From: Chao Peng <chao.p.peng@linux.intel.com>
To: Vishal Annapurve <vannapurve@google.com>
Cc: x86@kernel.org, kvm@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org,
pbonzini@redhat.com, vkuznets@redhat.com, wanpengli@tencent.com,
jmattson@google.com, joro@8bytes.org, tglx@linutronix.de,
mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com,
hpa@zytor.com, shuah@kernel.org, yang.zhong@intel.com,
ricarkol@google.com, aaronlewis@google.com, wei.w.wang@intel.com,
kirill.shutemov@linux.intel.com, corbet@lwn.net,
hughd@google.com, jlayton@kernel.org, bfields@fieldses.org,
akpm@linux-foundation.org, yu.c.zhang@linux.intel.com,
jun.nakajima@intel.com, dave.hansen@intel.com,
michael.roth@amd.com, qperret@google.com, steven.price@arm.com,
ak@linux.intel.com, david@redhat.com, luto@kernel.org,
vbabka@suse.cz, marcorr@google.com, erdemaktas@google.com,
pgonda@google.com, nikunj@amd.com, seanjc@google.com,
diviness@google.com, maz@kernel.org, dmatlack@google.com,
axelrasmussen@google.com, maciej.szmigiero@oracle.com,
mizhang@google.com, bgardon@google.com, ackerleytng@google.com
Subject: Re: [V1 PATCH 1/6] KVM: x86: Add support for testing private memory
Date: Tue, 22 Nov 2022 18:07:05 +0800 [thread overview]
Message-ID: <20221122100705.GA619277@chaop.bj.intel.com> (raw)
In-Reply-To: <20221111014244.1714148-2-vannapurve@google.com>
On Fri, Nov 11, 2022 at 01:42:39AM +0000, Vishal Annapurve wrote:
> Introduce HAVE_KVM_PRIVATE_MEM_TESTING config to be able to test fd based
> approach to support private memory with non-confidential selftest VMs.
> To support this testing few important aspects need to be considered from
> the perspective of selftests -
> * KVM needs to know whether the access from guest VM is private or shared.
> Confidential VMs (SNP/TDX) carry a dedicated bit in gpa that can be used by
> KVM to deduce the nature of the access.
> Non-confidential VMs don't have mechanism to carry/convey such an
> information to KVM. So KVM just relies on what attributes are set by
> userspace VMM keeping the userspace VMM in the TCB for the testing
> purposes.
> * arch_private_mem_supported is updated to allow private memory logic to
> work with non-confidential vm selftests.
>
> Signed-off-by: Vishal Annapurve <vannapurve@google.com>
> ---
> arch/x86/kvm/mmu/mmu.c | 4 ++++
> arch/x86/kvm/mmu/mmu_internal.h | 4 +++-
> virt/kvm/Kconfig | 4 ++++
> virt/kvm/kvm_main.c | 2 +-
> 4 files changed, 12 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
> index 10017a9f26ee..b3118d00b284 100644
> --- a/arch/x86/kvm/mmu/mmu.c
> +++ b/arch/x86/kvm/mmu/mmu.c
> @@ -4280,6 +4280,10 @@ static int direct_page_fault(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault
>
> fault->gfn = fault->addr >> PAGE_SHIFT;
> fault->slot = kvm_vcpu_gfn_to_memslot(vcpu, fault->gfn);
> +#ifdef CONFIG_HAVE_KVM_PRIVATE_MEM_TESTING
> + fault->is_private = kvm_slot_can_be_private(fault->slot) &&
> + kvm_mem_is_private(vcpu->kvm, fault->gfn);
> +#endif
>
> if (page_fault_handle_page_track(vcpu, fault))
> return RET_PF_EMULATE;
> diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h
> index 5cdff5ca546c..2e759f39c2c5 100644
> --- a/arch/x86/kvm/mmu/mmu_internal.h
> +++ b/arch/x86/kvm/mmu/mmu_internal.h
> @@ -188,7 +188,6 @@ struct kvm_page_fault {
>
> /* Derived from mmu and global state. */
> const bool is_tdp;
> - const bool is_private;
> const bool nx_huge_page_workaround_enabled;
>
> /*
> @@ -221,6 +220,9 @@ struct kvm_page_fault {
> /* The memslot containing gfn. May be NULL. */
> struct kvm_memory_slot *slot;
>
> + /* Derived from encryption bits of the faulting GPA for CVMs. */
> + bool is_private;
Either we can wrap it with the CONFIG_HAVE_KVM_PRIVATE_MEM_TESTING or if
it looks ugly I can remove the "const" in my code.
Chao
> +
> /* Outputs of kvm_faultin_pfn. */
> kvm_pfn_t pfn;
> hva_t hva;
> diff --git a/virt/kvm/Kconfig b/virt/kvm/Kconfig
> index 69ca59e82149..300876afb0ca 100644
> --- a/virt/kvm/Kconfig
> +++ b/virt/kvm/Kconfig
> @@ -93,3 +93,7 @@ config HAVE_KVM_RESTRICTED_MEM
> config KVM_GENERIC_PRIVATE_MEM
> bool
> depends on HAVE_KVM_RESTRICTED_MEM
> +
> +config HAVE_KVM_PRIVATE_MEM_TESTING
> + bool
> + depends on KVM_GENERIC_PRIVATE_MEM
> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> index dae6a2c196ad..54e57b7f1c15 100644
> --- a/virt/kvm/kvm_main.c
> +++ b/virt/kvm/kvm_main.c
> @@ -1750,7 +1750,7 @@ static void kvm_replace_memslot(struct kvm *kvm,
>
> bool __weak kvm_arch_has_private_mem(struct kvm *kvm)
> {
> - return false;
> + return IS_ENABLED(CONFIG_HAVE_KVM_PRIVATE_MEM_TESTING);
> }
>
> static int check_memory_region_flags(struct kvm *kvm,
> --
> 2.38.1.431.g37b22c650d-goog
next prev parent reply other threads:[~2022-11-22 10:12 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-11 1:42 [V1 PATCH 0/6] selftests: KVM: selftests for fd-based private memory Vishal Annapurve
2022-11-11 1:42 ` [V1 PATCH 1/6] KVM: x86: Add support for testing " Vishal Annapurve
2022-11-22 10:07 ` Chao Peng [this message]
2022-11-22 20:06 ` Sean Christopherson
2022-11-24 1:49 ` Marc Orr
2022-11-28 16:21 ` Sean Christopherson
2022-11-24 13:17 ` Chao Peng
2022-12-02 0:26 ` Michael Roth
2022-11-11 1:42 ` [V1 PATCH 2/6] KVM: Selftests: Add support for " Vishal Annapurve
2022-11-11 1:42 ` [V1 PATCH 3/6] KVM: selftests: x86: Add IS_ALIGNED/IS_PAGE_ALIGNED helpers Vishal Annapurve
2022-11-11 1:42 ` [V1 PATCH 4/6] KVM: selftests: x86: Execute VMs with private memory Vishal Annapurve
2022-11-14 19:37 ` Peter Gonda
2022-11-15 1:53 ` Vishal Annapurve
2022-12-08 21:56 ` Vishal Annapurve
2022-11-11 1:42 ` [V1 PATCH 5/6] KVM: selftests: Add get_free_huge_2m_pages Vishal Annapurve
2022-11-11 1:42 ` [V1 PATCH 6/6] KVM: selftests: x86: Add selftest for private memory Vishal Annapurve
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221122100705.GA619277@chaop.bj.intel.com \
--to=chao.p.peng@linux.intel.com \
--cc=aaronlewis@google.com \
--cc=ackerleytng@google.com \
--cc=ak@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=axelrasmussen@google.com \
--cc=bfields@fieldses.org \
--cc=bgardon@google.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=david@redhat.com \
--cc=diviness@google.com \
--cc=dmatlack@google.com \
--cc=erdemaktas@google.com \
--cc=hpa@zytor.com \
--cc=hughd@google.com \
--cc=jlayton@kernel.org \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=jun.nakajima@intel.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=luto@kernel.org \
--cc=maciej.szmigiero@oracle.com \
--cc=marcorr@google.com \
--cc=maz@kernel.org \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=mizhang@google.com \
--cc=nikunj@amd.com \
--cc=pbonzini@redhat.com \
--cc=pgonda@google.com \
--cc=qperret@google.com \
--cc=ricarkol@google.com \
--cc=seanjc@google.com \
--cc=shuah@kernel.org \
--cc=steven.price@arm.com \
--cc=tglx@linutronix.de \
--cc=vannapurve@google.com \
--cc=vbabka@suse.cz \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=wei.w.wang@intel.com \
--cc=x86@kernel.org \
--cc=yang.zhong@intel.com \
--cc=yu.c.zhang@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.