From: David Matlack <dmatlack@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
seanjc@google.com, vkuznets@redhat.com
Subject: Re: [PATCH 10/23] KVM: MMU: split cpu_role from mmu_role
Date: Fri, 4 Feb 2022 21:57:26 +0000 [thread overview]
Message-ID: <Yf2hRltaM1Ezd6SM@google.com> (raw)
In-Reply-To: <20220204115718.14934-11-pbonzini@redhat.com>
On Fri, Feb 04, 2022 at 06:57:05AM -0500, Paolo Bonzini wrote:
> Snapshot the state of the processor registers that govern page walk into
> a new field of struct kvm_mmu. This is a more natural representation
> than having it *mostly* in mmu_role but not exclusively; the delta
> right now is represented in other fields, such as root_level. For
> example, already in this patch we can replace role_regs_to_root_level
> with the "level" field of the CPU role.
>
> The nested MMU now has only the CPU role; and in fact the new function
> kvm_calc_cpu_role is analogous to the previous kvm_calc_nested_mmu_role,
> except that it has role.base.direct equal to CR0.PG. It is not clear
> what the code meant by "setting role.base.direct to true to detect bogus
> usage of the nested MMU".
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> arch/x86/include/asm/kvm_host.h | 1 +
> arch/x86/kvm/mmu/mmu.c | 100 ++++++++++++++++++++------------
> arch/x86/kvm/mmu/paging_tmpl.h | 2 +-
> 3 files changed, 64 insertions(+), 39 deletions(-)
>
> diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
> index 4ec7d1e3aa36..427ee486309c 100644
> --- a/arch/x86/include/asm/kvm_host.h
> +++ b/arch/x86/include/asm/kvm_host.h
> @@ -432,6 +432,7 @@ struct kvm_mmu {
> void (*invlpg)(struct kvm_vcpu *vcpu, gva_t gva, hpa_t root_hpa);
> hpa_t root_hpa;
> gpa_t root_pgd;
> + union kvm_mmu_role cpu_role;
> union kvm_mmu_role mmu_role;
> u8 root_level;
> u8 shadow_root_level;
> diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
> index dd69cfc8c4f6..f98444e1d834 100644
> --- a/arch/x86/kvm/mmu/mmu.c
> +++ b/arch/x86/kvm/mmu/mmu.c
> @@ -230,7 +230,7 @@ BUILD_MMU_ROLE_REGS_ACCESSOR(efer, lma, EFER_LMA);
> #define BUILD_MMU_ROLE_ACCESSOR(base_or_ext, reg, name) \
> static inline bool __maybe_unused is_##reg##_##name(struct kvm_mmu *mmu) \
> { \
> - return !!(mmu->mmu_role. base_or_ext . reg##_##name); \
> + return !!(mmu->cpu_role. base_or_ext . reg##_##name); \
> }
> BUILD_MMU_ROLE_ACCESSOR(ext, cr0, pg);
> BUILD_MMU_ROLE_ACCESSOR(base, cr0, wp);
> @@ -4658,6 +4658,38 @@ static void paging32_init_context(struct kvm_mmu *context)
> context->direct_map = false;
> }
>
> +static union kvm_mmu_role
> +kvm_calc_cpu_role(struct kvm_vcpu *vcpu, const struct kvm_mmu_role_regs *regs)
> +{
> + union kvm_mmu_role role = {0};
> +
> + role.base.access = ACC_ALL;
> + role.base.smm = is_smm(vcpu);
> + role.base.guest_mode = is_guest_mode(vcpu);
> + role.base.direct = !____is_cr0_pg(regs);
> + if (!role.base.direct) {
> + role.base.efer_nx = ____is_efer_nx(regs);
> + role.base.cr0_wp = ____is_cr0_wp(regs);
> + role.base.smep_andnot_wp = ____is_cr4_smep(regs) && !____is_cr0_wp(regs);
> + role.base.smap_andnot_wp = ____is_cr4_smap(regs) && !____is_cr0_wp(regs);
> + role.base.has_4_byte_gpte = !____is_cr4_pae(regs);
> + role.base.level = role_regs_to_root_level(regs);
> +
> + role.ext.cr0_pg = 1;
> + role.ext.cr4_pae = ____is_cr4_pae(regs);
> + role.ext.cr4_smep = ____is_cr4_smep(regs);
> + role.ext.cr4_smap = ____is_cr4_smap(regs);
> + role.ext.cr4_pse = ____is_cr4_pse(regs);
> +
> + /* PKEY and LA57 are active iff long mode is active. */
> + role.ext.cr4_pke = ____is_efer_lma(regs) && ____is_cr4_pke(regs);
> + role.ext.cr4_la57 = ____is_efer_lma(regs) && ____is_cr4_la57(regs);
> + role.ext.efer_lma = ____is_efer_lma(regs);
> + }
> +
> + return role;
> +}
> +
> static union kvm_mmu_role kvm_calc_mmu_role_common(struct kvm_vcpu *vcpu,
> const struct kvm_mmu_role_regs *regs)
> {
> @@ -4716,13 +4748,16 @@ static void init_kvm_tdp_mmu(struct kvm_vcpu *vcpu,
> const struct kvm_mmu_role_regs *regs)
> {
> struct kvm_mmu *context = &vcpu->arch.root_mmu;
> - union kvm_mmu_role new_role =
> + union kvm_mmu_role cpu_role = kvm_calc_cpu_role(vcpu, regs);
> + union kvm_mmu_role mmu_role =
> kvm_calc_tdp_mmu_root_page_role(vcpu, regs);
>
> - if (new_role.as_u64 == context->mmu_role.as_u64)
> + if (cpu_role.as_u64 == context->cpu_role.as_u64 &&
> + mmu_role.as_u64 == context->mmu_role.as_u64)
> return;
>
> - context->mmu_role.as_u64 = new_role.as_u64;
> + context->cpu_role.as_u64 = cpu_role.as_u64;
> + context->mmu_role.as_u64 = mmu_role.as_u64;
> context->page_fault = kvm_tdp_page_fault;
> context->sync_page = nonpaging_sync_page;
> context->invlpg = NULL;
> @@ -4777,13 +4812,15 @@ kvm_calc_shadow_mmu_root_page_role(struct kvm_vcpu *vcpu,
> }
>
> static void shadow_mmu_init_context(struct kvm_vcpu *vcpu, struct kvm_mmu *context,
> - const struct kvm_mmu_role_regs *regs,
> - union kvm_mmu_role new_role)
> + union kvm_mmu_role cpu_role,
> + union kvm_mmu_role mmu_role)
> {
> - if (new_role.as_u64 == context->mmu_role.as_u64)
> + if (cpu_role.as_u64 == context->cpu_role.as_u64 &&
> + mmu_role.as_u64 == context->mmu_role.as_u64)
> return;
>
> - context->mmu_role.as_u64 = new_role.as_u64;
> + context->cpu_role.as_u64 = cpu_role.as_u64;
> + context->mmu_role.as_u64 = mmu_role.as_u64;
>
> if (!is_cr0_pg(context))
> nonpaging_init_context(context);
> @@ -4791,20 +4828,21 @@ static void shadow_mmu_init_context(struct kvm_vcpu *vcpu, struct kvm_mmu *conte
> paging64_init_context(context);
> else
> paging32_init_context(context);
> - context->root_level = role_regs_to_root_level(regs);
> + context->root_level = cpu_role.base.level;
>
> reset_guest_paging_metadata(vcpu, context);
> - context->shadow_root_level = new_role.base.level;
> + context->shadow_root_level = mmu_role.base.level;
> }
>
> static void kvm_init_shadow_mmu(struct kvm_vcpu *vcpu,
> const struct kvm_mmu_role_regs *regs)
> {
> struct kvm_mmu *context = &vcpu->arch.root_mmu;
> - union kvm_mmu_role new_role =
> + union kvm_mmu_role cpu_role = kvm_calc_cpu_role(vcpu, regs);
> + union kvm_mmu_role mmu_role =
> kvm_calc_shadow_mmu_root_page_role(vcpu, regs);
>
> - shadow_mmu_init_context(vcpu, context, regs, new_role);
> + shadow_mmu_init_context(vcpu, context, cpu_role, mmu_role);
>
> /*
> * KVM uses NX when TDP is disabled to handle a variety of scenarios,
> @@ -4839,11 +4877,10 @@ void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsigned long cr0,
> .cr4 = cr4 & ~X86_CR4_PKE,
> .efer = efer,
> };
> - union kvm_mmu_role new_role;
> -
> - new_role = kvm_calc_shadow_npt_root_page_role(vcpu, ®s);
> + union kvm_mmu_role cpu_role = kvm_calc_cpu_role(vcpu, ®s);
> + union kvm_mmu_role mmu_role = kvm_calc_shadow_npt_root_page_role(vcpu, ®s);;
>
> - shadow_mmu_init_context(vcpu, context, ®s, new_role);
> + shadow_mmu_init_context(vcpu, context, cpu_role, mmu_role);
> reset_shadow_zero_bits_mask(vcpu, context, is_efer_nx(context));
> kvm_mmu_new_pgd(vcpu, nested_cr3);
> }
> @@ -4862,7 +4899,6 @@ kvm_calc_shadow_ept_root_page_role(struct kvm_vcpu *vcpu, bool accessed_dirty,
> role.base.guest_mode = true;
> role.base.access = ACC_ALL;
>
> - /* EPT, and thus nested EPT, does not consume CR0, CR4, nor EFER. */
> role.ext.word = 0;
> role.ext.execonly = execonly;
>
> @@ -4879,7 +4915,9 @@ void kvm_init_shadow_ept_mmu(struct kvm_vcpu *vcpu, bool execonly,
> kvm_calc_shadow_ept_root_page_role(vcpu, accessed_dirty,
> execonly, level);
>
> - if (new_role.as_u64 != context->mmu_role.as_u64) {
> + if (new_role.as_u64 != context->cpu_role.as_u64) {
> + /* EPT, and thus nested EPT, does not consume CR0, CR4, nor EFER. */
> + context->cpu_role.as_u64 = new_role.as_u64;
> context->mmu_role.as_u64 = new_role.as_u64;
>
> context->shadow_root_level = level;
> @@ -4913,32 +4951,15 @@ static void init_kvm_softmmu(struct kvm_vcpu *vcpu,
> context->inject_page_fault = kvm_inject_page_fault;
> }
>
> -static union kvm_mmu_role
> -kvm_calc_nested_mmu_role(struct kvm_vcpu *vcpu, const struct kvm_mmu_role_regs *regs)
> -{
> - union kvm_mmu_role role;
> -
> - role = kvm_calc_shadow_root_page_role_common(vcpu, regs);
> -
> - /*
> - * Nested MMUs are used only for walking L2's gva->gpa, they never have
> - * shadow pages of their own and so "direct" has no meaning. Set it
> - * to "true" to try to detect bogus usage of the nested MMU.
> - */
> - role.base.direct = true;
> - role.base.level = role_regs_to_root_level(regs);
> - return role;
> -}
> -
> static void init_kvm_nested_mmu(struct kvm_vcpu *vcpu, const struct kvm_mmu_role_regs *regs)
> {
> - union kvm_mmu_role new_role = kvm_calc_nested_mmu_role(vcpu, regs);
> + union kvm_mmu_role new_role = kvm_calc_cpu_role(vcpu, regs);
> struct kvm_mmu *g_context = &vcpu->arch.nested_mmu;
>
> - if (new_role.as_u64 == g_context->mmu_role.as_u64)
> + if (new_role.as_u64 == g_context->cpu_role.as_u64)
> return;
>
> - g_context->mmu_role.as_u64 = new_role.as_u64;
> + g_context->cpu_role.as_u64 = new_role.as_u64;
> g_context->get_guest_pgd = get_cr3;
> g_context->get_pdptr = kvm_pdptr_read;
> g_context->inject_page_fault = kvm_inject_page_fault;
> @@ -4997,6 +5018,9 @@ void kvm_mmu_after_set_cpuid(struct kvm_vcpu *vcpu)
> * problem is swept under the rug; KVM's CPUID API is horrific and
> * it's all but impossible to solve it without introducing a new API.
> */
> + vcpu->arch.root_mmu.cpu_role.base.level = 0;
> + vcpu->arch.guest_mmu.cpu_role.base.level = 0;
> + vcpu->arch.nested_mmu.cpu_role.base.level = 0;
Will cpu_role.base.level already be 0 if CR0.PG=0 && !tdp_enabled? i.e.
setting cpu_role.base.level to 0 might not have the desired effect.
It might not matter in practice since the shadow_mmu_init_context() and
kvm_calc_mmu_role_common() check both the mmu_role and cpu_role, but does
make this reset code confusing.
> vcpu->arch.root_mmu.mmu_role.base.level = 0;
> vcpu->arch.guest_mmu.mmu_role.base.level = 0;
> vcpu->arch.nested_mmu.mmu_role.base.level = 0;
> diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h
> index 6bb9a377bf89..b9f472f27077 100644
> --- a/arch/x86/kvm/mmu/paging_tmpl.h
> +++ b/arch/x86/kvm/mmu/paging_tmpl.h
> @@ -323,7 +323,7 @@ static inline bool FNAME(is_last_gpte)(struct kvm_mmu *mmu,
> * is not reserved and does not indicate a large page at this level,
> * so clear PT_PAGE_SIZE_MASK in gpte if that is the case.
> */
> - gpte &= level - (PT32_ROOT_LEVEL + mmu->mmu_role.ext.cr4_pse);
> + gpte &= level - (PT32_ROOT_LEVEL + mmu->cpu_role.ext.cr4_pse);
> #endif
> /*
> * PG_LEVEL_4K always terminates. The RHS has bit 7 set
> --
> 2.31.1
>
>
next prev parent reply other threads:[~2022-02-04 21:57 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-04 11:56 [PATCH 00/23] KVM: MMU: MMU role refactoring Paolo Bonzini
2022-02-04 11:56 ` [PATCH 01/23] KVM: MMU: pass uses_nx directly to reset_shadow_zero_bits_mask Paolo Bonzini
2022-02-04 17:59 ` David Matlack
2022-02-05 14:52 ` Paolo Bonzini
2022-02-07 16:09 ` Sean Christopherson
2022-02-07 21:50 ` David Matlack
2022-02-10 0:30 ` Sean Christopherson
2022-02-10 16:38 ` Paolo Bonzini
2022-02-04 11:56 ` [PATCH 02/23] KVM: MMU: nested EPT cannot be used in SMM Paolo Bonzini
2022-02-04 18:16 ` David Matlack
2022-02-09 22:43 ` Sean Christopherson
2022-02-04 11:56 ` [PATCH 03/23] KVM: MMU: remove valid from extended role Paolo Bonzini
2022-02-04 18:32 ` David Matlack
2022-02-05 14:50 ` Paolo Bonzini
2022-02-09 22:54 ` Sean Christopherson
2022-02-10 9:53 ` Paolo Bonzini
2022-02-04 11:56 ` [PATCH 04/23] KVM: MMU: constify uses of struct kvm_mmu_role_regs Paolo Bonzini
2022-02-04 18:41 ` David Matlack
2022-02-09 22:57 ` Sean Christopherson
2022-02-04 11:57 ` [PATCH 05/23] KVM: MMU: pull computation of kvm_mmu_role_regs to kvm_init_mmu Paolo Bonzini
2022-02-04 18:45 ` David Matlack
2022-02-04 11:57 ` [PATCH 06/23] KVM: MMU: load new PGD once nested two-dimensional paging is initialized Paolo Bonzini
2022-02-04 19:18 ` David Matlack
2022-02-07 13:50 ` Paolo Bonzini
2022-02-07 14:35 ` Paolo Bonzini
2022-02-09 12:34 ` Paolo Bonzini
2022-02-04 11:57 ` [PATCH 07/23] KVM: MMU: remove kvm_mmu_calc_root_page_role Paolo Bonzini
2022-02-04 19:32 ` David Matlack
2022-02-05 14:46 ` Paolo Bonzini
2022-02-10 0:47 ` Sean Christopherson
2022-02-10 9:52 ` Paolo Bonzini
2022-02-10 17:29 ` Sean Christopherson
2022-02-10 17:43 ` Paolo Bonzini
2022-02-04 11:57 ` [PATCH 08/23] KVM: MMU: rephrase unclear comment Paolo Bonzini
2022-02-04 19:38 ` David Matlack
2022-02-04 11:57 ` [PATCH 09/23] KVM: MMU: remove "bool base_only" arguments Paolo Bonzini
2022-02-04 19:41 ` David Matlack
2022-02-04 11:57 ` [PATCH 10/23] KVM: MMU: split cpu_role from mmu_role Paolo Bonzini
2022-02-04 21:57 ` David Matlack [this message]
2022-02-05 14:49 ` Paolo Bonzini
2022-02-07 21:38 ` David Matlack
2022-02-04 11:57 ` [PATCH 11/23] KVM: MMU: do not recompute root level from kvm_mmu_role_regs Paolo Bonzini
2022-02-07 22:10 ` David Matlack
2022-02-07 22:17 ` David Matlack
2022-02-04 11:57 ` [PATCH 12/23] KVM: MMU: remove ept_ad field Paolo Bonzini
2022-02-04 11:57 ` [PATCH 13/23] KVM: MMU: remove kvm_calc_shadow_root_page_role_common Paolo Bonzini
2022-02-07 22:25 ` David Matlack
2022-02-04 11:57 ` [PATCH 14/23] KVM: MMU: cleanup computation of MMU roles for two-dimensional paging Paolo Bonzini
2022-02-04 11:57 ` [PATCH 15/23] KVM: MMU: cleanup computation of MMU roles for shadow paging Paolo Bonzini
2022-02-04 11:57 ` [PATCH 16/23] KVM: MMU: remove extended bits from mmu_role Paolo Bonzini
2022-02-04 11:57 ` [PATCH 17/23] KVM: MMU: remove redundant bits from extended role Paolo Bonzini
2022-02-04 11:57 ` [PATCH 18/23] KVM: MMU: fetch shadow EFER.NX from MMU role Paolo Bonzini
2022-02-04 11:57 ` [PATCH 19/23] KVM: MMU: simplify and/or inline computation of shadow MMU roles Paolo Bonzini
2022-02-04 11:57 ` [PATCH 20/23] KVM: MMU: pull CPU role computation to kvm_init_mmu Paolo Bonzini
2022-02-07 22:42 ` David Matlack
2022-02-04 11:57 ` [PATCH 21/23] KVM: MMU: store shadow_root_level into mmu_role Paolo Bonzini
2022-02-07 23:00 ` David Matlack
2022-02-04 11:57 ` [PATCH 22/23] KVM: MMU: use cpu_role for root_level Paolo Bonzini
2022-02-07 23:01 ` David Matlack
2022-02-04 11:57 ` [PATCH 23/23] KVM: MMU: replace direct_map with mmu_role.direct Paolo Bonzini
2022-02-07 23:02 ` David Matlack
2022-02-07 23:08 ` [PATCH 00/23] KVM: MMU: MMU role refactoring David Matlack
2022-02-07 23:27 ` Sean Christopherson
2022-02-07 23:53 ` David Matlack
2022-02-10 1:11 ` Sean Christopherson
2022-02-10 11:58 ` Paolo Bonzini
2022-02-10 16:55 ` Sean Christopherson
2022-02-10 17:30 ` Paolo Bonzini
2022-02-10 19:28 ` Sean Christopherson
2022-02-09 22:31 ` Sean Christopherson
2022-02-10 9:54 ` Paolo Bonzini
2022-02-14 18:14 ` David Matlack
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Yf2hRltaM1Ezd6SM@google.com \
--to=dmatlack@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=vkuznets@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.