From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 63546C4332F for ; Fri, 18 Nov 2022 13:29:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242040AbiKRN27 (ORCPT ); Fri, 18 Nov 2022 08:28:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49730 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241935AbiKRN2q (ORCPT ); Fri, 18 Nov 2022 08:28:46 -0500 Received: from mail-wr1-x429.google.com (mail-wr1-x429.google.com [IPv6:2a00:1450:4864:20::429]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 39C846DCF9 for ; Fri, 18 Nov 2022 05:28:43 -0800 (PST) Received: by mail-wr1-x429.google.com with SMTP id y16so9218183wrt.12 for ; Fri, 18 Nov 2022 05:28:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=content-transfer-encoding:mime-version:message-id:in-reply-to:date :subject:cc:to:from:user-agent:references:from:to:cc:subject:date :message-id:reply-to; bh=jFuAN0qalS8PXGclZBpJGpqKwSse98B1zaIXuj/qhsM=; b=X/gqqsl/WLpKtb9vOD4WiP4Oi7fWHjwjntx8mX7OxhsG5wzq+ZEu37/nMAgR/K0NTa w3qxyDj/5ysz05YJVpUs55kmmloX1IkC2zB1+/KzU94RHSvVV8QJIGUQUlri/5EUyK2r mGh3S7znVf5hxcm2FIq10hXZNhSXHhkk0XSUejjdU6tvjBJaDulCkhJ1yHJ5qUwTLhSd MoeZaDkThsztpF4G73yNPcJGkFAhdKPv1GGINAnUYMuW1RHIMFNHAh629fNId0Ygj6h4 QlGc8/i2b3sseFW3mxLr72CnhypCMQDx+K68Ypw8eLM56TGZBoLoX2zeC77yyHo3GfeR z9tg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:in-reply-to:date :subject:cc:to:from:user-agent:references:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=jFuAN0qalS8PXGclZBpJGpqKwSse98B1zaIXuj/qhsM=; b=0/9pzSffJYu7Kitk71BYxGSJWCTU7F63fdGVhIvtL8k0HtgYoQ+s9HSYdy3cFEuFh5 BOd7FG5BoRr/Ct+1pYgL5deklfQUHOSme/g0oYp5hEKRhNAWWWLKSDPd0t1NxN2+lx1B v+AiOEw6YWDP3bc7srKvdeVvOXsJbZq+Br1s2LkPwOWk8HeG8/u5Pi0RhHohQzC1fnuq kbLdKjhHl2CaErRd40DEXivRdpMJExD9mtrwg91aSRt8d+baKtuW82uUW7dPgqQmsREr QY3u67BPVPsvWa+/NkhLJIRwXNvWsJeBNBL6M2/rnMY0h5I2SNkLEtCw6k0AQlUmu288 pLfw== X-Gm-Message-State: ANoB5plGUvbYbZXl/KKm/Z2jdx1ORCa1d8IftyxDv7211kCMxO24obaS Ey6/AqokAzckrlf1QGFKne5FWw== X-Google-Smtp-Source: AA0mqf6tYbIf5kiwBxBEeJpBK3Zoi0R3hbVIR4uxKZjI5EAk4XwJowCkhnyQfuyrbXxeKsj5OY9J7w== X-Received: by 2002:adf:aa91:0:b0:241:b2b2:a71d with SMTP id h17-20020adfaa91000000b00241b2b2a71dmr4389646wrc.326.1668778121454; Fri, 18 Nov 2022 05:28:41 -0800 (PST) Received: from zen.linaroharston ([185.81.254.11]) by smtp.gmail.com with ESMTPSA id y10-20020adfe6ca000000b00236860e7e9esm3459102wrm.98.2022.11.18.05.28.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 18 Nov 2022 05:28:40 -0800 (PST) Received: from zen (localhost [127.0.0.1]) by zen.linaroharston (Postfix) with ESMTP id 11C631FFB7; Fri, 18 Nov 2022 13:28:40 +0000 (GMT) References: <20221025151344.3784230-1-chao.p.peng@linux.intel.com> <20221025151344.3784230-4-chao.p.peng@linux.intel.com> <87cz9o9mr8.fsf@linaro.org> <20221116031441.GA364614@chaop.bj.intel.com> <87mt8q90rw.fsf@linaro.org> <20221117134520.GD422408@chaop.bj.intel.com> <87a64p8vof.fsf@linaro.org> <20221118013201.GA456562@chaop.bj.intel.com> User-agent: mu4e 1.9.2; emacs 28.2.50 From: Alex =?utf-8?Q?Benn=C3=A9e?= To: Chao Peng Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, linux-doc@vger.kernel.org, qemu-devel@nongnu.org, Paolo Bonzini , Jonathan Corbet , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, "H . Peter Anvin" , Hugh Dickins , Jeff Layton , "J . Bruce Fields" , Andrew Morton , Shuah Khan , Mike Rapoport , Steven Price , "Maciej S . Szmigiero" , Vlastimil Babka , Vishal Annapurve , Yu Zhang , "Kirill A . Shutemov" , luto@kernel.org, jun.nakajima@intel.com, dave.hansen@intel.com, ak@linux.intel.com, david@redhat.com, aarcange@redhat.com, ddutile@redhat.com, dhildenb@redhat.com, Quentin Perret , tabba@google.com, Michael Roth , mhocko@suse.com, Muchun Song , wei.w.wang@intel.com Subject: Re: [PATCH v9 3/8] KVM: Add KVM_EXIT_MEMORY_FAULT exit Date: Fri, 18 Nov 2022 13:23:51 +0000 In-reply-to: <20221118013201.GA456562@chaop.bj.intel.com> Message-ID: <87o7t475o7.fsf@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-api@vger.kernel.org Chao Peng writes: > On Thu, Nov 17, 2022 at 03:08:17PM +0000, Alex Benn=C3=A9e wrote: >>=20 >> >> >> > + >> >> >> > + /* KVM_EXIT_MEMORY_FAULT */ >> >> >> > + struct { >> >> >> > + #define KVM_MEMORY_EXIT_FLAG_PRIVATE (1 << 0) >> >> >> > + __u32 flags; >> >> >> > + __u32 padding; >> >> >> > + __u64 gpa; >> >> >> > + __u64 size; >> >> >> > + } memory; >> >> >> > + >> >> >> > +If exit reason is KVM_EXIT_MEMORY_FAULT then it indicates that = the VCPU has >> >> >> > +encountered a memory error which is not handled by KVM kernel m= odule and >> >> >> > +userspace may choose to handle it. The 'flags' field indicates = the memory >> >> >> > +properties of the exit. >> >> >> > + >> >> >> > + - KVM_MEMORY_EXIT_FLAG_PRIVATE - indicates the memory error is= caused by >> >> >> > + private memory access when the bit is set. Otherwise the mem= ory error is >> >> >> > + caused by shared memory access when the bit is clear. >> >> >>=20 >> >> >> What does a shared memory access failure entail? >> >> > >> >> > In the context of confidential computing usages, guest can issue a >> >> > shared memory access while the memory is actually private from the = host >> >> > point of view. This exit with bit 0 cleared gives userspace a chanc= e to >> >> > convert the private memory to shared memory on host. >> >>=20 >> >> I think this should be explicit rather than implied by the absence of >> >> another flag. Sean suggested you might want flags for RWX failures so >> >> maybe something like: >> >>=20 >> >> KVM_MEMORY_EXIT_SHARED_FLAG_READ (1 << 0) >> >> KVM_MEMORY_EXIT_SHARED_FLAG_WRITE (1 << 1) >> >> KVM_MEMORY_EXIT_SHARED_FLAG_EXECUTE (1 << 2) >> >> KVM_MEMORY_EXIT_FLAG_PRIVATE (1 << 3) >> > >> > Yes, but I would not add 'SHARED' to RWX, they are not share memory >> > specific, private memory can also set them once introduced. >>=20 >> OK so how about: >>=20 >> KVM_MEMORY_EXIT_FLAG_READ (1 << 0) >> KVM_MEMORY_EXIT_FLAG_WRITE (1 << 1) >> KVM_MEMORY_EXIT_FLAG_EXECUTE (1 << 2) >> KVM_MEMORY_EXIT_FLAG_SHARED (1 << 3) >> KVM_MEMORY_EXIT_FLAG_PRIVATE (1 << 4) > > We don't actually need a new bit, the opposite side of private is > shared, i.e. flags with KVM_MEMORY_EXIT_FLAG_PRIVATE cleared expresses > 'shared'. If that is always true and we never expect a 3rd type of memory that is fine. But given we are leaving room for expansion having an explicit bit allows for that as well as making cases of forgetting to set the flags more obvious. --=20 Alex Benn=C3=A9e