From: Avi Kivity <avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
To: kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: [PATCH 54/58] KVM: Flush remote tlbs when reducing shadow pte permissions
Date: Sun, 17 Jun 2007 12:44:35 +0300 [thread overview]
Message-ID: <118207348119-git-send-email-avi@qumranet.com> (raw)
In-Reply-To: <1182073479890-git-send-email-avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
When a vcpu causes a shadow tlb entry to have reduced permissions, it
must also clear the tlb on remote vcpus. We do that by:
- setting a bit on the vcpu that requests a tlb flush before the next entry
- if the vcpu is currently executing, we send an ipi to make sure it
exits before we continue
Signed-off-by: Avi Kivity <avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
---
drivers/kvm/kvm.h | 8 ++++++++
drivers/kvm/kvm_main.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
drivers/kvm/mmu.c | 8 +++++---
drivers/kvm/svm.c | 17 ++++++++++++-----
drivers/kvm/vmx.c | 22 +++++++++++++++-------
5 files changed, 84 insertions(+), 15 deletions(-)
diff --git a/drivers/kvm/kvm.h b/drivers/kvm/kvm.h
index 528a56b..b08272b 100644
--- a/drivers/kvm/kvm.h
+++ b/drivers/kvm/kvm.h
@@ -84,6 +84,11 @@
#define KVM_PIO_PAGE_OFFSET 1
/*
+ * vcpu->requests bit members
+ */
+#define KVM_TLB_FLUSH 0
+
+/*
* Address types:
*
* gva - guest virtual address
@@ -272,6 +277,8 @@ struct kvm_vcpu {
u64 host_tsc;
struct kvm_run *run;
int interrupt_window_open;
+ int guest_mode;
+ unsigned long requests;
unsigned long irq_summary; /* bit vector: 1 per word in irq_pending */
#define NR_IRQ_WORDS KVM_IRQ_BITMAP_SIZE(unsigned long)
unsigned long irq_pending[NR_IRQ_WORDS];
@@ -530,6 +537,7 @@ void save_msrs(struct vmx_msr_entry *e, int n);
void kvm_resched(struct kvm_vcpu *vcpu);
void kvm_load_guest_fpu(struct kvm_vcpu *vcpu);
void kvm_put_guest_fpu(struct kvm_vcpu *vcpu);
+void kvm_flush_remote_tlbs(struct kvm *kvm);
int kvm_read_guest(struct kvm_vcpu *vcpu,
gva_t addr,
diff --git a/drivers/kvm/kvm_main.c b/drivers/kvm/kvm_main.c
index 4e1a017..633c2ed 100644
--- a/drivers/kvm/kvm_main.c
+++ b/drivers/kvm/kvm_main.c
@@ -41,6 +41,8 @@
#include <linux/fs.h>
#include <linux/mount.h>
#include <linux/sched.h>
+#include <linux/cpumask.h>
+#include <linux/smp.h>
#include "x86_emulate.h"
#include "segment_descriptor.h"
@@ -309,6 +311,48 @@ static void vcpu_put(struct kvm_vcpu *vcpu)
mutex_unlock(&vcpu->mutex);
}
+static void ack_flush(void *_completed)
+{
+ atomic_t *completed = _completed;
+
+ atomic_inc(completed);
+}
+
+void kvm_flush_remote_tlbs(struct kvm *kvm)
+{
+ int i, cpu, needed;
+ cpumask_t cpus;
+ struct kvm_vcpu *vcpu;
+ atomic_t completed;
+
+ atomic_set(&completed, 0);
+ cpus_clear(cpus);
+ needed = 0;
+ for (i = 0; i < kvm->nvcpus; ++i) {
+ vcpu = &kvm->vcpus[i];
+ if (test_and_set_bit(KVM_TLB_FLUSH, &vcpu->requests))
+ continue;
+ cpu = vcpu->cpu;
+ if (cpu != -1 && cpu != raw_smp_processor_id())
+ if (!cpu_isset(cpu, cpus)) {
+ cpu_set(cpu, cpus);
+ ++needed;
+ }
+ }
+
+ /*
+ * We really want smp_call_function_mask() here. But that's not
+ * available, so ipi all cpus in parallel and wait for them
+ * to complete.
+ */
+ for (cpu = first_cpu(cpus); cpu != NR_CPUS; cpu = next_cpu(cpu, cpus))
+ smp_call_function_single(cpu, ack_flush, &completed, 1, 0);
+ while (atomic_read(&completed) != needed) {
+ cpu_relax();
+ barrier();
+ }
+}
+
static struct kvm *kvm_create_vm(void)
{
struct kvm *kvm = kzalloc(sizeof(struct kvm), GFP_KERNEL);
diff --git a/drivers/kvm/mmu.c b/drivers/kvm/mmu.c
index d4de988..ad50cfd 100644
--- a/drivers/kvm/mmu.c
+++ b/drivers/kvm/mmu.c
@@ -441,7 +441,7 @@ static void rmap_write_protect(struct kvm_vcpu *vcpu, u64 gfn)
BUG_ON(!(*spte & PT_WRITABLE_MASK));
rmap_printk("rmap_write_protect: spte %p %llx\n", spte, *spte);
rmap_remove(vcpu, spte);
- kvm_arch_ops->tlb_flush(vcpu);
+ kvm_flush_remote_tlbs(vcpu->kvm);
set_shadow_pte(spte, *spte & ~PT_WRITABLE_MASK);
}
}
@@ -656,7 +656,7 @@ static void kvm_mmu_page_unlink_children(struct kvm_vcpu *vcpu,
rmap_remove(vcpu, &pt[i]);
pt[i] = 0;
}
- kvm_arch_ops->tlb_flush(vcpu);
+ kvm_flush_remote_tlbs(vcpu->kvm);
return;
}
@@ -669,6 +669,7 @@ static void kvm_mmu_page_unlink_children(struct kvm_vcpu *vcpu,
ent &= PT64_BASE_ADDR_MASK;
mmu_page_remove_parent_pte(vcpu, page_header(ent), &pt[i]);
}
+ kvm_flush_remote_tlbs(vcpu->kvm);
}
static void kvm_mmu_put_page(struct kvm_vcpu *vcpu,
@@ -1093,6 +1094,7 @@ static void mmu_pte_write_zap_pte(struct kvm_vcpu *vcpu,
}
}
*spte = 0;
+ kvm_flush_remote_tlbs(vcpu->kvm);
}
static void mmu_pte_write_new_pte(struct kvm_vcpu *vcpu,
@@ -1308,7 +1310,7 @@ void kvm_mmu_zap_all(struct kvm_vcpu *vcpu)
}
mmu_free_memory_caches(vcpu);
- kvm_arch_ops->tlb_flush(vcpu);
+ kvm_flush_remote_tlbs(vcpu->kvm);
init_kvm_mmu(vcpu);
}
diff --git a/drivers/kvm/svm.c b/drivers/kvm/svm.c
index 70f386e..eb175c5 100644
--- a/drivers/kvm/svm.c
+++ b/drivers/kvm/svm.c
@@ -1470,6 +1470,11 @@ static void load_db_regs(unsigned long *db_regs)
asm volatile ("mov %0, %%dr3" : : "r"(db_regs[3]));
}
+static void svm_flush_tlb(struct kvm_vcpu *vcpu)
+{
+ force_new_asid(vcpu);
+}
+
static int svm_vcpu_run(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
{
u16 fs_selector;
@@ -1487,6 +1492,11 @@ again:
clgi();
+ vcpu->guest_mode = 1;
+ if (vcpu->requests)
+ if (test_and_clear_bit(KVM_TLB_FLUSH, &vcpu->requests))
+ svm_flush_tlb(vcpu);
+
pre_svm_run(vcpu);
save_host_msrs(vcpu);
@@ -1618,6 +1628,8 @@ again:
#endif
: "cc", "memory" );
+ vcpu->guest_mode = 0;
+
if (vcpu->fpu_active) {
fx_save(vcpu->guest_fx_image);
fx_restore(vcpu->host_fx_image);
@@ -1682,11 +1694,6 @@ again:
return r;
}
-static void svm_flush_tlb(struct kvm_vcpu *vcpu)
-{
- force_new_asid(vcpu);
-}
-
static void svm_set_cr3(struct kvm_vcpu *vcpu, unsigned long root)
{
vcpu->svm->vmcb->save.cr3 = root;
diff --git a/drivers/kvm/vmx.c b/drivers/kvm/vmx.c
index a1f51b9..b969db1 100644
--- a/drivers/kvm/vmx.c
+++ b/drivers/kvm/vmx.c
@@ -1972,6 +1972,11 @@ static int dm_request_for_irq_injection(struct kvm_vcpu *vcpu,
(vmcs_readl(GUEST_RFLAGS) & X86_EFLAGS_IF));
}
+static void vmx_flush_tlb(struct kvm_vcpu *vcpu)
+{
+ vmcs_writel(GUEST_CR3, vmcs_readl(GUEST_CR3));
+}
+
static int vmx_vcpu_run(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
{
u8 fail;
@@ -1997,9 +2002,15 @@ again:
*/
vmcs_writel(HOST_CR0, read_cr0());
+ local_irq_disable();
+
+ vcpu->guest_mode = 1;
+ if (vcpu->requests)
+ if (test_and_clear_bit(KVM_TLB_FLUSH, &vcpu->requests))
+ vmx_flush_tlb(vcpu);
+
asm (
/* Store host registers */
- "pushf \n\t"
#ifdef CONFIG_X86_64
"push %%rax; push %%rbx; push %%rdx;"
"push %%rsi; push %%rdi; push %%rbp;"
@@ -2091,7 +2102,6 @@ again:
"pop %%ecx; popa \n\t"
#endif
"setbe %0 \n\t"
- "popf \n\t"
: "=q" (fail)
: "r"(vcpu->launched), "d"((unsigned long)HOST_RSP),
"c"(vcpu),
@@ -2115,6 +2125,9 @@ again:
[cr2]"i"(offsetof(struct kvm_vcpu, cr2))
: "cc", "memory" );
+ vcpu->guest_mode = 0;
+ local_irq_enable();
+
++vcpu->stat.exits;
vcpu->interrupt_window_open = (vmcs_read32(GUEST_INTERRUPTIBILITY_INFO) & 3) == 0;
@@ -2167,11 +2180,6 @@ out:
return r;
}
-static void vmx_flush_tlb(struct kvm_vcpu *vcpu)
-{
- vmcs_writel(GUEST_CR3, vmcs_readl(GUEST_CR3));
-}
-
static void vmx_inject_page_fault(struct kvm_vcpu *vcpu,
unsigned long addr,
u32 err_code)
--
1.5.0.6
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
next prev parent reply other threads:[~2007-06-17 9:44 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-06-17 9:43 [PATCH 00/58] KVM updates for 2.6.23 Avi Kivity
[not found] ` <1182073479890-git-send-email-avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-06-17 9:43 ` [PATCH 01/58] KVM: VMX: Enable io bitmaps to avoid IO port 0x80 VMEXITs Avi Kivity
2007-06-17 9:43 ` [PATCH 02/58] KVM: SVM: Allow direct guest access to PC debug port Avi Kivity
2007-06-17 9:43 ` [PATCH 03/58] KVM: Assume that writes smaller than 4 bytes are to non-pagetable pages Avi Kivity
2007-06-17 9:43 ` [PATCH 04/58] KVM: Avoid saving and restoring some host CPU state on lightweight vmexit Avi Kivity
2007-06-17 9:43 ` [PATCH 05/58] KVM: Unindent some code Avi Kivity
2007-06-17 9:43 ` [PATCH 06/58] KVM: Reduce misfirings of the fork detector Avi Kivity
2007-06-17 9:43 ` [PATCH 07/58] KVM: Be more careful restoring fs on lightweight vmexit Avi Kivity
2007-06-17 9:43 ` [PATCH 08/58] KVM: Unify kvm_mmu_pre_write() and kvm_mmu_post_write() Avi Kivity
2007-06-17 9:43 ` [PATCH 09/58] KVM: MMU: Respect nonpae pagetable quadrant when zapping ptes Avi Kivity
2007-06-17 9:43 ` [PATCH 10/58] KVM: Update shadow pte on write to guest pte Avi Kivity
2007-06-17 9:43 ` [PATCH 11/58] KVM: Increase mmu shadow cache to 1024 pages Avi Kivity
2007-06-17 9:43 ` [PATCH 12/58] KVM: Fix potential guest state leak into host Avi Kivity
2007-06-17 9:43 ` [PATCH 13/58] KVM: Move some more msr mangling into vmx_save_host_state() Avi Kivity
2007-06-17 9:43 ` [PATCH 14/58] KVM: Rationalize exception bitmap usage Avi Kivity
2007-06-17 9:43 ` [PATCH 15/58] KVM: Consolidate guest fpu activation and deactivation Avi Kivity
2007-06-17 9:43 ` [PATCH 16/58] KVM: Set cr0.mp for guests Avi Kivity
2007-06-17 9:43 ` [PATCH 17/58] KVM: Implement IA32_EBL_CR_POWERON msr Avi Kivity
2007-06-17 9:43 ` [PATCH 18/58] KVM: MMU: Simplify kvm_mmu_free_page() a tiny bit Avi Kivity
2007-06-17 9:44 ` [PATCH 19/58] KVM: MMU: Store shadow page tables as kernel virtual addresses, not physical Avi Kivity
2007-06-17 9:44 ` [PATCH 20/58] KVM: VMX: Only reload guest msrs if they are already loaded Avi Kivity
2007-06-17 9:44 ` [PATCH 21/58] KVM: Avoid corrupting tr in real mode Avi Kivity
2007-06-17 9:44 ` [PATCH 22/58] KVM: Fix vmx I/O bitmap initialization on highmem systems Avi Kivity
2007-06-17 9:44 ` [PATCH 23/58] KVM: VMX: Use local labels in inline assembly Avi Kivity
2007-06-17 9:44 ` [PATCH 24/58] KVM: VMX: Handle #SS faults from real mode Avi Kivity
2007-06-17 9:44 ` [PATCH 25/58] KVM: VMX: Avoid saving and restoring msrs on lightweight vmexit Avi Kivity
2007-06-17 9:44 ` [PATCH 26/58] KVM: VMX: Cleanup redundant code in MSR set Avi Kivity
2007-06-17 9:44 ` [PATCH 27/58] KVM: VMX: Avoid saving and restoring msr_efer on lightweight vmexit Avi Kivity
2007-06-17 9:44 ` [PATCH 28/58] Use menuconfig objects II - KVM/Virt Avi Kivity
2007-06-17 9:44 ` [PATCH 29/58] KVM: x86 emulator: implement wbinvd Avi Kivity
2007-06-17 9:44 ` [PATCH 30/58] KVM: Fix includes Avi Kivity
2007-06-17 9:44 ` [PATCH 31/58] KVM: Use symbolic constants instead of magic numbers Avi Kivity
2007-06-17 9:44 ` [PATCH 32/58] KVM: MMU: Use slab caches for shadow pages and their headers Avi Kivity
2007-06-17 9:44 ` [PATCH 33/58] KVM: MMU: Simplify fetch() a little bit Avi Kivity
2007-06-17 9:44 ` [PATCH 34/58] KVM: MMU: Move set_pte_common() to pte width dependent code Avi Kivity
2007-06-17 9:44 ` [PATCH 35/58] KVM: MMU: Pass the guest pde to set_pte_common Avi Kivity
2007-06-17 9:44 ` [PATCH 36/58] KVM: MMU: Fold fix_read_pf() into set_pte_common() Avi Kivity
2007-06-17 9:44 ` [PATCH 37/58] KVM: MMU: Fold fix_write_pf() " Avi Kivity
2007-06-17 9:44 ` [PATCH 38/58] KVM: Move shadow pte modifications from set_pte/set_pde to set_pde_common() Avi Kivity
2007-06-17 9:44 ` [PATCH 39/58] KVM: Make shadow pte updates atomic Avi Kivity
2007-06-17 9:44 ` [PATCH 40/58] KVM: MMU: Make setting shadow ptes atomic on i386 Avi Kivity
2007-06-17 9:44 ` [PATCH 41/58] KVM: MMU: Remove cr0.wp tricks Avi Kivity
2007-06-17 9:44 ` [PATCH 42/58] KVM: MMU: Simpify accessed/dirty/present/nx bit handling Avi Kivity
2007-06-17 9:44 ` [PATCH 43/58] KVM: MMU: Don't cache guest access bits in the shadow page table Avi Kivity
2007-06-17 9:44 ` [PATCH 44/58] KVM: MMU: Remove unused large page marker Avi Kivity
2007-06-17 9:44 ` [PATCH 45/58] KVM: Lazy guest cr3 switching Avi Kivity
2007-06-17 9:44 ` [PATCH 46/58] KVM: Replace C code with call to ARRAY_SIZE() macro Avi Kivity
2007-06-17 9:44 ` [PATCH 47/58] KVM: Remove unnecessary initialization and checks in mark_page_dirty() Avi Kivity
2007-06-17 9:44 ` [PATCH 48/58] KVM: Fix vcpu freeing for guest smp Avi Kivity
2007-06-17 9:44 ` [PATCH 49/58] KVM: Fix adding an smp virtual machine to the vm list Avi Kivity
2007-06-17 9:44 ` [PATCH 50/58] KVM: Enable guest smp Avi Kivity
2007-06-17 9:44 ` [PATCH 51/58] KVM: Move duplicate halt handling code into kvm_main.c Avi Kivity
2007-06-17 9:44 ` [PATCH 52/58] KVM: Emulate hlt on real mode for Intel Avi Kivity
2007-06-17 9:44 ` [PATCH 53/58] KVM: Keep an upper bound of initialized vcpus Avi Kivity
2007-06-17 9:44 ` Avi Kivity [this message]
2007-06-17 9:44 ` [PATCH 55/58] KVM: SVM: Replace memset(<addr>, 0, PAGESIZE) with clear_page(<addr>) Avi Kivity
2007-06-17 9:44 ` [PATCH 56/58] KVM: VMX: " Avi Kivity
2007-06-17 9:44 ` [PATCH 57/58] KVM: Initialize the BSP bit in the APIC_BASE msr correctly Avi Kivity
2007-06-17 9:44 ` [PATCH 58/58] KVM: VMX: Ensure vcpu time stamp counter is monotonous Avi Kivity
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=118207348119-git-send-email-avi@qumranet.com \
--to=avi-atkuwr5tajbwk0htik3j/w@public.gmane.org \
--cc=kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox