From: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, Sean Christopherson <seanjc@google.com>
Subject: [kvm-unit-tests PATCH 00/39] x86/access: nVMX: Big overhaul
Date: Thu, 25 Nov 2021 01:28:18 +0000 [thread overview]
Message-ID: <20211125012857.508243-1-seanjc@google.com> (raw)
This started out as a very simple test (patch 39/39) to expose a KVM bug
where KVM doesn't sync a shadow MMU on a vmcs12->vpid change. Except the
test didn't fail. And it turns out, completely removing INVLPG from the
base access test doesn't fail when using shadow paging either.
The underlying problem in both cases is that the access test is flat out
stupid when it comes to handling page tables. Instead of allocating page
tables once and manipulating them on each iteration, it "allocates" a new
paging structure when necessary on every. single. iteration. In addition
to being incredibly inefficient (allocation also zeros the entire 4kb page,
so the test zeros absurd amounts of memory), writing upper level PTEs on
every iteration triggers write-protection mechanisms in KVM. In effect,
KVM ends up synchronizing the relevant SPTEs on every iteration, which
again is ridiculously slow and makes it all but impossible to actually
test that KVM handles other TLB invalidation scenarios.
Trying to solve that mess by pre-allocating the page tables exposed a
whole pile of 5-level paging issues. I'd say the test's 5-level support
is held together by duct tape, but I've fixed many things with duct tape
that are far less fragile.
The second half of this series is cleanups in the nVMX code to prepare
for adding the (INV)VPID variants. Not directly related to the access
tests, but it annoyed me to no end that simply checking if INVVPID is
supported was non-trivial.
Sean Christopherson (39):
x86/access: Add proper defines for hardcoded addresses
x86/access: Cache CR3 to improve performance
x86/access: Use do-while loop for what is obviously a do-while loop
x86/access: Stop pretending the test is SMP friendly
x86/access: Refactor so called "page table pool" logic
x86/access: Stash root page table level in test environment
x86/access: Hoist page table allocator helpers above "init" helper
x86/access: Rename variables in page table walkers
x86/access: Abort if page table insertion hits an unexpected level
x86/access: Make SMEP place nice with 5-level paging
x86/access: Use upper half of virtual address space
x86/access: Print the index when dumping PTEs
x86/access: Pre-allocate all page tables at (sub)test init
x86/access: Don't write page tables if desired PTE is same as current
PTE
x86/access: Preserve A/D bits when writing paging structure entries
x86/access: Make toggling of PRESENT bit a "higher order" action
x86/access: Manually override PMD in effective permissions sub-test
x86/access: Remove manual override of PUD/PMD in prefetch sub-test
x86/access: Remove PMD/PT target overrides
x86/access: Remove timeout overrides now that performance doesn't suck
nVMX: Skip EPT tests if INVEPT(SINGLE_CONTEXT) is unsupported
nVMX: Hoist assert macros to the top of vmx.h
nVMX: Add a non-reporting assertion macro
nVMX: Assert success in unchecked INVEPT/INVVPID helpers
nVMX: Drop less-than-useless ept_sync() wrapper
nVMX: Move EPT capability check helpers to vmx.h
nVMX: Drop unused and useless vpid_sync() helper
nVMX: Remove "v1" version of INVVPID test
nVMX: Add helper to check if INVVPID type is supported
nVMX: Add helper to check if INVVPID is supported
nVMX: Add helper to get first supported INVVPID type
nVMX: Use helper to check for EPT A/D support
nVMX: Add helpers to check for 4/5-level EPT support
nVMX: Fix name of macro defining EPT execute only capability
nVMX: Add helper to check if a memtype is supported for EPT structures
nVMX: Get rid of horribly named "ctrl" boolean in test_ept_eptp()
nVMX: Rename awful "ctrl" booleans to "is_ctrl_valid"
nVMX: Add helper to check if VPID is supported
x86/access: nVMX: Add "access" test variants to invalidate via
(INV)VPID
x86/access.c | 391 ++++++++++++++++++++++++++++------------------
x86/unittests.cfg | 10 +-
x86/vmx.c | 71 +--------
x86/vmx.h | 229 ++++++++++++++++++---------
x86/vmx_tests.c | 327 +++++++++++++++++---------------------
5 files changed, 543 insertions(+), 485 deletions(-)
--
2.34.0.rc2.393.gf8c9666880-goog
next reply other threads:[~2021-11-25 1:57 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-25 1:28 Sean Christopherson [this message]
2021-11-25 1:28 ` [kvm-unit-tests PATCH 01/39] x86/access: Add proper defines for hardcoded addresses Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 02/39] x86/access: Cache CR3 to improve performance Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 03/39] x86/access: Use do-while loop for what is obviously a do-while loop Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 04/39] x86/access: Stop pretending the test is SMP friendly Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 05/39] x86/access: Refactor so called "page table pool" logic Sean Christopherson
2021-11-26 18:03 ` Paolo Bonzini
2021-11-25 1:28 ` [kvm-unit-tests PATCH 06/39] x86/access: Stash root page table level in test environment Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 07/39] x86/access: Hoist page table allocator helpers above "init" helper Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 08/39] x86/access: Rename variables in page table walkers Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 09/39] x86/access: Abort if page table insertion hits an unexpected level Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 10/39] x86/access: Make SMEP place nice with 5-level paging Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 11/39] x86/access: Use upper half of virtual address space Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 12/39] x86/access: Print the index when dumping PTEs Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 13/39] x86/access: Pre-allocate all page tables at (sub)test init Sean Christopherson
2021-11-26 18:15 ` Paolo Bonzini
2021-11-25 1:28 ` [kvm-unit-tests PATCH 14/39] x86/access: Don't write page tables if desired PTE is same as current PTE Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 15/39] x86/access: Preserve A/D bits when writing paging structure entries Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 16/39] x86/access: Make toggling of PRESENT bit a "higher order" action Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 17/39] x86/access: Manually override PMD in effective permissions sub-test Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 18/39] x86/access: Remove manual override of PUD/PMD in prefetch sub-test Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 19/39] x86/access: Remove PMD/PT target overrides Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 20/39] x86/access: Remove timeout overrides now that performance doesn't suck Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 21/39] nVMX: Skip EPT tests if INVEPT(SINGLE_CONTEXT) is unsupported Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 22/39] nVMX: Hoist assert macros to the top of vmx.h Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 23/39] nVMX: Add a non-reporting assertion macro Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 24/39] nVMX: Assert success in unchecked INVEPT/INVVPID helpers Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 25/39] nVMX: Drop less-than-useless ept_sync() wrapper Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 26/39] nVMX: Move EPT capability check helpers to vmx.h Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 27/39] nVMX: Drop unused and useless vpid_sync() helper Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 28/39] nVMX: Remove "v1" version of INVVPID test Sean Christopherson
2021-11-26 18:28 ` Paolo Bonzini
2021-11-25 1:28 ` [kvm-unit-tests PATCH 29/39] nVMX: Add helper to check if INVVPID type is supported Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 30/39] nVMX: Add helper to check if INVVPID " Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 31/39] nVMX: Add helper to get first supported INVVPID type Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 32/39] nVMX: Use helper to check for EPT A/D support Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 33/39] nVMX: Add helpers to check for 4/5-level EPT support Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 34/39] nVMX: Fix name of macro defining EPT execute only capability Sean Christopherson
2021-11-26 18:31 ` Paolo Bonzini
2021-11-25 1:28 ` [kvm-unit-tests PATCH 35/39] nVMX: Add helper to check if a memtype is supported for EPT structures Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 36/39] nVMX: Get rid of horribly named "ctrl" boolean in test_ept_eptp() Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 37/39] nVMX: Rename awful "ctrl" booleans to "is_ctrl_valid" Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 38/39] nVMX: Add helper to check if VPID is supported Sean Christopherson
2021-11-25 1:28 ` [kvm-unit-tests PATCH 39/39] x86/access: nVMX: Add "access" test variants to invalidate via (INV)VPID Sean Christopherson
2021-11-26 18:43 ` [kvm-unit-tests PATCH 00/39] x86/access: nVMX: Big overhaul Paolo Bonzini
2021-11-29 19:04 ` Sean Christopherson
2021-11-29 19:15 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211125012857.508243-1-seanjc@google.com \
--to=seanjc@google.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).