From: "Radim Krčmář" <rkrcmar@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, david@redhat.com
Subject: Re: [PATCH 4/6] kvm: nVMX: support EPT accessed/dirty bits
Date: Fri, 31 Mar 2017 18:24:32 +0200 [thread overview]
Message-ID: <20170331162431.GF6019@potion> (raw)
In-Reply-To: <1490867732-16743-5-git-send-email-pbonzini@redhat.com>
2017-03-30 11:55+0200, Paolo Bonzini:
> Now use bit 6 of EPTP to optionally enable A/D bits for EPTP. Another
> thing to change is that, when EPT accessed and dirty bits are not in use,
> VMX treats accesses to guest paging structures as data reads. When they
> are in use (bit 6 of EPTP is set), they are treated as writes and the
> corresponding EPT dirty bit is set. The MMU didn't know this detail,
> so this patch adds it.
>
> We also have to fix up the exit qualification. It may be wrong because
> KVM sets bit 6 but the guest might not.
>
> L1 emulates EPT A/D bits using write permissions, so in principle it may
> be possible for EPT A/D bits to be used by L1 even though not available
> in hardware. The problem is that guest page-table walks will be treated
> as reads rather than writes, so they would not cause an EPT violation.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> diff --git a/arch/x86/kvm/paging_tmpl.h b/arch/x86/kvm/paging_tmpl.h
> @@ -319,6 +310,14 @@ static int FNAME(walk_addr_generic)(struct guest_walker *walker,
> ASSERT(!(is_long_mode(vcpu) && !is_pae(vcpu)));
>
> accessed_dirty = have_ad ? PT_GUEST_ACCESSED_MASK : 0;
> +
> + /*
> + * FIXME: on Intel processors, loads of the PDPTE registers for PAE paging
> + * by the MOV to CR instruction are treated as reads and do not cause the
> + * processor to set the dirty flag in tany EPT paging-structure entry.
^
typo
> + */
> + nested_access = (have_ad ? PFERR_WRITE_MASK : 0) | PFERR_USER_MASK;
> +
This special case should be fairly safe if I understand the consequences
correctly,
Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> @@ -6211,6 +6213,18 @@ static int handle_ept_violation(struct kvm_vcpu *vcpu)
> + if (is_guest_mode(vcpu)
> + && !(exit_qualification & EPT_VIOLATION_GVA_TRANSLATED)) {
> + /*
> + * Fix up exit_qualification according to whether guest
> + * page table accesses are reads or writes.
> + */
> + u64 eptp = nested_ept_get_cr3(vcpu);
> + exit_qualification &= ~EPT_VIOLATION_ACC_WRITE;
> + if (eptp & VMX_EPT_AD_ENABLE_BIT)
> + exit_qualification |= EPT_VIOLATION_ACC_WRITE;
I think this would be better without unconditional clearing
if (!(eptp & VMX_EPT_AD_ENABLE_BIT))
exit_qualification &= ~EPT_VIOLATION_ACC_WRITE;
next prev parent reply other threads:[~2017-03-31 16:24 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-30 9:55 [PATCH v2 0/6] KVM: nVMX: nested EPT improvements and A/D bits, RDRAND and RDSEED exits Paolo Bonzini
2017-03-30 9:55 ` [PATCH 1/6] KVM: nVMX: we support 1GB EPT pages Paolo Bonzini
2017-03-30 9:55 ` [PATCH 2/6] KVM: VMX: remove bogus check for invalid EPT violation Paolo Bonzini
2017-03-30 16:30 ` Jim Mattson
2017-04-03 11:17 ` David Hildenbrand
2017-04-12 20:00 ` David Hildenbrand
2017-03-30 9:55 ` [PATCH 3/6] kvm: x86: MMU support for EPT accessed/dirty bits Paolo Bonzini
2017-03-31 13:52 ` Radim Krčmář
2017-03-30 9:55 ` [PATCH 4/6] kvm: nVMX: support " Paolo Bonzini
2017-03-31 16:24 ` Radim Krčmář [this message]
2017-03-31 16:26 ` Paolo Bonzini
2017-04-11 23:35 ` Bandan Das
2017-04-11 23:54 ` Paolo Bonzini
2017-04-12 23:02 ` Bandan Das
2017-04-14 5:17 ` Paolo Bonzini
2017-03-30 9:55 ` [PATCH 5/6] KVM: VMX: add missing exit reasons Paolo Bonzini
2017-03-30 9:55 ` [PATCH 6/6] KVM: nVMX: support RDRAND and RDSEED exiting Paolo Bonzini
2017-03-30 16:54 ` Jim Mattson
2017-03-31 11:13 ` [PATCH v2 0/6] KVM: nVMX: nested EPT improvements and A/D bits, RDRAND and RDSEED exits Paolo Bonzini
-- strict thread matches above, loose matches on Subject: below --
2017-03-08 18:03 [PATCH " Paolo Bonzini
2017-03-08 18:03 ` [PATCH 4/6] kvm: nVMX: support EPT accessed/dirty bits Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170331162431.GF6019@potion \
--to=rkrcmar@redhat.com \
--cc=david@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.