From: "Nikunj A. Dadhania" <nikunj@amd.com>
To: "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
Cc: Sean Christopherson <seanjc@google.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
Brijesh Singh <brijesh.singh@amd.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Peter Gonda <pgonda@google.com>, Bharata B Rao <bharata@amd.com>,
Mingwei Zhang <mizhang@google.com>,
David Hildenbrand <david@redhat.com>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [PATCH RFC v1 9/9] KVM: SVM: Pin SEV pages in MMU during sev_launch_update_data()
Date: Wed, 9 Mar 2022 23:17:40 +0530 [thread overview]
Message-ID: <952b68c0-6316-f8fe-16a6-80b85f4d9744@amd.com> (raw)
In-Reply-To: <421f4fba-3e1c-b676-d74c-02c6c3f804d2@maciej.szmigiero.name>
On 3/9/2022 10:27 PM, Maciej S. Szmigiero wrote:
> On 8.03.2022 05:38, Nikunj A Dadhania wrote:
>> From: Sean Christopherson <sean.j.christopherson@intel.com>
>>
>> Pin the memory for the data being passed to launch_update_data()
>> because it gets encrypted before the guest is first run and must
>> not be moved which would corrupt it.
>>
>> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
>> [ * Use kvm_for_each_memslot_in_hva_range() to find slot and iterate
>> * Updated sev_pin_memory_in_mmu() error handling.
>> * As pinning/unpining pages is handled within MMU, removed
>> {get,put}_user(). ]
>> Signed-off-by: Nikunj A Dadhania <nikunj@amd.com>
>> ---
>> arch/x86/kvm/svm/sev.c | 146 +++++++++++++++++++++++++++++++++++++----
>> 1 file changed, 134 insertions(+), 12 deletions(-)
>>
>> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
>> index 7e39320fc65d..1c371268934b 100644
>> --- a/arch/x86/kvm/svm/sev.c
>> +++ b/arch/x86/kvm/svm/sev.c
>> @@ -22,6 +22,7 @@
>> #include <asm/trapnr.h>
>> #include <asm/fpu/xcr.h>
>> +#include "mmu.h"
>> #include "x86.h"
>> #include "svm.h"
>> #include "svm_ops.h"
>> @@ -428,9 +429,93 @@ static void *sev_alloc_pages(struct kvm_sev_info *sev, unsigned long uaddr,
>> return pages;
>> }
>> +#define SEV_PFERR_RO (PFERR_USER_MASK)
>> +#define SEV_PFERR_RW (PFERR_WRITE_MASK | PFERR_USER_MASK)
>> +
>> +static struct page **sev_pin_memory_in_mmu(struct kvm *kvm, unsigned long addr,
>> + unsigned long size,
>> + unsigned long *npages)
>> +{
>> + unsigned long hva_start, hva_end, uaddr, end, slot_start, slot_end;
>> + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info;
>> + struct interval_tree_node *node;
>> + struct kvm_memory_slot *slot;
>> + struct kvm_memslots *slots;
>> + int idx, ret = 0, i = 0;
>> + struct kvm_vcpu *vcpu;
>> + struct page **pages;
>> + kvm_pfn_t pfn;
>> + u32 err_code;
>> + gfn_t gfn;
>> +
>> + pages = sev_alloc_pages(sev, addr, size, npages);
>> + if (IS_ERR(pages))
>> + return pages;
>> +
>> + vcpu = kvm_get_vcpu(kvm, 0);
>> + if (mutex_lock_killable(&vcpu->mutex)) {
>> + kvfree(pages);
>> + return ERR_PTR(-EINTR);
>> + }
>> +
>> + vcpu_load(vcpu);
>> + idx = srcu_read_lock(&kvm->srcu);
>> +
>> + kvm_mmu_load(vcpu);
>> +
>> + end = addr + (*npages << PAGE_SHIFT);
>> + slots = kvm_memslots(kvm);
>> +
>> + kvm_for_each_memslot_in_hva_range(node, slots, addr, end) {
>> + slot = container_of(node, struct kvm_memory_slot,
>> + hva_node[slots->node_idx]);
>> + slot_start = slot->userspace_addr;
>> + slot_end = slot_start + (slot->npages << PAGE_SHIFT);
>> + hva_start = max(addr, slot_start);
>> + hva_end = min(end, slot_end);
>> +
>> + err_code = (slot->flags & KVM_MEM_READONLY) ?
>> + SEV_PFERR_RO : SEV_PFERR_RW;
>> +
>> + for (uaddr = hva_start; uaddr < hva_end; uaddr += PAGE_SIZE) {
>> + if (signal_pending(current)) {
>> + ret = -ERESTARTSYS;
>> + break;
>> + }
>> +
>> + if (need_resched())
>> + cond_resched();
>> +
>> + /*
>> + * Fault in the page and sev_pin_page() will handle the
>> + * pinning
>> + */
>> + gfn = hva_to_gfn_memslot(uaddr, slot);
>> + pfn = kvm_mmu_map_tdp_page(vcpu, gfn_to_gpa(gfn),
>> + err_code, PG_LEVEL_4K);
>> + if (is_error_noslot_pfn(pfn)) {
>> + ret = -EFAULT;
>> + break;
>> + }
>> + pages[i++] = pfn_to_page(pfn);
>> + }
>> + }
>
> This algorithm looks much better than the previews one - thanks!
Thanks for your feedback earlier.
> By the way, as far as I know, there could be duplicates in the "page" array
> above since the same hva can be mapped to multiple gfns (in different memslots).
> Is the code prepared to deal with this possibility?
Yes, as the pinning is done with pfn as index, it can get pinned multiple times. During
memslot destroy path they would get unpinned.
Regards
Nikunj
next prev parent reply other threads:[~2022-03-09 17:48 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-08 4:38 [PATCH RFC v1 0/9] KVM: SVM: Defer page pinning for SEV guests Nikunj A Dadhania
2022-03-08 4:38 ` [PATCH RFC v1 1/9] KVM: Introduce pinning flag to hva_to_pfn* Nikunj A Dadhania
2022-03-08 4:38 ` [PATCH RFC v1 2/9] KVM: x86/mmu: Move hugepage adjust to direct_page_fault Nikunj A Dadhania
2022-03-28 21:04 ` Sean Christopherson
2022-03-08 4:38 ` [PATCH RFC v1 3/9] KVM: x86/mmu: Add hook to pin PFNs on demand in MMU Nikunj A Dadhania
2022-03-08 4:38 ` [PATCH RFC v1 4/9] KVM: SVM: Add pinning metadata in the arch memslot Nikunj A Dadhania
2022-03-08 4:38 ` [PATCH RFC v1 5/9] KVM: SVM: Implement demand page pinning Nikunj A Dadhania
2022-03-08 21:53 ` Mingwei Zhang
2022-03-09 5:10 ` Nikunj A. Dadhania
2022-03-21 6:11 ` Mingwei Zhang
2022-03-21 9:19 ` Nikunj A. Dadhania
2022-03-08 4:38 ` [PATCH RFC v1 6/9] KVM: x86/mmu: Introduce kvm_mmu_map_tdp_page() for use by SEV/TDX Nikunj A Dadhania
2022-03-08 4:38 ` [PATCH RFC v1 7/9] KVM: SEV: Carve out routine for allocation of pages Nikunj A Dadhania
2022-03-08 4:38 ` [PATCH RFC v1 8/9] KVM: Move kvm_for_each_memslot_in_hva_range() to be used in SVM Nikunj A Dadhania
2022-03-08 4:38 ` [PATCH RFC v1 9/9] KVM: SVM: Pin SEV pages in MMU during sev_launch_update_data() Nikunj A Dadhania
2022-03-09 16:57 ` Maciej S. Szmigiero
2022-03-09 17:47 ` Nikunj A. Dadhania [this message]
2022-03-28 21:00 ` [PATCH RFC v1 0/9] KVM: SVM: Defer page pinning for SEV guests Sean Christopherson
2022-03-30 4:42 ` Nikunj A. Dadhania
2022-03-30 19:47 ` Sean Christopherson
2022-03-31 4:48 ` Nikunj A. Dadhania
2022-03-31 18:32 ` Peter Gonda
2022-03-31 19:00 ` Sean Christopherson
2022-04-01 3:22 ` Nikunj A. Dadhania
2022-04-01 14:54 ` Sean Christopherson
2022-04-01 15:39 ` Nikunj A. Dadhania
2022-04-01 17:28 ` Marc Orr
2022-04-01 18:02 ` Sean Christopherson
2022-04-01 18:19 ` Marc Orr
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=952b68c0-6316-f8fe-16a6-80b85f4d9744@amd.com \
--to=nikunj@amd.com \
--cc=bharata@amd.com \
--cc=brijesh.singh@amd.com \
--cc=david@redhat.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mail@maciej.szmigiero.name \
--cc=mizhang@google.com \
--cc=pbonzini@redhat.com \
--cc=pgonda@google.com \
--cc=seanjc@google.com \
--cc=thomas.lendacky@amd.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.