD without need for it and such.

About the patch itself, other than this mentioned issue, it looks fine to me.

Best regards,
	Maxim Levitsky