diff for duplicates of <4e89479a-e170-403a-b2eb-ce7b895e55a3@redhat.com> diff --git a/a/1.txt b/N1/1.txt index 906b7a4..aed73bf 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -25,6 +25,835 @@ On 3/29/24 23:58, Michael Roth wrote: Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> +> --- +> arch/x86/kvm/svm/sev.c | 32 ++++++++++++++++++++++++++++++++ +> arch/x86/kvm/svm/svm.c | 1 + +> arch/x86/kvm/svm/svm.h | 7 +++++++ +> 3 files changed, 40 insertions(+) +> +> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c +> index 87d621d013a4..31f6f4786503 100644 +> --- a/arch/x86/kvm/svm/sev.c +> +++ b/arch/x86/kvm/svm/sev.c +> @@ -4443,3 +4443,35 @@ void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) +> pfn += use_2m_update ? PTRS_PER_PMD : 1; +> } +> } +> + +> +/* +> + * Re-check whether an #NPF for a private/gmem page can still be serviced, and +> + * adjust maximum mapping level if needed. +> + */ +> +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private, +> + u8 *max_level) +> +{ +> + int level, rc; +> + bool assigned; +> + +> + if (!sev_snp_guest(kvm)) +> + return 0; +> + +> + rc = snp_lookup_rmpentry(pfn, &assigned, &level); +> + if (rc) { +> + pr_err_ratelimited("SEV: RMP entry not found: GFN %llx PFN %llx level %d error %d\n", +> + gfn, pfn, level, rc); +> + return -ENOENT; +> + } +> + +> + if (!assigned) { +> + pr_err_ratelimited("SEV: RMP entry is not assigned: GFN %llx PFN %llx level %d\n", +> + gfn, pfn, level); +> + return -EINVAL; +> + } +> + +> + if (level < *max_level) +> + *max_level = level; +> + +> + return 0; +> +} +> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c +> index b456906f2670..298b4ce77a5f 100644 +> --- a/arch/x86/kvm/svm/svm.c +> +++ b/arch/x86/kvm/svm/svm.c +> @@ -5081,6 +5081,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { +> +> .gmem_prepare = sev_gmem_prepare, +> .gmem_invalidate = sev_gmem_invalidate, +> + .gmem_validate_fault = sev_gmem_validate_fault, +> }; +> +> /* +> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h +> index 3f1f6d3d3ade..746f819a6de4 100644 +> --- a/arch/x86/kvm/svm/svm.h +> +++ b/arch/x86/kvm/svm/svm.h +> @@ -732,6 +732,8 @@ void sev_vcpu_unblocking(struct kvm_vcpu *vcpu); +> void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); +> int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); +> void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end); +> +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private, +> + u8 *max_level); +> #else +> static inline struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) { +> return alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); +> @@ -753,6 +755,11 @@ static inline int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, in +> return 0; +> } +> static inline void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) {} +> +static inline int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, +> + bool is_private, u8 *max_level) +> +{ +> + return 0; +> +} +> +> #endif +> + + +X-sender: <kvm+bounces-13159-martin.weber=secunet.com@vger.kernel.org> +X-Receiver: <martin.weber@secunet.com> ORCPT=rfc822;martin.weber@secunet.com NOTIFY=NEVER; X-ExtendedProps=BQAVABYAAgAAAAUAFAARAJuYHy0vkvxLoOu7fW2WcxcPADUAAABNaWNyb3NvZnQuRXhjaGFuZ2UuVHJhbnNwb3J0LkRpcmVjdG9yeURhdGEuSXNSZXNvdXJjZQIAAAUAagAJAAEAAAAAAAAABQAWAAIAAAUAQwACAAAFAEYABwADAAAABQBHAAIAAAUAEgAPAF4AAAAvbz1zZWN1bmV0L291PUV4Y2hhbmdlIEFkbWluaXN0cmF0aXZlIEdyb3VwIChGWURJQk9IRjIzU1BETFQpL2NuPVJlY2lwaWVudHMvY249V2ViZXIgTWFydGluOTU1BQALABcAvgAAALMpUnVJ4+pPsL47FHo+lvtDTj1EQjIsQ049RGF0YWJhc2VzLENOPUV4Y2hhbmdlIEFkbWluaXN0cmF0aXZlIEdyb3VwIChGWURJQk9IRjIzU1BETFQpLENOPUFkbWluaXN0cmF0aXZlIEdyb3VwcyxDTj1zZWN1bmV0LENOPU1pY3Jvc29mdCBFeGNoYW5nZSxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPXNlY3VuZXQsREM9ZGUFAA4AEQBACf3SYEkDT461FZzDv+B7BQAdAA8ADAAAAG1ieC1lc3Nlbi0wMQUAPAACAAAPADYAAABNaWNyb3NvZnQuRXhjaGFuZ2UuVHJhbnNwb3J0Lk1haWxSZWNpcGllbnQuRGlzcGxheU5hbWUPAA0AAABXZWJlciwgTWFydGluBQAMAAIAAAUAbAACAAAFAFgAFwBGAAAAm5gfLS+S/Eug67t9bZZzF0NOPVdlYmVyIE1hcnRpbixPVT1Vc2VycyxPVT1NaWdyYXRpb24sREM9c2VjdW5ldCxEQz1kZQUAJgACAAEFACIADwAxAAAAQXV0b1Jlc3BvbnNlU3VwcHJlc3M6IDANClRyYW5zbWl0SGlzdG9yeTogRmFsc2UNCg8ALwAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuRXhwYW5zaW9uR3JvdXBUeXBlDwAVAAAATWVtYmVyc0dyb3VwRXhwYW5zaW9uBQAjAAIAAQ== +X-CreatedBy: MSExchange15 +X-HeloDomain: b.mx.secunet.com +X-ExtendedProps: BQBjAAoAuKNAQuxQ3AgFAGEACAABAAAABQA3AAIAAA8APAAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuTWFpbFJlY2lwaWVudC5Pcmdhbml6YXRpb25TY29wZREAAAAAAAAAAAAAAAAAAAAAAAUASQACAAEFAGIACgBZAAAAo4oAAAUABAAUIAEAAAAYAAAAbWFydGluLndlYmVyQHNlY3VuZXQuY29tBQAGAAIAAQUAKQACAAEPAAkAAABDSUF1ZGl0ZWQCAAEFAAIABwABAAAABQADAAcAAAAAAAUABQACAAEFAGQADwADAAAASHVi +X-Source: SMTP:Default MBX-DRESDEN-01 +X-SourceIPAddress: 62.96.220.37 +X-EndOfInjectedXHeaders: 23284 +Received: from cas-essen-01.secunet.de (10.53.40.201) by + mbx-dresden-01.secunet.de (10.53.40.199) with Microsoft SMTP Server + (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id + 15.1.2507.37; Sat, 30 Mar 2024 22:35:40 +0100 +Received: from b.mx.secunet.com (62.96.220.37) by cas-essen-01.secunet.de + (10.53.40.201) with Microsoft SMTP Server (version=TLS1_2, + cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.37 via Frontend + Transport; Sat, 30 Mar 2024 22:35:40 +0100 +Received: from localhost (localhost [127.0.0.1]) + by b.mx.secunet.com (Postfix) with ESMTP id EA64D2025D + for <martin.weber@secunet.com>; Sat, 30 Mar 2024 22:35:40 +0100 (CET) +X-Virus-Scanned: by secunet +X-Spam-Flag: NO +X-Spam-Score: -2.851 +X-Spam-Level: +X-Spam-Status: No, score=-2.851 tagged_above=-999 required=2.1 + tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.1, DKIM_SIGNED=0.1, + DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, + HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, + RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] + autolearn=unavailable autolearn_force=no +Authentication-Results: a.mx.secunet.com (amavisd-new); + dkim=pass (1024-bit key) header.d=redhat.com +Received: from b.mx.secunet.com ([127.0.0.1]) + by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id XCp5nsS-qjhA for <martin.weber@secunet.com>; + Sat, 30 Mar 2024 22:35:39 +0100 (CET) +Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=147.75.80.249; helo=am.mirrors.kernel.org; envelope-from=kvm+bounces-13159-martin.weber=secunet.com@vger.kernel.org; receiver=martin.weber@secunet.com +DKIM-Filter: OpenDKIM Filter v2.11.0 b.mx.secunet.com 7487520322 +Authentication-Results: b.mx.secunet.com; + dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="PwZ9MZ1i" +Received: from am.mirrors.kernel.org (am.mirrors.kernel.org [147.75.80.249]) + (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) + (No client certificate requested) + by b.mx.secunet.com (Postfix) with ESMTPS id 7487520322 + for <martin.weber@secunet.com>; Sat, 30 Mar 2024 22:35:39 +0100 (CET) +Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) + (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) + (No client certificate requested) + by am.mirrors.kernel.org (Postfix) with ESMTPS id 10EC11F21A86 + for <martin.weber@secunet.com>; Sat, 30 Mar 2024 21:35:39 +0000 (UTC) +Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) + by smtp.subspace.kernel.org (Postfix) with ESMTP id 905934B5CD; + Sat, 30 Mar 2024 21:35:30 +0000 (UTC) +Authentication-Results: smtp.subspace.kernel.org; + dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="PwZ9MZ1i" +X-Original-To: kvm@vger.kernel.org +Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) + (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) + (No client certificate requested) + by smtp.subspace.kernel.org (Postfix) with ESMTPS id 87ECB43AC2 + for <kvm@vger.kernel.org>; Sat, 30 Mar 2024 21:35:28 +0000 (UTC) +Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 +ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; + t=1711834530; cv=none; b=PgOkXF678W9FwFCPiVKah4oovIgBF8F/JnAjhXPQYadrFMw6s+c93/cpsFP4CCmpp1MvFGZ3gW9RNn4I1KSTSuDG7F8jluCx/viwZsut6QgyteFd/9Q4ZcCd99QNu5td4CEPW8NWs8LY4PcHkUUXf5KTi6LEdxRmTmIHMg205wk= +ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; + s=arc-20240116; t=1711834530; c=relaxed/simple; + bh=g0toAGCQtFi0G3GbWa0Q4HZPWv8jGtxInPF/JxlP71A=; + h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: + In-Reply-To:Content-Type; b=VDk1AdWfivfUlDYWWV0aeHeinK3zHP6Dwj3CQ2qewUTiR3JkY389d6bV/9E9OKg2J0ACGBw1DWYUPuF6lGvUnq274kQdBU+HYQaf3VVKagAkxwJnR9csNwkpG3T1KCpCWClj7sLvSTcqgcR3yTTn3MVnPc35I5YZ5/XMmBDm6Vc= +ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=PwZ9MZ1i; arc=none smtp.client-ip=170.10.129.124 +Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com +Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; + s=mimecast20190719; t=1711834527; + h=from:from:reply-to:subject:subject:date:date:message-id:message-id: + to:to:cc:cc:mime-version:mime-version:content-type:content-type: + content-transfer-encoding:content-transfer-encoding: + in-reply-to:in-reply-to:references:references:autocrypt:autocrypt; + bh=EwmuW/k3ZL7znVA8wS56lDlLW9BhS4TEVksrt7Me+Z8=; + b=PwZ9MZ1iyCAVzBUash6/9hnMVBP48I4GsfrdulDjf7X0dySw+dhCyQuoNF9cRn97oZnC0V + cTOQYa0rlarrHCAeQS/Hszk96ip36xl7O644Vw+ylUW0h4uRIhxuKMLJ1NrVHXnq/yslBs + rhet5l0+ntjKgvhS1bHVq1nOKnn3br4= +Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com + [209.85.208.72]) by relay.mimecast.com with ESMTP with STARTTLS + (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id + us-mta-597-Z1cutKDMPAqZsj1hS9Y4tQ-1; Sat, 30 Mar 2024 17:35:23 -0400 +X-MC-Unique: Z1cutKDMPAqZsj1hS9Y4tQ-1 +Received: by mail-ed1-f72.google.com with SMTP id 4fb4d7f45d1cf-5681b29771fso2713252a12.1 + for <kvm@vger.kernel.org>; Sat, 30 Mar 2024 14:35:23 -0700 (PDT) +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=1e100.net; s=20230601; t=1711834522; x=1712439322; + h=content-transfer-encoding:in-reply-to:autocrypt:content-language + :from:references:cc:to:subject:user-agent:mime-version:date + :message-id:x-gm-message-state:from:to:cc:subject:date:message-id + :reply-to; + bh=EwmuW/k3ZL7znVA8wS56lDlLW9BhS4TEVksrt7Me+Z8=; + b=nzCRUS20ImCAW2h2K5GoL6qVk3nAr99hKcLBSSqCe3IyM8m2GI6s2dERA7joPIeggi + CMiXYCjsP8xOJ1mO289qN6dczcnwI+vFzFsMSS+NJR+rp2/pXByFXgzVe+AjusVdDUEg + iKZUJpF/Kt15I0AedM3sTJqZAi1ZSnddDYBD5zL7/X/qlmppeMGOrTAPeNN37PfBQwPE + zdiAq9FUWoYTeq9GB+tDL6ymyw6FikEOUpfhMekKSB4xcvomqjpGiLSl2Xwb+Z+jfS1f + trWPxxxvq6dp5z6jCU7JFiZHI+tiI6iblXgMZzxJ506R9e7gEM0zUmHTQP9pjP0fvOIg + IBvQ== +X-Forwarded-Encrypted: i=1; AJvYcCVVDt3jH5NKl/MGHyzEugLs33le86iNvLjQspEcRQzKog1U4wrqsbKd2XbBxiRn46WvGdEQ+Mr2CpNLtehpxAD3xXt9 +X-Gm-Message-State: AOJu0YxDRJwX1L4tYkKr7mz+XPL/Dtq0B7tTTD3b1qBrpT4Lxtz6YzrT + nNw9rjmeGmQmu+ixJCjiIJ+mX+H/khlSownsdst1V9PcufXw+BEJkuWgzulSLyNIOoxmAnAn6xe + KmLZ6GRFxU+QtOhjBnFX3YF5noQ8bQPSObqNIXqvKsyvHXtNLVA== +X-Received: by 2002:a50:bb44:0:b0:567:23a2:5b1e with SMTP id y62-20020a50bb44000000b0056723a25b1emr4176641ede.23.1711834522682; + Sat, 30 Mar 2024 14:35:22 -0700 (PDT) +X-Google-Smtp-Source: AGHT+IH4Y1Y1ai02PAHKv5gHHk8E9vouw7+IeXJOAyuQtq3+b2c4PJy15b2ZKcJKFYMqFhtFpYJu6A== +X-Received: by 2002:a50:bb44:0:b0:567:23a2:5b1e with SMTP id y62-20020a50bb44000000b0056723a25b1emr4176630ede.23.1711834522369; + Sat, 30 Mar 2024 14:35:22 -0700 (PDT) +Received: from [192.168.10.4] ([151.95.49.219]) + by smtp.googlemail.com with ESMTPSA id cy14-20020a0564021c8e00b0056bf31fa2a3sm3688481edb.80.2024.03.30.14.35.18 + (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); + Sat, 30 Mar 2024 14:35:21 -0700 (PDT) +Message-ID: <4e89479a-e170-403a-b2eb-ce7b895e55a3@redhat.com> +Date: Sat, 30 Mar 2024 22:35:17 +0100 +Precedence: bulk +X-Mailing-List: kvm@vger.kernel.org +List-Id: <kvm.vger.kernel.org> +List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org> +List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org> +MIME-Version: 1.0 +User-Agent: Mozilla Thunderbird +Subject: Re: [PATCH v12 23/29] KVM: x86: Implement gmem hook for determining + max NPT mapping level +To: Michael Roth <michael.roth@amd.com>, kvm@vger.kernel.org +Cc: linux-coco@lists.linux.dev, linux-mm@kvack.org, + linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, + tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de, + thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, seanjc@google.com, + vkuznets@redhat.com, jmattson@google.com, luto@kernel.org, + dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com, + peterz@infradead.org, srinivas.pandruvada@linux.intel.com, + rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de, + vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com, + tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, + alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com, + nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com +References: <20240329225835.400662-1-michael.roth@amd.com> + <20240329225835.400662-24-michael.roth@amd.com> +From: Paolo Bonzini <pbonzini@redhat.com> +Content-Language: en-US +Autocrypt: addr=pbonzini@redhat.com; keydata= + xsEhBFRCcBIBDqDGsz4K0zZun3jh+U6Z9wNGLKQ0kSFyjN38gMqU1SfP+TUNQepFHb/Gc0E2 + CxXPkIBTvYY+ZPkoTh5xF9oS1jqI8iRLzouzF8yXs3QjQIZ2SfuCxSVwlV65jotcjD2FTN04 + hVopm9llFijNZpVIOGUTqzM4U55sdsCcZUluWM6x4HSOdw5F5Utxfp1wOjD/v92Lrax0hjiX + DResHSt48q+8FrZzY+AUbkUS+Jm34qjswdrgsC5uxeVcLkBgWLmov2kMaMROT0YmFY6A3m1S + P/kXmHDXxhe23gKb3dgwxUTpENDBGcfEzrzilWueOeUWiOcWuFOed/C3SyijBx3Av/lbCsHU + Vx6pMycNTdzU1BuAroB+Y3mNEuW56Yd44jlInzG2UOwt9XjjdKkJZ1g0P9dwptwLEgTEd3Fo + UdhAQyRXGYO8oROiuh+RZ1lXp6AQ4ZjoyH8WLfTLf5g1EKCTc4C1sy1vQSdzIRu3rBIjAvnC + tGZADei1IExLqB3uzXKzZ1BZ+Z8hnt2og9hb7H0y8diYfEk2w3R7wEr+Ehk5NQsT2MPI2QBd + wEv1/Aj1DgUHZAHzG1QN9S8wNWQ6K9DqHZTBnI1hUlkp22zCSHK/6FwUCuYp1zcAEQEAAc0j + UGFvbG8gQm9uemluaSA8cGJvbnppbmlAcmVkaGF0LmNvbT7CwU0EEwECACMFAlRCcBICGwMH + CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRB+FRAMzTZpsbceDp9IIN6BIA0Ol7MoB15E + 11kRz/ewzryFY54tQlMnd4xxfH8MTQ/mm9I482YoSwPMdcWFAKnUX6Yo30tbLiNB8hzaHeRj + jx12K+ptqYbg+cevgOtbLAlL9kNgLLcsGqC2829jBCUTVeMSZDrzS97ole/YEez2qFpPnTV0 + VrRWClWVfYh+JfzpXmgyhbkuwUxNFk421s4Ajp3d8nPPFUGgBG5HOxzkAm7xb1cjAuJ+oi/K + CHfkuN+fLZl/u3E/fw7vvOESApLU5o0icVXeakfSz0LsygEnekDbxPnE5af/9FEkXJD5EoYG + SEahaEtgNrR4qsyxyAGYgZlS70vkSSYJ+iT2rrwEiDlo31MzRo6Ba2FfHBSJ7lcYdPT7bbk9 + AO3hlNMhNdUhoQv7M5HsnqZ6unvSHOKmReNaS9egAGdRN0/GPDWr9wroyJ65ZNQsHl9nXBqE + AukZNr5oJO5vxrYiAuuTSd6UI/xFkjtkzltG3mw5ao2bBpk/V/YuePrJsnPFHG7NhizrxttB + nTuOSCMo45pfHQ+XYd5K1+Cv/NzZFNWscm5htJ0HznY+oOsZvHTyGz3v91pn51dkRYN0otqr + bQ4tlFFuVjArBZcapSIe6NV8C4cEiSTOwE0EVEJx7gEIAMeHcVzuv2bp9HlWDp6+RkZe+vtl + KwAHplb/WH59j2wyG8V6i33+6MlSSJMOFnYUCCL77bucx9uImI5nX24PIlqT+zasVEEVGSRF + m8dgkcJDB7Tps0IkNrUi4yof3B3shR+vMY3i3Ip0e41zKx0CvlAhMOo6otaHmcxr35sWq1Jk + tLkbn3wG+fPQCVudJJECvVQ//UAthSSEklA50QtD2sBkmQ14ZryEyTHQ+E42K3j2IUmOLriF + dNr9NvE1QGmGyIcbw2NIVEBOK/GWxkS5+dmxM2iD4Jdaf2nSn3jlHjEXoPwpMs0KZsgdU0pP + JQzMUMwmB1wM8JxovFlPYrhNT9MAEQEAAcLBMwQYAQIACQUCVEJx7gIbDAAKCRB+FRAMzTZp + sadRDqCctLmYICZu4GSnie4lKXl+HqlLanpVMOoFNnWs9oRP47MbE2wv8OaYh5pNR9VVgyhD + OG0AU7oidG36OeUlrFDTfnPYYSF/mPCxHttosyt8O5kabxnIPv2URuAxDByz+iVbL+RjKaGM + GDph56ZTswlx75nZVtIukqzLAQ5fa8OALSGum0cFi4ptZUOhDNz1onz61klD6z3MODi0sBZN + Aj6guB2L/+2ZwElZEeRBERRd/uommlYuToAXfNRdUwrwl9gRMiA0WSyTb190zneRRDfpSK5d + usXnM/O+kr3Dm+Ui+UioPf6wgbn3T0o6I5BhVhs4h4hWmIW7iNhPjX1iybXfmb1gAFfjtHfL + xRUr64svXpyfJMScIQtBAm0ihWPltXkyITA92ngCmPdHa6M1hMh4RDX+Jf1fiWubzp1voAg0 + JBrdmNZSQDz0iKmSrx8xkoXYfA3bgtFN8WJH2xgFL28XnqY4M6dLhJwV3z08tPSRqYFm4NMP + dRsn0/7oymhneL8RthIvjDDQ5ktUjMe8LtHr70OZE/TT88qvEdhiIVUogHdo4qBrk41+gGQh + b906Dudw5YhTJFU3nC6bbF2nrLlB4C/XSiH76ZvqzV0Z/cAMBo5NF/w= +In-Reply-To: <20240329225835.400662-24-michael.roth@amd.com> +Content-Type: text/plain; charset=UTF-8; format=flowed +Content-Transfer-Encoding: 7bit +Return-Path: kvm+bounces-13159-martin.weber=secunet.com@vger.kernel.org +X-MS-Exchange-Organization-OriginalArrivalTime: 30 Mar 2024 21:35:40.9329 + (UTC) +X-MS-Exchange-Organization-Network-Message-Id: d2540025-1aa6-41fa-c753-08dc510158f9 +X-MS-Exchange-Organization-OriginalClientIPAddress: 62.96.220.37 +X-MS-Exchange-Organization-OriginalServerIPAddress: 10.53.40.201 +X-MS-Exchange-Organization-Cross-Premises-Headers-Processed: cas-essen-01.secunet.de +X-MS-Exchange-Organization-OrderedPrecisionLatencyInProgress: LSRV=mbx-dresden-01.secunet.de:TOTAL-HUB=0.435|SMR=0.348(SMRDE=0.035|SMRC=0.312(SMRCL=0.101|X-SMRCR=0.313))|CAT=0.086(CATOS=0.011 + (CATSM=0.011(CATSM-Malware + Agent=0.011))|CATRESL=0.039(CATRESLP2R=0.020)|CATORES=0.033 + (CATRS=0.033(CATRS-Index Routing Agent=0.032)));2024-03-30T21:35:41.398Z +X-MS-Exchange-Forest-ArrivalHubServer: mbx-dresden-01.secunet.de +X-MS-Exchange-Organization-AuthSource: cas-essen-01.secunet.de +X-MS-Exchange-Organization-AuthAs: Anonymous +X-MS-Exchange-Organization-FromEntityHeader: Internet +X-MS-Exchange-Organization-OriginalSize: 16300 +X-MS-Exchange-Organization-HygienePolicy: Standard +X-MS-Exchange-Organization-MessageLatency: SRV=cas-essen-01.secunet.de:TOTAL-FE=0.030|SMR=0.023(SMRPI=0.021(SMRPI-FrontendProxyAgent=0.020))|SMS=0.007 +X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0 +X-MS-Exchange-Organization-Recipient-Limit-Verified: True +X-MS-Exchange-Organization-TotalRecipientCount: 1 +X-MS-Exchange-Organization-Rules-Execution-History: 0b0cf904-14ac-4724-8bdf-482ee6223cf2%%%fd34672d-751c-45ae-a963-ed177fcabe23%%%d8080257-b0c3-47b4-b0db-23bc0c8ddb3c%%%95e591a2-5d7d-4afa-b1d0-7573d6c0a5d9%%%f7d0f6bc-4dcc-4876-8c5d-b3d6ddbb3d55%%%16355082-c50b-4214-9c7d-d39575f9f79b +X-MS-Exchange-Forest-RulesExecuted: mbx-dresden-01 +X-MS-Exchange-Organization-RulesExecuted: mbx-dresden-01 +X-MS-Exchange-Forest-IndexAgent-0: AQ0CZW4AAScJAAAPAAADH4sIAAAAAAAEAM1XbXPbxhE+kiJFUqTd2I + 7ddCYzG2ec6oWiKJGiZMlO7SRy6nEkcyTFHzqdwRyBg4gaBDgASEtx + /bW/u7t7AAlS706nLUwDh73bvWeffTnoX4/fetBc23i6ttGCjebO5n + YN9h2zJ5ULh37Ugw+BH6mdavl7eO1B1FNgylCBb8PR3rvVo4NODT70 + FMoD8APw/AgkbOz/AAN5Qks96Croy8FAWTByJEgyRPMkc7wTcLTRk6 + EKoz+H4OEDl7J2JLuuAksNlGeF4HszG5El6Z1BOOzS8hA+OFEvNhdI + Dw305EiBdAMlrTPEoTzczYkc6Tq/4R4yhEHgjGSkyFKseLjf0fvW4R + hf1akTRgSz75wqa1VGUeB0hxFiC6T5Psb/5t0+OKE2Eg5t2zEd5UWA + SFUNbASL4kh6JrNIy/BahZO+6iM41zcRQTjmbDJPjKDdEJ/Qeffyl9 + c/vTzeIxouWeqinQBM3xupIAoxDDExEPkQ9mSgrLEChg16PuqYvqXG + exztvzz6K68euE7E2xAdSaRwovVmbIKc3t//Va8N4aBzfMnCC8FFPR + nFoHSsu0gnKU4iQgZeRrjSwTj5jkdDZBRQB6OvAwLjgIQ1zAWLUX3w + h66FS4I+snvGWYIsf+BIkE8pqMjSiXS8GqAJvRP+pBkNSVMnM6lq5r + rKlENM/ak0SVlCXK03jALTnnQx8weB3/cpoX1OLzLTOxuoYOSEiCZ0 + LMyQ0GeTU7D6Q+QMM891yYrr9B0ywsTincz0ZWT2GHM9Jut1f+CqPm + WehPejvnG63Tb8QVinRDNGmPQWEmvYcuhGi0sYfv89U4JlrMNh9pT5 + ntOYxMwGxsvCgkHw5Ja0/oGwQkabxNpVI2wU0jT9wMJ39yxBc+SceF + gxvm2vds92plvKs75+q2Nr6b2Qfatu+n3UqpYP1chRyDfrdKTv+vCD + 7/2GZQvPBl09eoFJg3jHOt/D6uqqTjcZmL019HsN/V8L6b8a1U34Jz + Q3YOWa6zILoz5bgHW4akmPlmzBlK0m2I6LhYW+YjeyatBqUCvAAkBG + w8WVpZgqy7Ft9OEEa06uXeJC95IJ3XUsdQrbW1Z7Y91qrDdlq15vrt + ttu7W13d5sNGG90Wi3WjFTl+5B84j9yq1evIDVVqvVrDVhRT83STby + HQtwkcG55nhJti1SHg5sz6BklkFUg4kAm/pS3CRSF87BynPAOjM2+s + ZwQFbgL9A5PjwyOnuHRmf/J9iB9d2J5ic95AcTv7K2zA9YhkO1ylk9 + PjnwPPr2oPOKM1wmzWaNW/H4wBqXXUh1alLgMPsTk7oIMP9Pnf6wP1 + MHjo0HmLKUVY+Xr/GTmteYnZlKDKNgaEbECyzjLc0Q3mtwwsMTGnZ9 + H7cIjRh2Te9x2TXchmVEaTAyZnrl40SDIPFMDQJzdyLnPWQYcvXuTj + jVSjYsfkOOhN7A4L5OAV5aOg8kUNEw8KAxayEw4TmQtovtZzgwgj4e + 7lFwtsi+fpdsjEMNe3d688Bcgo/ndxsEhgoCI0BS4la5+Bjb2g63ab + bPvdz2h561Az+/OoAnrnsKnWSgg/fEArSCifHE+rv3+Bp244vjwtjH + ZKYxz9Cxunfwdu/gOLXg00UMJyx8rq/YuPnois1c5fHnOnqlk68P8G + vlGic1gGfnUnTK4mQSs4af5/JpKs8+3aCbcju/qMXRxKSbdlub7aeN + tr3R3mrU6xtPt7stU21tyU37Bt00MXVZN03mqZtuNrbXa21Y4ecWib + BTRo4Jk8aQnOQQpsaGQd+y2EgkcvNx8mGJlz7xB4Ea0DfJ80nriUW1 + 2aWThp1ePZGmUuSir4m00vRMvNOn3TE+3Zuvj1HvMuJ6kxg1bTzkrK + bVlJaq17dabXt7/alsW6p1sxj1rolRL4nRVnODQkSP7anjbmQOhsbQ + 6+JHPP0xkGrmPAXLdF+KD6uxFvU/Ch7GA78NTSxh3UwNiry62sjUUR + LH8zZnCOlTVeHnmgrOIbvl8b37/3K6xX58q9ww/qsoLiLHcx1PJbXE + R/wy0R9KWxn8x5dBwks41/13qruldH5+1THe7B0e7P1ivPzxx7e/Hh + zjN6BhkPhve4dvNShOn80mp8/mZm19PVXhMbjfH9JzKBu7qY+iWTI+ + N9rwUTfyK9B/dvRvdAbF12yiXPOlc/6ISJIF/7ax+ZX+CZEVuUxGzO + ufyOJrNpPLC5EX8/OiOCfyeVFGYU7M4ZgGtGwuJ/I4q+UZkdWzeEdJ + QcyzkF7Ha3CAcrZW0MJkihYXRUlr4ewcW8b7gqjwsgVtgWfjxfmMuC + sKJVHGsZ7NikJFVOdEgRd8ieo4y6iqaBONlyZekAR/qIvINYyCuKtd + wB8uxh8K82xt7EVWLOhXDXUsHFvTutoII7+Dd+2yNqVtlkUlcQe1Ku + NdYtfYuLaAr7zRAu6VUilpUxqJXqaZLIsFZGBMl4aUZ0mCFn8FJrmC + hFDgMmIh2R1jdl/kGUNRR1MjKcRMxpRqMHhHOwvifiEjqow5y0IEgI + n0YGKhWKQtEOEch75UpF10uO+Pd9G/TAaNYEIunZNjwEWG3blAnrnL + s1mynymxhVxZPJiL8zA7qyWyFwmJqIq4U8lUC0IUxJ2L1pQuEGaKVC + yZAiPJ6jFjoEzOkbNEHYYGx6UEAEU59ZoTD3MsqcYVVEJpRW+kLYtF + BF3k/OFQTnzRxaJR6VgXKUwLBa5fHSa2+YCtiUeMh6Nc4Cjkc4wzBY + Ze88mYUjEjypRC32XZQok2eqjrMUtFh9b+mGWtapKlOfGokJln5F9k + Ex5wO85ezGGsGpSjs4/Q+D3O2AVRzSVeJMWuqdbCec0bh29Rw2YADw + vUW77JEoyvL7SmK4JpmTWYMvVVYgenSombXyUDpPHLxKPK/zC1GEDc + o9LFmxojvX/S+TOPLmfEHzji81hu1DYxFauptHyYrvrp9Pj6v+bmnM + CHruXsZKyzOlVB2uUivVIH07OPkzaF3Ul32pllmpyEhOJNcj43yfPq + baq4/B8tsTtzoqwDzcdKYQxDn5LTbn6Br3kyErede1xu85lyWZ/Ome + p5knWbinPp9ixlRSWpiLsJyJtzVUnve0vGGinGSummlOC5l/83zkEU + IeEZAAABCtQCPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idX + RmLTE2Ij8+DQo8RW1haWxTZXQ+DQogIDxWZXJzaW9uPjE1LjAuMC4w + PC9WZXJzaW9uPg0KICA8RW1haWxzPg0KICAgIDxFbWFpbCBTdGFydE + luZGV4PSIxMTM5Ij4NCiAgICAgIDxFbWFpbFN0cmluZz5taWNoYWVs + LnJvdGhAYW1kLmNvbTwvRW1haWxTdHJpbmc+DQogICAgPC9FbWFpbD + 4NCiAgICA8RW1haWwgU3RhcnRJbmRleD0iMTE5MiIgUG9zaXRpb249 + IlNpZ25hdHVyZSI+DQogICAgICA8RW1haWxTdHJpbmc+cGJvbnppbm + lAcmVkaGF0LmNvbTwvRW1haWxTdHJpbmc+DQogICAgPC9FbWFpbD4N + CiAgPC9FbWFpbHM+DQo8L0VtYWlsU2V0PgEMpwc8P3htbCB2ZXJzaW + 9uPSIxLjAiIGVuY29kaW5nPSJ1dGYtMTYiPz4NCjxDb250YWN0U2V0 + Pg0KICA8VmVyc2lvbj4xNS4wLjAuMDwvVmVyc2lvbj4NCiAgPENvbn + RhY3RzPg0KICAgIDxDb250YWN0IFN0YXJ0SW5kZXg9IjExMjUiPg0K + ICAgICAgPFBlcnNvbiBTdGFydEluZGV4PSIxMTI1Ij4NCiAgICAgIC + AgPFBlcnNvblN0cmluZz5NaWNoYWVsIFJvdGg8L1BlcnNvblN0cmlu + Zz4NCiAgICAgIDwvUGVyc29uPg0KICAgICAgPEVtYWlscz4NCiAgIC + AgICAgPEVtYWlsIFN0YXJ0SW5kZXg9IjExMzkiPg0KICAgICAgICAg + IDxFbWFpbFN0cmluZz5taWNoYWVsLnJvdGhAYW1kLmNvbTwvRW1haW + xTdHJpbmc+DQogICAgICAgIDwvRW1haWw+DQogICAgICA8L0VtYWls + cz4NCiAgICAgIDxDb250YWN0U3RyaW5nPk1pY2hhZWwgUm90aCAmbH + Q7bWljaGFlbC5yb3RoQGFtZC5jb208L0NvbnRhY3RTdHJpbmc+DQog + ICAgPC9Db250YWN0Pg0KICAgIDxDb250YWN0IFN0YXJ0SW5kZXg9Ij + ExNzciIFBvc2l0aW9uPSJTaWduYXR1cmUiPg0KICAgICAgPFBlcnNv + biBTdGFydEluZGV4PSIxMTc3IiBQb3NpdGlvbj0iU2lnbmF0dXJlIj + 4NCiAgICAgICAgPFBlcnNvblN0cmluZz5QYW9sbyBCb256aW5pPC9Q + ZXJzb25TdHJpbmc+DQogICAgICA8L1BlcnNvbj4NCiAgICAgIDxFbW + FpbHM+DQogICAgICAgIDxFbWFpbCBTdGFydEluZGV4PSIxMTkyIiBQ + b3NpdGlvbj0iU2lnbmF0dXJlIj4NCiAgICAgICAgICA8RW1haWxTdH + Jpbmc+cGJvbnppbmlAcmVkaGF0LmNvbTwvRW1haWxTdHJpbmc+DQog + ICAgICAgIDwvRW1haWw+DQogICAgICA8L0VtYWlscz4NCiAgICAgID + xDb250YWN0U3RyaW5nPlBhb2xvIEJvbnppbmkgJmx0O3Bib256aW5p + QHJlZGhhdC5jb208L0NvbnRhY3RTdHJpbmc+DQogICAgPC9Db250YW + N0Pg0KICA8L0NvbnRhY3RzPg0KPC9Db250YWN0U2V0PgEOzwFSZXRy + aWV2ZXJPcGVyYXRvciwxMCwxO1JldHJpZXZlck9wZXJhdG9yLDExLD + E7UG9zdERvY1BhcnNlck9wZXJhdG9yLDEwLDA7UG9zdERvY1BhcnNl + ck9wZXJhdG9yLDExLDA7UG9zdFdvcmRCcmVha2VyRGlhZ25vc3RpY0 + 9wZXJhdG9yLDEwLDE7UG9zdFdvcmRCcmVha2VyRGlhZ25vc3RpY09w + ZXJhdG9yLDExLDA7VHJhbnNwb3J0V3JpdGVyUHJvZHVjZXIsMjAsMj E= +X-MS-Exchange-Forest-IndexAgent: 1 3848 +X-MS-Exchange-Forest-EmailMessageHash: DDBAC2FC +X-MS-Exchange-Forest-Language: en +X-MS-Exchange-Organization-Processed-By-Journaling: Journal Agent + +On 3/29/24 23:58, Michael Roth wrote: +> In the case of SEV-SNP, whether or not a 2MB page can be mapped via a +> 2MB mapping in the guest's nested page table depends on whether or not +> any subpages within the range have already been initialized as private +> in the RMP table. The existing mixed-attribute tracking in KVM is +> insufficient here, for instance: +> +> - gmem allocates 2MB page +> - guest issues PVALIDATE on 2MB page +> - guest later converts a subpage to shared +> - SNP host code issues PSMASH to split 2MB RMP mapping to 4K +> - KVM MMU splits NPT mapping to 4K +> - guest later converts that shared page back to private +> +> At this point there are no mixed attributes, and KVM would normally +> allow for 2MB NPT mappings again, but this is actually not allowed +> because the RMP table mappings are 4K and cannot be promoted on the +> hypervisor side, so the NPT mappings must still be limited to 4K to +> match this. +> +> Implement a kvm_x86_ops.gmem_validate_fault() hook for SEV that checks +> for this condition and adjusts the mapping level accordingly. +> +> Signed-off-by: Michael Roth <michael.roth@amd.com> + +Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> + +> --- +> arch/x86/kvm/svm/sev.c | 32 ++++++++++++++++++++++++++++++++ +> arch/x86/kvm/svm/svm.c | 1 + +> arch/x86/kvm/svm/svm.h | 7 +++++++ +> 3 files changed, 40 insertions(+) +> +> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c +> index 87d621d013a4..31f6f4786503 100644 +> --- a/arch/x86/kvm/svm/sev.c +> +++ b/arch/x86/kvm/svm/sev.c +> @@ -4443,3 +4443,35 @@ void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) +> pfn += use_2m_update ? PTRS_PER_PMD : 1; +> } +> } +> + +> +/* +> + * Re-check whether an #NPF for a private/gmem page can still be serviced, and +> + * adjust maximum mapping level if needed. +> + */ +> +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private, +> + u8 *max_level) +> +{ +> + int level, rc; +> + bool assigned; +> + +> + if (!sev_snp_guest(kvm)) +> + return 0; +> + +> + rc = snp_lookup_rmpentry(pfn, &assigned, &level); +> + if (rc) { +> + pr_err_ratelimited("SEV: RMP entry not found: GFN %llx PFN %llx level %d error %d\n", +> + gfn, pfn, level, rc); +> + return -ENOENT; +> + } +> + +> + if (!assigned) { +> + pr_err_ratelimited("SEV: RMP entry is not assigned: GFN %llx PFN %llx level %d\n", +> + gfn, pfn, level); +> + return -EINVAL; +> + } +> + +> + if (level < *max_level) +> + *max_level = level; +> + +> + return 0; +> +} +> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c +> index b456906f2670..298b4ce77a5f 100644 +> --- a/arch/x86/kvm/svm/svm.c +> +++ b/arch/x86/kvm/svm/svm.c +> @@ -5081,6 +5081,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { +> +> .gmem_prepare = sev_gmem_prepare, +> .gmem_invalidate = sev_gmem_invalidate, +> + .gmem_validate_fault = sev_gmem_validate_fault, +> }; +> +> /* +> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h +> index 3f1f6d3d3ade..746f819a6de4 100644 +> --- a/arch/x86/kvm/svm/svm.h +> +++ b/arch/x86/kvm/svm/svm.h +> @@ -732,6 +732,8 @@ void sev_vcpu_unblocking(struct kvm_vcpu *vcpu); +> void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); +> int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); +> void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end); +> +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private, +> + u8 *max_level); +> #else +> static inline struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) { +> return alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); +> @@ -753,6 +755,11 @@ static inline int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, in +> return 0; +> } +> static inline void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) {} +> +static inline int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, +> + bool is_private, u8 *max_level) +> +{ +> + return 0; +> +} +> +> #endif +> + + +X-sender: <linux-kernel+bounces-125895-steffen.klassert=secunet.com@vger.kernel.org> +X-Receiver: <steffen.klassert@secunet.com> ORCPT=rfc822;steffen.klassert@secunet.com NOTIFY=NEVER; X-ExtendedProps=BQAVABYAAgAAAAUAFAARAPDFCS25BAlDktII2g02frgPADUAAABNaWNyb3NvZnQuRXhjaGFuZ2UuVHJhbnNwb3J0LkRpcmVjdG9yeURhdGEuSXNSZXNvdXJjZQIAAAUAagAJAAEAAAAAAAAABQAWAAIAAAUAQwACAAAFAEYABwADAAAABQBHAAIAAAUAEgAPAGIAAAAvbz1zZWN1bmV0L291PUV4Y2hhbmdlIEFkbWluaXN0cmF0aXZlIEdyb3VwIChGWURJQk9IRjIzU1BETFQpL2NuPVJlY2lwaWVudHMvY249U3RlZmZlbiBLbGFzc2VydDY4YwUACwAXAL4AAACheZxkHSGBRqAcAp3ukbifQ049REI2LENOPURhdGFiYXNlcyxDTj1FeGNoYW5nZSBBZG1pbmlzdHJhdGl2ZSBHcm91cCAoRllESUJPSEYyM1NQRExUKSxDTj1BZG1pbmlzdHJhdGl2ZSBHcm91cHMsQ049c2VjdW5ldCxDTj1NaWNyb3NvZnQgRXhjaGFuZ2UsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1zZWN1bmV0LERDPWRlBQAOABEABiAS9uuMOkqzwmEZDvWNNQUAHQAPAAwAAABtYngtZXNzZW4tMDIFADwAAgAADwA2AAAATWljcm9zb2Z0LkV4Y2hhbmdlLlRyYW5zcG9ydC5NYWlsUmVjaXBpZW50LkRpc3BsYXlOYW1lDwARAAAAS2xhc3NlcnQsIFN0ZWZmZW4FAAwAAgAABQBsAAIAAAUAWAAXAEoAAADwxQktuQQJQ5LSCNoNNn64Q049S2xhc3NlcnQgU3RlZmZlbixPVT1Vc2VycyxPVT1NaWdyYXRpb24sREM9c2VjdW5ldCxEQz1kZQUAJgACAAEFACIADwAxAAAAQXV0b1Jlc3BvbnNlU3VwcHJlc3M6IDANClRyYW5zbWl0SGlzdG9yeTogRmFsc2UNCg8ALwAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuRXhwYW5zaW9uR3JvdXBUeXBlDwAVAAAATWVtYmVyc0dyb3VwRXhwYW5zaW9uBQAjAAIAAQ== +X-CreatedBy: MSExchange15 +X-HeloDomain: a.mx.secunet.com +X-ExtendedProps: BQBjAAoAtaNAQuxQ3AgFAGEACAABAAAABQA3AAIAAA8APAAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuTWFpbFJlY2lwaWVudC5Pcmdhbml6YXRpb25TY29wZREAAAAAAAAAAAAAAAAAAAAAAAUASQACAAEFAGIACgBaAAAAo4oAAAUABAAUIAEAAAAcAAAAc3RlZmZlbi5rbGFzc2VydEBzZWN1bmV0LmNvbQUABgACAAEFACkAAgABDwAJAAAAQ0lBdWRpdGVkAgABBQACAAcAAQAAAAUAAwAHAAAAAAAFAAUAAgABBQBkAA8AAwAAAEh1Yg== +X-Source: SMTP:Default MBX-DRESDEN-01 +X-SourceIPAddress: 62.96.220.36 +X-EndOfInjectedXHeaders: 23237 +Received: from cas-essen-02.secunet.de (10.53.40.202) by + mbx-dresden-01.secunet.de (10.53.40.199) with Microsoft SMTP Server + (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id + 15.1.2507.37; Sat, 30 Mar 2024 22:35:58 +0100 +Received: from a.mx.secunet.com (62.96.220.36) by cas-essen-02.secunet.de + (10.53.40.202) with Microsoft SMTP Server (version=TLS1_2, + cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.37 via Frontend + Transport; Sat, 30 Mar 2024 22:35:58 +0100 +Received: from localhost (localhost [127.0.0.1]) + by a.mx.secunet.com (Postfix) with ESMTP id 8EC8920883 + for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 22:35:58 +0100 (CET) +X-Virus-Scanned: by secunet +X-Spam-Flag: NO +X-Spam-Score: -2.851 +X-Spam-Level: +X-Spam-Status: No, score=-2.851 tagged_above=-999 required=2.1 + tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.1, DKIM_SIGNED=0.1, + DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, + HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, + RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] + autolearn=ham autolearn_force=no +Authentication-Results: a.mx.secunet.com (amavisd-new); + dkim=pass (1024-bit key) header.d=redhat.com +Received: from a.mx.secunet.com ([127.0.0.1]) + by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id WvBMAZHTwSqc for <steffen.klassert@secunet.com>; + Sat, 30 Mar 2024 22:35:57 +0100 (CET) +Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=147.75.199.223; helo=ny.mirrors.kernel.org; envelope-from=linux-kernel+bounces-125895-steffen.klassert=secunet.com@vger.kernel.org; receiver=steffen.klassert@secunet.com +DKIM-Filter: OpenDKIM Filter v2.11.0 a.mx.secunet.com 135CB2076B +Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org [147.75.199.223]) + (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) + (No client certificate requested) + by a.mx.secunet.com (Postfix) with ESMTPS id 135CB2076B + for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 22:35:51 +0100 (CET) +Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) + (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) + (No client certificate requested) + by ny.mirrors.kernel.org (Postfix) with ESMTPS id EDEB11C21721 + for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 21:35:50 +0000 (UTC) +Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) + by smtp.subspace.kernel.org (Postfix) with ESMTP id 89EA04F5FD; + Sat, 30 Mar 2024 21:35:33 +0000 (UTC) +Authentication-Results: smtp.subspace.kernel.org; + dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="PwZ9MZ1i" +Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) + (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) + (No client certificate requested) + by smtp.subspace.kernel.org (Postfix) with ESMTPS id A388345948 + for <linux-kernel@vger.kernel.org>; Sat, 30 Mar 2024 21:35:28 +0000 (UTC) +Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 +ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; + t=1711834530; cv=none; b=fO/lEHbAvPLPvD4Czk3OqRCafqKiRL8iA0CO8q3eZQUN1kteZWed50dTZAyxTZuCdaX9qS/XnXuBeW5qVjX9QR8/wTnWHHzz2AMuaZjzC3tb1Dr6TyQ2SmNypR8s7rZVDdK6ARJUpxAZud/DR7rrr/s5fFn/Kmo2G7UC5c5imR4= +ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; + s=arc-20240116; t=1711834530; c=relaxed/simple; + bh=g0toAGCQtFi0G3GbWa0Q4HZPWv8jGtxInPF/JxlP71A=; + h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: + In-Reply-To:Content-Type; b=VDk1AdWfivfUlDYWWV0aeHeinK3zHP6Dwj3CQ2qewUTiR3JkY389d6bV/9E9OKg2J0ACGBw1DWYUPuF6lGvUnq274kQdBU+HYQaf3VVKagAkxwJnR9csNwkpG3T1KCpCWClj7sLvSTcqgcR3yTTn3MVnPc35I5YZ5/XMmBDm6Vc= +ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=PwZ9MZ1i; arc=none smtp.client-ip=170.10.133.124 +Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com +Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; + s=mimecast20190719; t=1711834527; + h=from:from:reply-to:subject:subject:date:date:message-id:message-id: + to:to:cc:cc:mime-version:mime-version:content-type:content-type: + content-transfer-encoding:content-transfer-encoding: + in-reply-to:in-reply-to:references:references:autocrypt:autocrypt; + bh=EwmuW/k3ZL7znVA8wS56lDlLW9BhS4TEVksrt7Me+Z8=; + b=PwZ9MZ1iyCAVzBUash6/9hnMVBP48I4GsfrdulDjf7X0dySw+dhCyQuoNF9cRn97oZnC0V + cTOQYa0rlarrHCAeQS/Hszk96ip36xl7O644Vw+ylUW0h4uRIhxuKMLJ1NrVHXnq/yslBs + rhet5l0+ntjKgvhS1bHVq1nOKnn3br4= +Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com + [209.85.208.72]) by relay.mimecast.com with ESMTP with STARTTLS + (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id + us-mta-112-tSJu9a0cMgmQB3On25fBYg-1; Sat, 30 Mar 2024 17:35:23 -0400 +X-MC-Unique: tSJu9a0cMgmQB3On25fBYg-1 +Received: by mail-ed1-f72.google.com with SMTP id 4fb4d7f45d1cf-5689f41cf4dso2408093a12.3 + for <linux-kernel@vger.kernel.org>; Sat, 30 Mar 2024 14:35:23 -0700 (PDT) +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=1e100.net; s=20230601; t=1711834522; x=1712439322; + h=content-transfer-encoding:in-reply-to:autocrypt:content-language + :from:references:cc:to:subject:user-agent:mime-version:date + :message-id:x-gm-message-state:from:to:cc:subject:date:message-id + :reply-to; + bh=EwmuW/k3ZL7znVA8wS56lDlLW9BhS4TEVksrt7Me+Z8=; + b=jTT2FBgSYMoeJE5ccOi5DsUyE0juZB4gBpRsaeSs9kH9ALQmj2ilHm8toqrL4cyyRv + Ofppy6SnyGFp2zfcHgVCc/EKCvuOaQZK6JLnQl8X2ElNIadsNZPGYktkgwtSlkzXYkvz + CLb+Mcn2pOShlO2CvLTXusmuKk3Y/Zt5FdLpngbspaovc+VJ1pXRCKMkKMylEO5vmetk + Hny51o7yTwHFWOegSUEFqtPM2imlks1J7mBZ0WuWiM7shRLBCiY9cNmWZLphMb+nEs9a + ipG4IOi+Wmp8zeHIcqDBWl6+wdAwUQO1tV70NDjBvGynKbt8FATmGTDxCv+bQ1fv2rIQ + GuZQ== +X-Forwarded-Encrypted: i=1; AJvYcCX4Pp+/19Mb2juuK84MNGHHMO5BHtlVbuQw6u4ZjA70d901hLiKrIUob09YFXAiG9zaWUumWi5S5A3ycfm7kpmU1INlD4mcb72VKS3k +X-Gm-Message-State: AOJu0YzQvpxLO0QoT38CtX9+7v5jgy51U7OMzC5vh+PxRqnKlxdZhHH8 + 6ZlZLqCDd5Th1F5x22MqKJ+q7SSedAzc4vh61ECYbvvQsECUlrHUi24/Y+QP5l0Lt05efWXFOnw + NWMVbeMVoNNqFiKg+nNGL//njdocX9xu1QzBM7wXulm42lMtfWzkkBnz5rJgmgA== +X-Received: by 2002:a50:bb44:0:b0:567:23a2:5b1e with SMTP id y62-20020a50bb44000000b0056723a25b1emr4176662ede.23.1711834522688; + Sat, 30 Mar 2024 14:35:22 -0700 (PDT) +X-Google-Smtp-Source: AGHT+IH4Y1Y1ai02PAHKv5gHHk8E9vouw7+IeXJOAyuQtq3+b2c4PJy15b2ZKcJKFYMqFhtFpYJu6A== +X-Received: by 2002:a50:bb44:0:b0:567:23a2:5b1e with SMTP id y62-20020a50bb44000000b0056723a25b1emr4176630ede.23.1711834522369; + Sat, 30 Mar 2024 14:35:22 -0700 (PDT) +Received: from [192.168.10.4] ([151.95.49.219]) + by smtp.googlemail.com with ESMTPSA id cy14-20020a0564021c8e00b0056bf31fa2a3sm3688481edb.80.2024.03.30.14.35.18 + (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); + Sat, 30 Mar 2024 14:35:21 -0700 (PDT) +Message-ID: <4e89479a-e170-403a-b2eb-ce7b895e55a3@redhat.com> +Date: Sat, 30 Mar 2024 22:35:17 +0100 +Precedence: bulk +X-Mailing-List: linux-kernel@vger.kernel.org +List-Id: <linux-kernel.vger.kernel.org> +List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org> +List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org> +MIME-Version: 1.0 +User-Agent: Mozilla Thunderbird +Subject: Re: [PATCH v12 23/29] KVM: x86: Implement gmem hook for determining + max NPT mapping level +To: Michael Roth <michael.roth@amd.com>, kvm@vger.kernel.org +Cc: linux-coco@lists.linux.dev, linux-mm@kvack.org, + linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, + tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de, + thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, seanjc@google.com, + vkuznets@redhat.com, jmattson@google.com, luto@kernel.org, + dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com, + peterz@infradead.org, srinivas.pandruvada@linux.intel.com, + rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de, + vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com, + tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, + alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com, + nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com +References: <20240329225835.400662-1-michael.roth@amd.com> + <20240329225835.400662-24-michael.roth@amd.com> +From: Paolo Bonzini <pbonzini@redhat.com> +Content-Language: en-US +Autocrypt: addr=pbonzini@redhat.com; keydata= + xsEhBFRCcBIBDqDGsz4K0zZun3jh+U6Z9wNGLKQ0kSFyjN38gMqU1SfP+TUNQepFHb/Gc0E2 + CxXPkIBTvYY+ZPkoTh5xF9oS1jqI8iRLzouzF8yXs3QjQIZ2SfuCxSVwlV65jotcjD2FTN04 + hVopm9llFijNZpVIOGUTqzM4U55sdsCcZUluWM6x4HSOdw5F5Utxfp1wOjD/v92Lrax0hjiX + DResHSt48q+8FrZzY+AUbkUS+Jm34qjswdrgsC5uxeVcLkBgWLmov2kMaMROT0YmFY6A3m1S + P/kXmHDXxhe23gKb3dgwxUTpENDBGcfEzrzilWueOeUWiOcWuFOed/C3SyijBx3Av/lbCsHU + Vx6pMycNTdzU1BuAroB+Y3mNEuW56Yd44jlInzG2UOwt9XjjdKkJZ1g0P9dwptwLEgTEd3Fo + UdhAQyRXGYO8oROiuh+RZ1lXp6AQ4ZjoyH8WLfTLf5g1EKCTc4C1sy1vQSdzIRu3rBIjAvnC + tGZADei1IExLqB3uzXKzZ1BZ+Z8hnt2og9hb7H0y8diYfEk2w3R7wEr+Ehk5NQsT2MPI2QBd + wEv1/Aj1DgUHZAHzG1QN9S8wNWQ6K9DqHZTBnI1hUlkp22zCSHK/6FwUCuYp1zcAEQEAAc0j + UGFvbG8gQm9uemluaSA8cGJvbnppbmlAcmVkaGF0LmNvbT7CwU0EEwECACMFAlRCcBICGwMH + CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRB+FRAMzTZpsbceDp9IIN6BIA0Ol7MoB15E + 11kRz/ewzryFY54tQlMnd4xxfH8MTQ/mm9I482YoSwPMdcWFAKnUX6Yo30tbLiNB8hzaHeRj + jx12K+ptqYbg+cevgOtbLAlL9kNgLLcsGqC2829jBCUTVeMSZDrzS97ole/YEez2qFpPnTV0 + VrRWClWVfYh+JfzpXmgyhbkuwUxNFk421s4Ajp3d8nPPFUGgBG5HOxzkAm7xb1cjAuJ+oi/K + CHfkuN+fLZl/u3E/fw7vvOESApLU5o0icVXeakfSz0LsygEnekDbxPnE5af/9FEkXJD5EoYG + SEahaEtgNrR4qsyxyAGYgZlS70vkSSYJ+iT2rrwEiDlo31MzRo6Ba2FfHBSJ7lcYdPT7bbk9 + AO3hlNMhNdUhoQv7M5HsnqZ6unvSHOKmReNaS9egAGdRN0/GPDWr9wroyJ65ZNQsHl9nXBqE + AukZNr5oJO5vxrYiAuuTSd6UI/xFkjtkzltG3mw5ao2bBpk/V/YuePrJsnPFHG7NhizrxttB + nTuOSCMo45pfHQ+XYd5K1+Cv/NzZFNWscm5htJ0HznY+oOsZvHTyGz3v91pn51dkRYN0otqr + bQ4tlFFuVjArBZcapSIe6NV8C4cEiSTOwE0EVEJx7gEIAMeHcVzuv2bp9HlWDp6+RkZe+vtl + KwAHplb/WH59j2wyG8V6i33+6MlSSJMOFnYUCCL77bucx9uImI5nX24PIlqT+zasVEEVGSRF + m8dgkcJDB7Tps0IkNrUi4yof3B3shR+vMY3i3Ip0e41zKx0CvlAhMOo6otaHmcxr35sWq1Jk + tLkbn3wG+fPQCVudJJECvVQ//UAthSSEklA50QtD2sBkmQ14ZryEyTHQ+E42K3j2IUmOLriF + dNr9NvE1QGmGyIcbw2NIVEBOK/GWxkS5+dmxM2iD4Jdaf2nSn3jlHjEXoPwpMs0KZsgdU0pP + JQzMUMwmB1wM8JxovFlPYrhNT9MAEQEAAcLBMwQYAQIACQUCVEJx7gIbDAAKCRB+FRAMzTZp + sadRDqCctLmYICZu4GSnie4lKXl+HqlLanpVMOoFNnWs9oRP47MbE2wv8OaYh5pNR9VVgyhD + OG0AU7oidG36OeUlrFDTfnPYYSF/mPCxHttosyt8O5kabxnIPv2URuAxDByz+iVbL+RjKaGM + GDph56ZTswlx75nZVtIukqzLAQ5fa8OALSGum0cFi4ptZUOhDNz1onz61klD6z3MODi0sBZN + Aj6guB2L/+2ZwElZEeRBERRd/uommlYuToAXfNRdUwrwl9gRMiA0WSyTb190zneRRDfpSK5d + usXnM/O+kr3Dm+Ui+UioPf6wgbn3T0o6I5BhVhs4h4hWmIW7iNhPjX1iybXfmb1gAFfjtHfL + xRUr64svXpyfJMScIQtBAm0ihWPltXkyITA92ngCmPdHa6M1hMh4RDX+Jf1fiWubzp1voAg0 + JBrdmNZSQDz0iKmSrx8xkoXYfA3bgtFN8WJH2xgFL28XnqY4M6dLhJwV3z08tPSRqYFm4NMP + dRsn0/7oymhneL8RthIvjDDQ5ktUjMe8LtHr70OZE/TT88qvEdhiIVUogHdo4qBrk41+gGQh + b906Dudw5YhTJFU3nC6bbF2nrLlB4C/XSiH76ZvqzV0Z/cAMBo5NF/w= +In-Reply-To: <20240329225835.400662-24-michael.roth@amd.com> +Content-Type: text/plain; charset=UTF-8; format=flowed +Content-Transfer-Encoding: 7bit +Return-Path: linux-kernel+bounces-125895-steffen.klassert=secunet.com@vger.kernel.org +X-MS-Exchange-Organization-OriginalArrivalTime: 30 Mar 2024 21:35:58.5206 + (UTC) +X-MS-Exchange-Organization-Network-Message-Id: 240c94ed-22c0-47b6-7326-08dc51016375 +X-MS-Exchange-Organization-OriginalClientIPAddress: 62.96.220.36 +X-MS-Exchange-Organization-OriginalServerIPAddress: 10.53.40.202 +X-MS-Exchange-Organization-Cross-Premises-Headers-Processed: cas-essen-02.secunet.de +X-MS-Exchange-Organization-OrderedPrecisionLatencyInProgress: LSRV=mbx-dresden-01.secunet.de:TOTAL-HUB=0.435|SMR=0.348(SMRDE=0.035|SMRC=0.312(SMRCL=0.101|X-SMRCR=0.313))|CAT=0.086(CATOS=0.011 + (CATSM=0.011(CATSM-Malware + Agent=0.011))|CATRESL=0.040(CATRESLP2R=0.021)|CATORES=0.032 + (CATRS=0.032(CATRS-Index Routing Agent=0.031)));2024-03-30T21:35:59.004Z +X-MS-Exchange-Forest-ArrivalHubServer: mbx-dresden-01.secunet.de +X-MS-Exchange-Organization-AuthSource: cas-essen-02.secunet.de +X-MS-Exchange-Organization-AuthAs: Anonymous +X-MS-Exchange-Organization-FromEntityHeader: Internet +X-MS-Exchange-Organization-OriginalSize: 16255 +X-MS-Exchange-Organization-HygienePolicy: Standard +X-MS-Exchange-Organization-MessageLatency: SRV=cas-essen-02.secunet.de:TOTAL-FE=0.049|SMR=0.008(SMRPI=0.005(SMRPI-FrontendProxyAgent=0.005))|SMS=0.041 +X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0 +X-MS-Exchange-Organization-Recipient-Limit-Verified: True +X-MS-Exchange-Organization-TotalRecipientCount: 1 +X-MS-Exchange-Organization-Rules-Execution-History: 0b0cf904-14ac-4724-8bdf-482ee6223cf2%%%fd34672d-751c-45ae-a963-ed177fcabe23%%%d8080257-b0c3-47b4-b0db-23bc0c8ddb3c%%%95e591a2-5d7d-4afa-b1d0-7573d6c0a5d9%%%f7d0f6bc-4dcc-4876-8c5d-b3d6ddbb3d55%%%16355082-c50b-4214-9c7d-d39575f9f79b +X-MS-Exchange-Forest-RulesExecuted: mbx-dresden-01 +X-MS-Exchange-Organization-RulesExecuted: mbx-dresden-01 +X-MS-Exchange-Forest-IndexAgent-0: AQ0CZW4AAScJAAAPAAADH4sIAAAAAAAEAM1XbXPbxhE+kiJFUqTd2I + 7ddCYzG2ec6oWiKJGiZMlO7SRy6nEkcyTFHzqdwRyBg4gaBDgASEtx + /bW/u7t7AAlS706nLUwDh73bvWeffTnoX4/fetBc23i6ttGCjebO5n + YN9h2zJ5ULh37Ugw+BH6mdavl7eO1B1FNgylCBb8PR3rvVo4NODT70 + FMoD8APw/AgkbOz/AAN5Qks96Croy8FAWTByJEgyRPMkc7wTcLTRk6 + EKoz+H4OEDl7J2JLuuAksNlGeF4HszG5El6Z1BOOzS8hA+OFEvNhdI + Dw305EiBdAMlrTPEoTzczYkc6Tq/4R4yhEHgjGSkyFKseLjf0fvW4R + hf1akTRgSz75wqa1VGUeB0hxFiC6T5Psb/5t0+OKE2Eg5t2zEd5UWA + SFUNbASL4kh6JrNIy/BahZO+6iM41zcRQTjmbDJPjKDdEJ/Qeffyl9 + c/vTzeIxouWeqinQBM3xupIAoxDDExEPkQ9mSgrLEChg16PuqYvqXG + exztvzz6K68euE7E2xAdSaRwovVmbIKc3t//Va8N4aBzfMnCC8FFPR + nFoHSsu0gnKU4iQgZeRrjSwTj5jkdDZBRQB6OvAwLjgIQ1zAWLUX3w + h66FS4I+snvGWYIsf+BIkE8pqMjSiXS8GqAJvRP+pBkNSVMnM6lq5r + rKlENM/ak0SVlCXK03jALTnnQx8weB3/cpoX1OLzLTOxuoYOSEiCZ0 + LMyQ0GeTU7D6Q+QMM891yYrr9B0ywsTincz0ZWT2GHM9Jut1f+CqPm + WehPejvnG63Tb8QVinRDNGmPQWEmvYcuhGi0sYfv89U4JlrMNh9pT5 + ntOYxMwGxsvCgkHw5Ja0/oGwQkabxNpVI2wU0jT9wMJ39yxBc+SceF + gxvm2vds92plvKs75+q2Nr6b2Qfatu+n3UqpYP1chRyDfrdKTv+vCD + 7/2GZQvPBl09eoFJg3jHOt/D6uqqTjcZmL019HsN/V8L6b8a1U34Jz + Q3YOWa6zILoz5bgHW4akmPlmzBlK0m2I6LhYW+YjeyatBqUCvAAkBG + w8WVpZgqy7Ft9OEEa06uXeJC95IJ3XUsdQrbW1Z7Y91qrDdlq15vrt + ttu7W13d5sNGG90Wi3WjFTl+5B84j9yq1evIDVVqvVrDVhRT83STby + HQtwkcG55nhJti1SHg5sz6BklkFUg4kAm/pS3CRSF87BynPAOjM2+s + ZwQFbgL9A5PjwyOnuHRmf/J9iB9d2J5ic95AcTv7K2zA9YhkO1ylk9 + PjnwPPr2oPOKM1wmzWaNW/H4wBqXXUh1alLgMPsTk7oIMP9Pnf6wP1 + MHjo0HmLKUVY+Xr/GTmteYnZlKDKNgaEbECyzjLc0Q3mtwwsMTGnZ9 + H7cIjRh2Te9x2TXchmVEaTAyZnrl40SDIPFMDQJzdyLnPWQYcvXuTj + jVSjYsfkOOhN7A4L5OAV5aOg8kUNEw8KAxayEw4TmQtovtZzgwgj4e + 7lFwtsi+fpdsjEMNe3d688Bcgo/ndxsEhgoCI0BS4la5+Bjb2g63ab + bPvdz2h561Az+/OoAnrnsKnWSgg/fEArSCifHE+rv3+Bp244vjwtjH + ZKYxz9Cxunfwdu/gOLXg00UMJyx8rq/YuPnois1c5fHnOnqlk68P8G + vlGic1gGfnUnTK4mQSs4af5/JpKs8+3aCbcju/qMXRxKSbdlub7aeN + tr3R3mrU6xtPt7stU21tyU37Bt00MXVZN03mqZtuNrbXa21Y4ecWib + BTRo4Jk8aQnOQQpsaGQd+y2EgkcvNx8mGJlz7xB4Ea0DfJ80nriUW1 + 2aWThp1ePZGmUuSir4m00vRMvNOn3TE+3Zuvj1HvMuJ6kxg1bTzkrK + bVlJaq17dabXt7/alsW6p1sxj1rolRL4nRVnODQkSP7anjbmQOhsbQ + 6+JHPP0xkGrmPAXLdF+KD6uxFvU/Ch7GA78NTSxh3UwNiry62sjUUR + LH8zZnCOlTVeHnmgrOIbvl8b37/3K6xX58q9ww/qsoLiLHcx1PJbXE + R/wy0R9KWxn8x5dBwks41/13qruldH5+1THe7B0e7P1ivPzxx7e/Hh + zjN6BhkPhve4dvNShOn80mp8/mZm19PVXhMbjfH9JzKBu7qY+iWTI+ + N9rwUTfyK9B/dvRvdAbF12yiXPOlc/6ISJIF/7ax+ZX+CZEVuUxGzO + ufyOJrNpPLC5EX8/OiOCfyeVFGYU7M4ZgGtGwuJ/I4q+UZkdWzeEdJ + QcyzkF7Ha3CAcrZW0MJkihYXRUlr4ewcW8b7gqjwsgVtgWfjxfmMuC + sKJVHGsZ7NikJFVOdEgRd8ieo4y6iqaBONlyZekAR/qIvINYyCuKtd + wB8uxh8K82xt7EVWLOhXDXUsHFvTutoII7+Dd+2yNqVtlkUlcQe1Ku + NdYtfYuLaAr7zRAu6VUilpUxqJXqaZLIsFZGBMl4aUZ0mCFn8FJrmC + hFDgMmIh2R1jdl/kGUNRR1MjKcRMxpRqMHhHOwvifiEjqow5y0IEgI + n0YGKhWKQtEOEch75UpF10uO+Pd9G/TAaNYEIunZNjwEWG3blAnrnL + s1mynymxhVxZPJiL8zA7qyWyFwmJqIq4U8lUC0IUxJ2L1pQuEGaKVC + yZAiPJ6jFjoEzOkbNEHYYGx6UEAEU59ZoTD3MsqcYVVEJpRW+kLYtF + BF3k/OFQTnzRxaJR6VgXKUwLBa5fHSa2+YCtiUeMh6Nc4Cjkc4wzBY + Ze88mYUjEjypRC32XZQok2eqjrMUtFh9b+mGWtapKlOfGokJln5F9k + Ex5wO85ezGGsGpSjs4/Q+D3O2AVRzSVeJMWuqdbCec0bh29Rw2YADw + vUW77JEoyvL7SmK4JpmTWYMvVVYgenSombXyUDpPHLxKPK/zC1GEDc + o9LFmxojvX/S+TOPLmfEHzji81hu1DYxFauptHyYrvrp9Pj6v+bmnM + CHruXsZKyzOlVB2uUivVIH07OPkzaF3Ul32pllmpyEhOJNcj43yfPq + baq4/B8tsTtzoqwDzcdKYQxDn5LTbn6Br3kyErede1xu85lyWZ/Ome + p5knWbinPp9ixlRSWpiLsJyJtzVUnve0vGGinGSummlOC5l/83zkEU + IeEZAAABCtQCPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idX + RmLTE2Ij8+DQo8RW1haWxTZXQ+DQogIDxWZXJzaW9uPjE1LjAuMC4w + PC9WZXJzaW9uPg0KICA8RW1haWxzPg0KICAgIDxFbWFpbCBTdGFydE + luZGV4PSIxMTM5Ij4NCiAgICAgIDxFbWFpbFN0cmluZz5taWNoYWVs + LnJvdGhAYW1kLmNvbTwvRW1haWxTdHJpbmc+DQogICAgPC9FbWFpbD + 4NCiAgICA8RW1haWwgU3RhcnRJbmRleD0iMTE5MiIgUG9zaXRpb249 + IlNpZ25hdHVyZSI+DQogICAgICA8RW1haWxTdHJpbmc+cGJvbnppbm + lAcmVkaGF0LmNvbTwvRW1haWxTdHJpbmc+DQogICAgPC9FbWFpbD4N + CiAgPC9FbWFpbHM+DQo8L0VtYWlsU2V0PgEMpwc8P3htbCB2ZXJzaW + 9uPSIxLjAiIGVuY29kaW5nPSJ1dGYtMTYiPz4NCjxDb250YWN0U2V0 + Pg0KICA8VmVyc2lvbj4xNS4wLjAuMDwvVmVyc2lvbj4NCiAgPENvbn + RhY3RzPg0KICAgIDxDb250YWN0IFN0YXJ0SW5kZXg9IjExMjUiPg0K + ICAgICAgPFBlcnNvbiBTdGFydEluZGV4PSIxMTI1Ij4NCiAgICAgIC + AgPFBlcnNvblN0cmluZz5NaWNoYWVsIFJvdGg8L1BlcnNvblN0cmlu + Zz4NCiAgICAgIDwvUGVyc29uPg0KICAgICAgPEVtYWlscz4NCiAgIC + AgICAgPEVtYWlsIFN0YXJ0SW5kZXg9IjExMzkiPg0KICAgICAgICAg + IDxFbWFpbFN0cmluZz5taWNoYWVsLnJvdGhAYW1kLmNvbTwvRW1haW + xTdHJpbmc+DQogICAgICAgIDwvRW1haWw+DQogICAgICA8L0VtYWls + cz4NCiAgICAgIDxDb250YWN0U3RyaW5nPk1pY2hhZWwgUm90aCAmbH + Q7bWljaGFlbC5yb3RoQGFtZC5jb208L0NvbnRhY3RTdHJpbmc+DQog + ICAgPC9Db250YWN0Pg0KICAgIDxDb250YWN0IFN0YXJ0SW5kZXg9Ij + ExNzciIFBvc2l0aW9uPSJTaWduYXR1cmUiPg0KICAgICAgPFBlcnNv + biBTdGFydEluZGV4PSIxMTc3IiBQb3NpdGlvbj0iU2lnbmF0dXJlIj + 4NCiAgICAgICAgPFBlcnNvblN0cmluZz5QYW9sbyBCb256aW5pPC9Q + ZXJzb25TdHJpbmc+DQogICAgICA8L1BlcnNvbj4NCiAgICAgIDxFbW + FpbHM+DQogICAgICAgIDxFbWFpbCBTdGFydEluZGV4PSIxMTkyIiBQ + b3NpdGlvbj0iU2lnbmF0dXJlIj4NCiAgICAgICAgICA8RW1haWxTdH + Jpbmc+cGJvbnppbmlAcmVkaGF0LmNvbTwvRW1haWxTdHJpbmc+DQog + ICAgICAgIDwvRW1haWw+DQogICAgICA8L0VtYWlscz4NCiAgICAgID + xDb250YWN0U3RyaW5nPlBhb2xvIEJvbnppbmkgJmx0O3Bib256aW5p + QHJlZGhhdC5jb208L0NvbnRhY3RTdHJpbmc+DQogICAgPC9Db250YW + N0Pg0KICA8L0NvbnRhY3RzPg0KPC9Db250YWN0U2V0PgEOzwFSZXRy + aWV2ZXJPcGVyYXRvciwxMCwwO1JldHJpZXZlck9wZXJhdG9yLDExLD + E7UG9zdERvY1BhcnNlck9wZXJhdG9yLDEwLDA7UG9zdERvY1BhcnNl + ck9wZXJhdG9yLDExLDA7UG9zdFdvcmRCcmVha2VyRGlhZ25vc3RpY0 + 9wZXJhdG9yLDEwLDE7UG9zdFdvcmRCcmVha2VyRGlhZ25vc3RpY09w + ZXJhdG9yLDExLDA7VHJhbnNwb3J0V3JpdGVyUHJvZHVjZXIsMjAsMj A= +X-MS-Exchange-Forest-IndexAgent: 1 3848 +X-MS-Exchange-Forest-EmailMessageHash: DDBAC2FC +X-MS-Exchange-Forest-Language: en +X-MS-Exchange-Organization-Processed-By-Journaling: Journal Agent + +On 3/29/24 23:58, Michael Roth wrote: +> In the case of SEV-SNP, whether or not a 2MB page can be mapped via a +> 2MB mapping in the guest's nested page table depends on whether or not +> any subpages within the range have already been initialized as private +> in the RMP table. The existing mixed-attribute tracking in KVM is +> insufficient here, for instance: +> +> - gmem allocates 2MB page +> - guest issues PVALIDATE on 2MB page +> - guest later converts a subpage to shared +> - SNP host code issues PSMASH to split 2MB RMP mapping to 4K +> - KVM MMU splits NPT mapping to 4K +> - guest later converts that shared page back to private +> +> At this point there are no mixed attributes, and KVM would normally +> allow for 2MB NPT mappings again, but this is actually not allowed +> because the RMP table mappings are 4K and cannot be promoted on the +> hypervisor side, so the NPT mappings must still be limited to 4K to +> match this. +> +> Implement a kvm_x86_ops.gmem_validate_fault() hook for SEV that checks +> for this condition and adjusts the mapping level accordingly. +> +> Signed-off-by: Michael Roth <michael.roth@amd.com> + +Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> + > --- > arch/x86/kvm/svm/sev.c | 32 ++++++++++++++++++++++++++++++++ > arch/x86/kvm/svm/svm.c | 1 + diff --git a/a/content_digest b/N1/content_digest index 69bd346..4b8d792 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -151,6 +151,835 @@ "> +}\n" "> \n" "> #endif\n" + "> \n" + "\n" + "\n" + "X-sender: <kvm+bounces-13159-martin.weber=secunet.com@vger.kernel.org>\n" + "X-Receiver: <martin.weber@secunet.com> ORCPT=rfc822;martin.weber@secunet.com NOTIFY=NEVER; X-ExtendedProps=BQAVABYAAgAAAAUAFAARAJuYHy0vkvxLoOu7fW2WcxcPADUAAABNaWNyb3NvZnQuRXhjaGFuZ2UuVHJhbnNwb3J0LkRpcmVjdG9yeURhdGEuSXNSZXNvdXJjZQIAAAUAagAJAAEAAAAAAAAABQAWAAIAAAUAQwACAAAFAEYABwADAAAABQBHAAIAAAUAEgAPAF4AAAAvbz1zZWN1bmV0L291PUV4Y2hhbmdlIEFkbWluaXN0cmF0aXZlIEdyb3VwIChGWURJQk9IRjIzU1BETFQpL2NuPVJlY2lwaWVudHMvY249V2ViZXIgTWFydGluOTU1BQALABcAvgAAALMpUnVJ4+pPsL47FHo+lvtDTj1EQjIsQ049RGF0YWJhc2VzLENOPUV4Y2hhbmdlIEFkbWluaXN0cmF0aXZlIEdyb3VwIChGWURJQk9IRjIzU1BETFQpLENOPUFkbWluaXN0cmF0aXZlIEdyb3VwcyxDTj1zZWN1bmV0LENOPU1pY3Jvc29mdCBFeGNoYW5nZSxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPXNlY3VuZXQsREM9ZGUFAA4AEQBACf3SYEkDT461FZzDv+B7BQAdAA8ADAAAAG1ieC1lc3Nlbi0wMQUAPAACAAAPADYAAABNaWNyb3NvZnQuRXhjaGFuZ2UuVHJhbnNwb3J0Lk1haWxSZWNpcGllbnQuRGlzcGxheU5hbWUPAA0AAABXZWJlciwgTWFydGluBQAMAAIAAAUAbAACAAAFAFgAFwBGAAAAm5gfLS+S/Eug67t9bZZzF0NOPVdlYmVyIE1hcnRpbixPVT1Vc2VycyxPVT1NaWdyYXRpb24sREM9c2VjdW5ldCxEQz1kZQUAJgACAAEFACIADwAxAAAAQXV0b1Jlc3BvbnNlU3VwcHJlc3M6IDANClRyYW5zbWl0SGlzdG9yeTogRmFsc2UNCg8ALwAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuRXhwYW5zaW9uR3JvdXBUeXBlDwAVAAAATWVtYmVyc0dyb3VwRXhwYW5zaW9uBQAjAAIAAQ==\n" + "X-CreatedBy: MSExchange15\n" + "X-HeloDomain: b.mx.secunet.com\n" + "X-ExtendedProps: BQBjAAoAuKNAQuxQ3AgFAGEACAABAAAABQA3AAIAAA8APAAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuTWFpbFJlY2lwaWVudC5Pcmdhbml6YXRpb25TY29wZREAAAAAAAAAAAAAAAAAAAAAAAUASQACAAEFAGIACgBZAAAAo4oAAAUABAAUIAEAAAAYAAAAbWFydGluLndlYmVyQHNlY3VuZXQuY29tBQAGAAIAAQUAKQACAAEPAAkAAABDSUF1ZGl0ZWQCAAEFAAIABwABAAAABQADAAcAAAAAAAUABQACAAEFAGQADwADAAAASHVi\n" + "X-Source: SMTP:Default MBX-DRESDEN-01\n" + "X-SourceIPAddress: 62.96.220.37\n" + "X-EndOfInjectedXHeaders: 23284\n" + "Received: from cas-essen-01.secunet.de (10.53.40.201) by\n" + " mbx-dresden-01.secunet.de (10.53.40.199) with Microsoft SMTP Server\n" + " (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id\n" + " 15.1.2507.37; Sat, 30 Mar 2024 22:35:40 +0100\n" + "Received: from b.mx.secunet.com (62.96.220.37) by cas-essen-01.secunet.de\n" + " (10.53.40.201) with Microsoft SMTP Server (version=TLS1_2,\n" + " cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.37 via Frontend\n" + " Transport; Sat, 30 Mar 2024 22:35:40 +0100\n" + "Received: from localhost (localhost [127.0.0.1])\n" + "\tby b.mx.secunet.com (Postfix) with ESMTP id EA64D2025D\n" + "\tfor <martin.weber@secunet.com>; Sat, 30 Mar 2024 22:35:40 +0100 (CET)\n" + "X-Virus-Scanned: by secunet\n" + "X-Spam-Flag: NO\n" + "X-Spam-Score: -2.851\n" + "X-Spam-Level:\n" + "X-Spam-Status: No, score=-2.851 tagged_above=-999 required=2.1\n" + "\ttests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.1, DKIM_SIGNED=0.1,\n" + "\tDKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,\n" + "\tHEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1,\n" + "\tRCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001]\n" + "\tautolearn=unavailable autolearn_force=no\n" + "Authentication-Results: a.mx.secunet.com (amavisd-new);\n" + "\tdkim=pass (1024-bit key) header.d=redhat.com\n" + "Received: from b.mx.secunet.com ([127.0.0.1])\n" + "\tby localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024)\n" + "\twith ESMTP id XCp5nsS-qjhA for <martin.weber@secunet.com>;\n" + "\tSat, 30 Mar 2024 22:35:39 +0100 (CET)\n" + "Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=147.75.80.249; helo=am.mirrors.kernel.org; envelope-from=kvm+bounces-13159-martin.weber=secunet.com@vger.kernel.org; receiver=martin.weber@secunet.com \n" + "DKIM-Filter: OpenDKIM Filter v2.11.0 b.mx.secunet.com 7487520322\n" + "Authentication-Results: b.mx.secunet.com;\n" + "\tdkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=\"PwZ9MZ1i\"\n" + "Received: from am.mirrors.kernel.org (am.mirrors.kernel.org [147.75.80.249])\n" + "\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n" + "\t(No client certificate requested)\n" + "\tby b.mx.secunet.com (Postfix) with ESMTPS id 7487520322\n" + "\tfor <martin.weber@secunet.com>; Sat, 30 Mar 2024 22:35:39 +0100 (CET)\n" + "Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])\n" + "\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n" + "\t(No client certificate requested)\n" + "\tby am.mirrors.kernel.org (Postfix) with ESMTPS id 10EC11F21A86\n" + "\tfor <martin.weber@secunet.com>; Sat, 30 Mar 2024 21:35:39 +0000 (UTC)\n" + "Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])\n" + "\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 905934B5CD;\n" + "\tSat, 30 Mar 2024 21:35:30 +0000 (UTC)\n" + "Authentication-Results: smtp.subspace.kernel.org;\n" + "\tdkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=\"PwZ9MZ1i\"\n" + "X-Original-To: kvm@vger.kernel.org\n" + "Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])\n" + "\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n" + "\t(No client certificate requested)\n" + "\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 87ECB43AC2\n" + "\tfor <kvm@vger.kernel.org>; Sat, 30 Mar 2024 21:35:28 +0000 (UTC)\n" + "Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124\n" + "ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n" + "\tt=1711834530; cv=none; b=PgOkXF678W9FwFCPiVKah4oovIgBF8F/JnAjhXPQYadrFMw6s+c93/cpsFP4CCmpp1MvFGZ3gW9RNn4I1KSTSuDG7F8jluCx/viwZsut6QgyteFd/9Q4ZcCd99QNu5td4CEPW8NWs8LY4PcHkUUXf5KTi6LEdxRmTmIHMg205wk=\n" + "ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;\n" + "\ts=arc-20240116; t=1711834530; c=relaxed/simple;\n" + "\tbh=g0toAGCQtFi0G3GbWa0Q4HZPWv8jGtxInPF/JxlP71A=;\n" + "\th=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:\n" + "\t In-Reply-To:Content-Type; b=VDk1AdWfivfUlDYWWV0aeHeinK3zHP6Dwj3CQ2qewUTiR3JkY389d6bV/9E9OKg2J0ACGBw1DWYUPuF6lGvUnq274kQdBU+HYQaf3VVKagAkxwJnR9csNwkpG3T1KCpCWClj7sLvSTcqgcR3yTTn3MVnPc35I5YZ5/XMmBDm6Vc=\n" + "ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=PwZ9MZ1i; arc=none smtp.client-ip=170.10.129.124\n" + "Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com\n" + "Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com\n" + "DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;\n" + "\ts=mimecast20190719; t=1711834527;\n" + "\th=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n" + "\t to:to:cc:cc:mime-version:mime-version:content-type:content-type:\n" + "\t content-transfer-encoding:content-transfer-encoding:\n" + "\t in-reply-to:in-reply-to:references:references:autocrypt:autocrypt;\n" + "\tbh=EwmuW/k3ZL7znVA8wS56lDlLW9BhS4TEVksrt7Me+Z8=;\n" + "\tb=PwZ9MZ1iyCAVzBUash6/9hnMVBP48I4GsfrdulDjf7X0dySw+dhCyQuoNF9cRn97oZnC0V\n" + "\tcTOQYa0rlarrHCAeQS/Hszk96ip36xl7O644Vw+ylUW0h4uRIhxuKMLJ1NrVHXnq/yslBs\n" + "\trhet5l0+ntjKgvhS1bHVq1nOKnn3br4=\n" + "Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com\n" + " [209.85.208.72]) by relay.mimecast.com with ESMTP with STARTTLS\n" + " (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id\n" + " us-mta-597-Z1cutKDMPAqZsj1hS9Y4tQ-1; Sat, 30 Mar 2024 17:35:23 -0400\n" + "X-MC-Unique: Z1cutKDMPAqZsj1hS9Y4tQ-1\n" + "Received: by mail-ed1-f72.google.com with SMTP id 4fb4d7f45d1cf-5681b29771fso2713252a12.1\n" + " for <kvm@vger.kernel.org>; Sat, 30 Mar 2024 14:35:23 -0700 (PDT)\n" + "X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;\n" + " d=1e100.net; s=20230601; t=1711834522; x=1712439322;\n" + " h=content-transfer-encoding:in-reply-to:autocrypt:content-language\n" + " :from:references:cc:to:subject:user-agent:mime-version:date\n" + " :message-id:x-gm-message-state:from:to:cc:subject:date:message-id\n" + " :reply-to;\n" + " bh=EwmuW/k3ZL7znVA8wS56lDlLW9BhS4TEVksrt7Me+Z8=;\n" + " b=nzCRUS20ImCAW2h2K5GoL6qVk3nAr99hKcLBSSqCe3IyM8m2GI6s2dERA7joPIeggi\n" + " CMiXYCjsP8xOJ1mO289qN6dczcnwI+vFzFsMSS+NJR+rp2/pXByFXgzVe+AjusVdDUEg\n" + " iKZUJpF/Kt15I0AedM3sTJqZAi1ZSnddDYBD5zL7/X/qlmppeMGOrTAPeNN37PfBQwPE\n" + " zdiAq9FUWoYTeq9GB+tDL6ymyw6FikEOUpfhMekKSB4xcvomqjpGiLSl2Xwb+Z+jfS1f\n" + " trWPxxxvq6dp5z6jCU7JFiZHI+tiI6iblXgMZzxJ506R9e7gEM0zUmHTQP9pjP0fvOIg\n" + " IBvQ==\n" + "X-Forwarded-Encrypted: i=1; AJvYcCVVDt3jH5NKl/MGHyzEugLs33le86iNvLjQspEcRQzKog1U4wrqsbKd2XbBxiRn46WvGdEQ+Mr2CpNLtehpxAD3xXt9\n" + "X-Gm-Message-State: AOJu0YxDRJwX1L4tYkKr7mz+XPL/Dtq0B7tTTD3b1qBrpT4Lxtz6YzrT\n" + "\tnNw9rjmeGmQmu+ixJCjiIJ+mX+H/khlSownsdst1V9PcufXw+BEJkuWgzulSLyNIOoxmAnAn6xe\n" + "\tKmLZ6GRFxU+QtOhjBnFX3YF5noQ8bQPSObqNIXqvKsyvHXtNLVA==\n" + "X-Received: by 2002:a50:bb44:0:b0:567:23a2:5b1e with SMTP id y62-20020a50bb44000000b0056723a25b1emr4176641ede.23.1711834522682;\n" + " Sat, 30 Mar 2024 14:35:22 -0700 (PDT)\n" + "X-Google-Smtp-Source: AGHT+IH4Y1Y1ai02PAHKv5gHHk8E9vouw7+IeXJOAyuQtq3+b2c4PJy15b2ZKcJKFYMqFhtFpYJu6A==\n" + "X-Received: by 2002:a50:bb44:0:b0:567:23a2:5b1e with SMTP id y62-20020a50bb44000000b0056723a25b1emr4176630ede.23.1711834522369;\n" + " Sat, 30 Mar 2024 14:35:22 -0700 (PDT)\n" + "Received: from [192.168.10.4] ([151.95.49.219])\n" + " by smtp.googlemail.com with ESMTPSA id cy14-20020a0564021c8e00b0056bf31fa2a3sm3688481edb.80.2024.03.30.14.35.18\n" + " (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);\n" + " Sat, 30 Mar 2024 14:35:21 -0700 (PDT)\n" + "Message-ID: <4e89479a-e170-403a-b2eb-ce7b895e55a3@redhat.com>\n" + "Date: Sat, 30 Mar 2024 22:35:17 +0100\n" + "Precedence: bulk\n" + "X-Mailing-List: kvm@vger.kernel.org\n" + "List-Id: <kvm.vger.kernel.org>\n" + "List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>\n" + "List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>\n" + "MIME-Version: 1.0\n" + "User-Agent: Mozilla Thunderbird\n" + "Subject: Re: [PATCH v12 23/29] KVM: x86: Implement gmem hook for determining\n" + " max NPT mapping level\n" + "To: Michael Roth <michael.roth@amd.com>, kvm@vger.kernel.org\n" + "Cc: linux-coco@lists.linux.dev, linux-mm@kvack.org,\n" + " linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org,\n" + " tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de,\n" + " thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, seanjc@google.com,\n" + " vkuznets@redhat.com, jmattson@google.com, luto@kernel.org,\n" + " dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com,\n" + " peterz@infradead.org, srinivas.pandruvada@linux.intel.com,\n" + " rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de,\n" + " vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com,\n" + " tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com,\n" + " alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com,\n" + " nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com\n" + "References: <20240329225835.400662-1-michael.roth@amd.com>\n" + " <20240329225835.400662-24-michael.roth@amd.com>\n" + "From: Paolo Bonzini <pbonzini@redhat.com>\n" + "Content-Language: en-US\n" + "Autocrypt: addr=pbonzini@redhat.com; keydata=\n" + " xsEhBFRCcBIBDqDGsz4K0zZun3jh+U6Z9wNGLKQ0kSFyjN38gMqU1SfP+TUNQepFHb/Gc0E2\n" + " CxXPkIBTvYY+ZPkoTh5xF9oS1jqI8iRLzouzF8yXs3QjQIZ2SfuCxSVwlV65jotcjD2FTN04\n" + " hVopm9llFijNZpVIOGUTqzM4U55sdsCcZUluWM6x4HSOdw5F5Utxfp1wOjD/v92Lrax0hjiX\n" + " DResHSt48q+8FrZzY+AUbkUS+Jm34qjswdrgsC5uxeVcLkBgWLmov2kMaMROT0YmFY6A3m1S\n" + " P/kXmHDXxhe23gKb3dgwxUTpENDBGcfEzrzilWueOeUWiOcWuFOed/C3SyijBx3Av/lbCsHU\n" + " Vx6pMycNTdzU1BuAroB+Y3mNEuW56Yd44jlInzG2UOwt9XjjdKkJZ1g0P9dwptwLEgTEd3Fo\n" + " UdhAQyRXGYO8oROiuh+RZ1lXp6AQ4ZjoyH8WLfTLf5g1EKCTc4C1sy1vQSdzIRu3rBIjAvnC\n" + " tGZADei1IExLqB3uzXKzZ1BZ+Z8hnt2og9hb7H0y8diYfEk2w3R7wEr+Ehk5NQsT2MPI2QBd\n" + " wEv1/Aj1DgUHZAHzG1QN9S8wNWQ6K9DqHZTBnI1hUlkp22zCSHK/6FwUCuYp1zcAEQEAAc0j\n" + " UGFvbG8gQm9uemluaSA8cGJvbnppbmlAcmVkaGF0LmNvbT7CwU0EEwECACMFAlRCcBICGwMH\n" + " CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRB+FRAMzTZpsbceDp9IIN6BIA0Ol7MoB15E\n" + " 11kRz/ewzryFY54tQlMnd4xxfH8MTQ/mm9I482YoSwPMdcWFAKnUX6Yo30tbLiNB8hzaHeRj\n" + " jx12K+ptqYbg+cevgOtbLAlL9kNgLLcsGqC2829jBCUTVeMSZDrzS97ole/YEez2qFpPnTV0\n" + " VrRWClWVfYh+JfzpXmgyhbkuwUxNFk421s4Ajp3d8nPPFUGgBG5HOxzkAm7xb1cjAuJ+oi/K\n" + " CHfkuN+fLZl/u3E/fw7vvOESApLU5o0icVXeakfSz0LsygEnekDbxPnE5af/9FEkXJD5EoYG\n" + " SEahaEtgNrR4qsyxyAGYgZlS70vkSSYJ+iT2rrwEiDlo31MzRo6Ba2FfHBSJ7lcYdPT7bbk9\n" + " AO3hlNMhNdUhoQv7M5HsnqZ6unvSHOKmReNaS9egAGdRN0/GPDWr9wroyJ65ZNQsHl9nXBqE\n" + " AukZNr5oJO5vxrYiAuuTSd6UI/xFkjtkzltG3mw5ao2bBpk/V/YuePrJsnPFHG7NhizrxttB\n" + " nTuOSCMo45pfHQ+XYd5K1+Cv/NzZFNWscm5htJ0HznY+oOsZvHTyGz3v91pn51dkRYN0otqr\n" + " bQ4tlFFuVjArBZcapSIe6NV8C4cEiSTOwE0EVEJx7gEIAMeHcVzuv2bp9HlWDp6+RkZe+vtl\n" + " KwAHplb/WH59j2wyG8V6i33+6MlSSJMOFnYUCCL77bucx9uImI5nX24PIlqT+zasVEEVGSRF\n" + " m8dgkcJDB7Tps0IkNrUi4yof3B3shR+vMY3i3Ip0e41zKx0CvlAhMOo6otaHmcxr35sWq1Jk\n" + " tLkbn3wG+fPQCVudJJECvVQ//UAthSSEklA50QtD2sBkmQ14ZryEyTHQ+E42K3j2IUmOLriF\n" + " dNr9NvE1QGmGyIcbw2NIVEBOK/GWxkS5+dmxM2iD4Jdaf2nSn3jlHjEXoPwpMs0KZsgdU0pP\n" + " JQzMUMwmB1wM8JxovFlPYrhNT9MAEQEAAcLBMwQYAQIACQUCVEJx7gIbDAAKCRB+FRAMzTZp\n" + " sadRDqCctLmYICZu4GSnie4lKXl+HqlLanpVMOoFNnWs9oRP47MbE2wv8OaYh5pNR9VVgyhD\n" + " OG0AU7oidG36OeUlrFDTfnPYYSF/mPCxHttosyt8O5kabxnIPv2URuAxDByz+iVbL+RjKaGM\n" + " GDph56ZTswlx75nZVtIukqzLAQ5fa8OALSGum0cFi4ptZUOhDNz1onz61klD6z3MODi0sBZN\n" + " Aj6guB2L/+2ZwElZEeRBERRd/uommlYuToAXfNRdUwrwl9gRMiA0WSyTb190zneRRDfpSK5d\n" + " usXnM/O+kr3Dm+Ui+UioPf6wgbn3T0o6I5BhVhs4h4hWmIW7iNhPjX1iybXfmb1gAFfjtHfL\n" + " xRUr64svXpyfJMScIQtBAm0ihWPltXkyITA92ngCmPdHa6M1hMh4RDX+Jf1fiWubzp1voAg0\n" + " JBrdmNZSQDz0iKmSrx8xkoXYfA3bgtFN8WJH2xgFL28XnqY4M6dLhJwV3z08tPSRqYFm4NMP\n" + " dRsn0/7oymhneL8RthIvjDDQ5ktUjMe8LtHr70OZE/TT88qvEdhiIVUogHdo4qBrk41+gGQh\n" + " b906Dudw5YhTJFU3nC6bbF2nrLlB4C/XSiH76ZvqzV0Z/cAMBo5NF/w=\n" + "In-Reply-To: <20240329225835.400662-24-michael.roth@amd.com>\n" + "Content-Type: text/plain; charset=UTF-8; format=flowed\n" + "Content-Transfer-Encoding: 7bit\n" + "Return-Path: kvm+bounces-13159-martin.weber=secunet.com@vger.kernel.org\n" + "X-MS-Exchange-Organization-OriginalArrivalTime: 30 Mar 2024 21:35:40.9329\n" + " (UTC)\n" + "X-MS-Exchange-Organization-Network-Message-Id: d2540025-1aa6-41fa-c753-08dc510158f9\n" + "X-MS-Exchange-Organization-OriginalClientIPAddress: 62.96.220.37\n" + "X-MS-Exchange-Organization-OriginalServerIPAddress: 10.53.40.201\n" + "X-MS-Exchange-Organization-Cross-Premises-Headers-Processed: cas-essen-01.secunet.de\n" + "X-MS-Exchange-Organization-OrderedPrecisionLatencyInProgress: LSRV=mbx-dresden-01.secunet.de:TOTAL-HUB=0.435|SMR=0.348(SMRDE=0.035|SMRC=0.312(SMRCL=0.101|X-SMRCR=0.313))|CAT=0.086(CATOS=0.011\n" + " (CATSM=0.011(CATSM-Malware\n" + " Agent=0.011))|CATRESL=0.039(CATRESLP2R=0.020)|CATORES=0.033\n" + " (CATRS=0.033(CATRS-Index Routing Agent=0.032)));2024-03-30T21:35:41.398Z\n" + "X-MS-Exchange-Forest-ArrivalHubServer: mbx-dresden-01.secunet.de\n" + "X-MS-Exchange-Organization-AuthSource: cas-essen-01.secunet.de\n" + "X-MS-Exchange-Organization-AuthAs: Anonymous\n" + "X-MS-Exchange-Organization-FromEntityHeader: Internet\n" + "X-MS-Exchange-Organization-OriginalSize: 16300\n" + "X-MS-Exchange-Organization-HygienePolicy: Standard\n" + "X-MS-Exchange-Organization-MessageLatency: SRV=cas-essen-01.secunet.de:TOTAL-FE=0.030|SMR=0.023(SMRPI=0.021(SMRPI-FrontendProxyAgent=0.020))|SMS=0.007\n" + "X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0\n" + "X-MS-Exchange-Organization-Recipient-Limit-Verified: True\n" + "X-MS-Exchange-Organization-TotalRecipientCount: 1\n" + "X-MS-Exchange-Organization-Rules-Execution-History: 0b0cf904-14ac-4724-8bdf-482ee6223cf2%%%fd34672d-751c-45ae-a963-ed177fcabe23%%%d8080257-b0c3-47b4-b0db-23bc0c8ddb3c%%%95e591a2-5d7d-4afa-b1d0-7573d6c0a5d9%%%f7d0f6bc-4dcc-4876-8c5d-b3d6ddbb3d55%%%16355082-c50b-4214-9c7d-d39575f9f79b\n" + "X-MS-Exchange-Forest-RulesExecuted: mbx-dresden-01\n" + "X-MS-Exchange-Organization-RulesExecuted: mbx-dresden-01\n" + "X-MS-Exchange-Forest-IndexAgent-0: AQ0CZW4AAScJAAAPAAADH4sIAAAAAAAEAM1XbXPbxhE+kiJFUqTd2I\n" + " 7ddCYzG2ec6oWiKJGiZMlO7SRy6nEkcyTFHzqdwRyBg4gaBDgASEtx\n" + " /bW/u7t7AAlS706nLUwDh73bvWeffTnoX4/fetBc23i6ttGCjebO5n\n" + " YN9h2zJ5ULh37Ugw+BH6mdavl7eO1B1FNgylCBb8PR3rvVo4NODT70\n" + " FMoD8APw/AgkbOz/AAN5Qks96Croy8FAWTByJEgyRPMkc7wTcLTRk6\n" + " EKoz+H4OEDl7J2JLuuAksNlGeF4HszG5El6Z1BOOzS8hA+OFEvNhdI\n" + " Dw305EiBdAMlrTPEoTzczYkc6Tq/4R4yhEHgjGSkyFKseLjf0fvW4R\n" + " hf1akTRgSz75wqa1VGUeB0hxFiC6T5Psb/5t0+OKE2Eg5t2zEd5UWA\n" + " SFUNbASL4kh6JrNIy/BahZO+6iM41zcRQTjmbDJPjKDdEJ/Qeffyl9\n" + " c/vTzeIxouWeqinQBM3xupIAoxDDExEPkQ9mSgrLEChg16PuqYvqXG\n" + " exztvzz6K68euE7E2xAdSaRwovVmbIKc3t//Va8N4aBzfMnCC8FFPR\n" + " nFoHSsu0gnKU4iQgZeRrjSwTj5jkdDZBRQB6OvAwLjgIQ1zAWLUX3w\n" + " h66FS4I+snvGWYIsf+BIkE8pqMjSiXS8GqAJvRP+pBkNSVMnM6lq5r\n" + " rKlENM/ak0SVlCXK03jALTnnQx8weB3/cpoX1OLzLTOxuoYOSEiCZ0\n" + " LMyQ0GeTU7D6Q+QMM891yYrr9B0ywsTincz0ZWT2GHM9Jut1f+CqPm\n" + " WehPejvnG63Tb8QVinRDNGmPQWEmvYcuhGi0sYfv89U4JlrMNh9pT5\n" + " ntOYxMwGxsvCgkHw5Ja0/oGwQkabxNpVI2wU0jT9wMJ39yxBc+SceF\n" + " gxvm2vds92plvKs75+q2Nr6b2Qfatu+n3UqpYP1chRyDfrdKTv+vCD\n" + " 7/2GZQvPBl09eoFJg3jHOt/D6uqqTjcZmL019HsN/V8L6b8a1U34Jz\n" + " Q3YOWa6zILoz5bgHW4akmPlmzBlK0m2I6LhYW+YjeyatBqUCvAAkBG\n" + " w8WVpZgqy7Ft9OEEa06uXeJC95IJ3XUsdQrbW1Z7Y91qrDdlq15vrt\n" + " ttu7W13d5sNGG90Wi3WjFTl+5B84j9yq1evIDVVqvVrDVhRT83STby\n" + " HQtwkcG55nhJti1SHg5sz6BklkFUg4kAm/pS3CRSF87BynPAOjM2+s\n" + " ZwQFbgL9A5PjwyOnuHRmf/J9iB9d2J5ic95AcTv7K2zA9YhkO1ylk9\n" + " PjnwPPr2oPOKM1wmzWaNW/H4wBqXXUh1alLgMPsTk7oIMP9Pnf6wP1\n" + " MHjo0HmLKUVY+Xr/GTmteYnZlKDKNgaEbECyzjLc0Q3mtwwsMTGnZ9\n" + " H7cIjRh2Te9x2TXchmVEaTAyZnrl40SDIPFMDQJzdyLnPWQYcvXuTj\n" + " jVSjYsfkOOhN7A4L5OAV5aOg8kUNEw8KAxayEw4TmQtovtZzgwgj4e\n" + " 7lFwtsi+fpdsjEMNe3d688Bcgo/ndxsEhgoCI0BS4la5+Bjb2g63ab\n" + " bPvdz2h561Az+/OoAnrnsKnWSgg/fEArSCifHE+rv3+Bp244vjwtjH\n" + " ZKYxz9Cxunfwdu/gOLXg00UMJyx8rq/YuPnois1c5fHnOnqlk68P8G\n" + " vlGic1gGfnUnTK4mQSs4af5/JpKs8+3aCbcju/qMXRxKSbdlub7aeN\n" + " tr3R3mrU6xtPt7stU21tyU37Bt00MXVZN03mqZtuNrbXa21Y4ecWib\n" + " BTRo4Jk8aQnOQQpsaGQd+y2EgkcvNx8mGJlz7xB4Ea0DfJ80nriUW1\n" + " 2aWThp1ePZGmUuSir4m00vRMvNOn3TE+3Zuvj1HvMuJ6kxg1bTzkrK\n" + " bVlJaq17dabXt7/alsW6p1sxj1rolRL4nRVnODQkSP7anjbmQOhsbQ\n" + " 6+JHPP0xkGrmPAXLdF+KD6uxFvU/Ch7GA78NTSxh3UwNiry62sjUUR\n" + " LH8zZnCOlTVeHnmgrOIbvl8b37/3K6xX58q9ww/qsoLiLHcx1PJbXE\n" + " R/wy0R9KWxn8x5dBwks41/13qruldH5+1THe7B0e7P1ivPzxx7e/Hh\n" + " zjN6BhkPhve4dvNShOn80mp8/mZm19PVXhMbjfH9JzKBu7qY+iWTI+\n" + " N9rwUTfyK9B/dvRvdAbF12yiXPOlc/6ISJIF/7ax+ZX+CZEVuUxGzO\n" + " ufyOJrNpPLC5EX8/OiOCfyeVFGYU7M4ZgGtGwuJ/I4q+UZkdWzeEdJ\n" + " QcyzkF7Ha3CAcrZW0MJkihYXRUlr4ewcW8b7gqjwsgVtgWfjxfmMuC\n" + " sKJVHGsZ7NikJFVOdEgRd8ieo4y6iqaBONlyZekAR/qIvINYyCuKtd\n" + " wB8uxh8K82xt7EVWLOhXDXUsHFvTutoII7+Dd+2yNqVtlkUlcQe1Ku\n" + " NdYtfYuLaAr7zRAu6VUilpUxqJXqaZLIsFZGBMl4aUZ0mCFn8FJrmC\n" + " hFDgMmIh2R1jdl/kGUNRR1MjKcRMxpRqMHhHOwvifiEjqow5y0IEgI\n" + " n0YGKhWKQtEOEch75UpF10uO+Pd9G/TAaNYEIunZNjwEWG3blAnrnL\n" + " s1mynymxhVxZPJiL8zA7qyWyFwmJqIq4U8lUC0IUxJ2L1pQuEGaKVC\n" + " yZAiPJ6jFjoEzOkbNEHYYGx6UEAEU59ZoTD3MsqcYVVEJpRW+kLYtF\n" + " BF3k/OFQTnzRxaJR6VgXKUwLBa5fHSa2+YCtiUeMh6Nc4Cjkc4wzBY\n" + " Ze88mYUjEjypRC32XZQok2eqjrMUtFh9b+mGWtapKlOfGokJln5F9k\n" + " Ex5wO85ezGGsGpSjs4/Q+D3O2AVRzSVeJMWuqdbCec0bh29Rw2YADw\n" + " vUW77JEoyvL7SmK4JpmTWYMvVVYgenSombXyUDpPHLxKPK/zC1GEDc\n" + " o9LFmxojvX/S+TOPLmfEHzji81hu1DYxFauptHyYrvrp9Pj6v+bmnM\n" + " CHruXsZKyzOlVB2uUivVIH07OPkzaF3Ul32pllmpyEhOJNcj43yfPq\n" + " baq4/B8tsTtzoqwDzcdKYQxDn5LTbn6Br3kyErede1xu85lyWZ/Ome\n" + " p5knWbinPp9ixlRSWpiLsJyJtzVUnve0vGGinGSummlOC5l/83zkEU\n" + " IeEZAAABCtQCPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idX\n" + " RmLTE2Ij8+DQo8RW1haWxTZXQ+DQogIDxWZXJzaW9uPjE1LjAuMC4w\n" + " PC9WZXJzaW9uPg0KICA8RW1haWxzPg0KICAgIDxFbWFpbCBTdGFydE\n" + " luZGV4PSIxMTM5Ij4NCiAgICAgIDxFbWFpbFN0cmluZz5taWNoYWVs\n" + " LnJvdGhAYW1kLmNvbTwvRW1haWxTdHJpbmc+DQogICAgPC9FbWFpbD\n" + " 4NCiAgICA8RW1haWwgU3RhcnRJbmRleD0iMTE5MiIgUG9zaXRpb249\n" + " IlNpZ25hdHVyZSI+DQogICAgICA8RW1haWxTdHJpbmc+cGJvbnppbm\n" + " lAcmVkaGF0LmNvbTwvRW1haWxTdHJpbmc+DQogICAgPC9FbWFpbD4N\n" + " CiAgPC9FbWFpbHM+DQo8L0VtYWlsU2V0PgEMpwc8P3htbCB2ZXJzaW\n" + " 9uPSIxLjAiIGVuY29kaW5nPSJ1dGYtMTYiPz4NCjxDb250YWN0U2V0\n" + " Pg0KICA8VmVyc2lvbj4xNS4wLjAuMDwvVmVyc2lvbj4NCiAgPENvbn\n" + " RhY3RzPg0KICAgIDxDb250YWN0IFN0YXJ0SW5kZXg9IjExMjUiPg0K\n" + " ICAgICAgPFBlcnNvbiBTdGFydEluZGV4PSIxMTI1Ij4NCiAgICAgIC\n" + " AgPFBlcnNvblN0cmluZz5NaWNoYWVsIFJvdGg8L1BlcnNvblN0cmlu\n" + " Zz4NCiAgICAgIDwvUGVyc29uPg0KICAgICAgPEVtYWlscz4NCiAgIC\n" + " AgICAgPEVtYWlsIFN0YXJ0SW5kZXg9IjExMzkiPg0KICAgICAgICAg\n" + " IDxFbWFpbFN0cmluZz5taWNoYWVsLnJvdGhAYW1kLmNvbTwvRW1haW\n" + " xTdHJpbmc+DQogICAgICAgIDwvRW1haWw+DQogICAgICA8L0VtYWls\n" + " cz4NCiAgICAgIDxDb250YWN0U3RyaW5nPk1pY2hhZWwgUm90aCAmbH\n" + " Q7bWljaGFlbC5yb3RoQGFtZC5jb208L0NvbnRhY3RTdHJpbmc+DQog\n" + " ICAgPC9Db250YWN0Pg0KICAgIDxDb250YWN0IFN0YXJ0SW5kZXg9Ij\n" + " ExNzciIFBvc2l0aW9uPSJTaWduYXR1cmUiPg0KICAgICAgPFBlcnNv\n" + " biBTdGFydEluZGV4PSIxMTc3IiBQb3NpdGlvbj0iU2lnbmF0dXJlIj\n" + " 4NCiAgICAgICAgPFBlcnNvblN0cmluZz5QYW9sbyBCb256aW5pPC9Q\n" + " ZXJzb25TdHJpbmc+DQogICAgICA8L1BlcnNvbj4NCiAgICAgIDxFbW\n" + " FpbHM+DQogICAgICAgIDxFbWFpbCBTdGFydEluZGV4PSIxMTkyIiBQ\n" + " b3NpdGlvbj0iU2lnbmF0dXJlIj4NCiAgICAgICAgICA8RW1haWxTdH\n" + " Jpbmc+cGJvbnppbmlAcmVkaGF0LmNvbTwvRW1haWxTdHJpbmc+DQog\n" + " ICAgICAgIDwvRW1haWw+DQogICAgICA8L0VtYWlscz4NCiAgICAgID\n" + " xDb250YWN0U3RyaW5nPlBhb2xvIEJvbnppbmkgJmx0O3Bib256aW5p\n" + " QHJlZGhhdC5jb208L0NvbnRhY3RTdHJpbmc+DQogICAgPC9Db250YW\n" + " N0Pg0KICA8L0NvbnRhY3RzPg0KPC9Db250YWN0U2V0PgEOzwFSZXRy\n" + " aWV2ZXJPcGVyYXRvciwxMCwxO1JldHJpZXZlck9wZXJhdG9yLDExLD\n" + " E7UG9zdERvY1BhcnNlck9wZXJhdG9yLDEwLDA7UG9zdERvY1BhcnNl\n" + " ck9wZXJhdG9yLDExLDA7UG9zdFdvcmRCcmVha2VyRGlhZ25vc3RpY0\n" + " 9wZXJhdG9yLDEwLDE7UG9zdFdvcmRCcmVha2VyRGlhZ25vc3RpY09w\n" + " ZXJhdG9yLDExLDA7VHJhbnNwb3J0V3JpdGVyUHJvZHVjZXIsMjAsMj E=\n" + "X-MS-Exchange-Forest-IndexAgent: 1 3848\n" + "X-MS-Exchange-Forest-EmailMessageHash: DDBAC2FC\n" + "X-MS-Exchange-Forest-Language: en\n" + "X-MS-Exchange-Organization-Processed-By-Journaling: Journal Agent\n" + "\n" + "On 3/29/24 23:58, Michael Roth wrote:\n" + "> In the case of SEV-SNP, whether or not a 2MB page can be mapped via a\n" + "> 2MB mapping in the guest's nested page table depends on whether or not\n" + "> any subpages within the range have already been initialized as private\n" + "> in the RMP table. The existing mixed-attribute tracking in KVM is\n" + "> insufficient here, for instance:\n" + "> \n" + "> - gmem allocates 2MB page\n" + "> - guest issues PVALIDATE on 2MB page\n" + "> - guest later converts a subpage to shared\n" + "> - SNP host code issues PSMASH to split 2MB RMP mapping to 4K\n" + "> - KVM MMU splits NPT mapping to 4K\n" + "> - guest later converts that shared page back to private\n" + "> \n" + "> At this point there are no mixed attributes, and KVM would normally\n" + "> allow for 2MB NPT mappings again, but this is actually not allowed\n" + "> because the RMP table mappings are 4K and cannot be promoted on the\n" + "> hypervisor side, so the NPT mappings must still be limited to 4K to\n" + "> match this.\n" + "> \n" + "> Implement a kvm_x86_ops.gmem_validate_fault() hook for SEV that checks\n" + "> for this condition and adjusts the mapping level accordingly.\n" + "> \n" + "> Signed-off-by: Michael Roth <michael.roth@amd.com>\n" + "\n" + "Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>\n" + "\n" + "> ---\n" + "> arch/x86/kvm/svm/sev.c | 32 ++++++++++++++++++++++++++++++++\n" + "> arch/x86/kvm/svm/svm.c | 1 +\n" + "> arch/x86/kvm/svm/svm.h | 7 +++++++\n" + "> 3 files changed, 40 insertions(+)\n" + "> \n" + "> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c\n" + "> index 87d621d013a4..31f6f4786503 100644\n" + "> --- a/arch/x86/kvm/svm/sev.c\n" + "> +++ b/arch/x86/kvm/svm/sev.c\n" + "> @@ -4443,3 +4443,35 @@ void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end)\n" + "> \t\tpfn += use_2m_update ? PTRS_PER_PMD : 1;\n" + "> \t}\n" + "> }\n" + "> +\n" + "> +/*\n" + "> + * Re-check whether an #NPF for a private/gmem page can still be serviced, and\n" + "> + * adjust maximum mapping level if needed.\n" + "> + */\n" + "> +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private,\n" + "> +\t\t\t u8 *max_level)\n" + "> +{\n" + "> +\tint level, rc;\n" + "> +\tbool assigned;\n" + "> +\n" + "> +\tif (!sev_snp_guest(kvm))\n" + "> +\t\treturn 0;\n" + "> +\n" + "> +\trc = snp_lookup_rmpentry(pfn, &assigned, &level);\n" + "> +\tif (rc) {\n" + "> +\t\tpr_err_ratelimited(\"SEV: RMP entry not found: GFN %llx PFN %llx level %d error %d\\n\",\n" + "> +\t\t\t\t gfn, pfn, level, rc);\n" + "> +\t\treturn -ENOENT;\n" + "> +\t}\n" + "> +\n" + "> +\tif (!assigned) {\n" + "> +\t\tpr_err_ratelimited(\"SEV: RMP entry is not assigned: GFN %llx PFN %llx level %d\\n\",\n" + "> +\t\t\t\t gfn, pfn, level);\n" + "> +\t\treturn -EINVAL;\n" + "> +\t}\n" + "> +\n" + "> +\tif (level < *max_level)\n" + "> +\t\t*max_level = level;\n" + "> +\n" + "> +\treturn 0;\n" + "> +}\n" + "> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c\n" + "> index b456906f2670..298b4ce77a5f 100644\n" + "> --- a/arch/x86/kvm/svm/svm.c\n" + "> +++ b/arch/x86/kvm/svm/svm.c\n" + "> @@ -5081,6 +5081,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = {\n" + "> \n" + "> \t.gmem_prepare = sev_gmem_prepare,\n" + "> \t.gmem_invalidate = sev_gmem_invalidate,\n" + "> +\t.gmem_validate_fault = sev_gmem_validate_fault,\n" + "> };\n" + "> \n" + "> /*\n" + "> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h\n" + "> index 3f1f6d3d3ade..746f819a6de4 100644\n" + "> --- a/arch/x86/kvm/svm/svm.h\n" + "> +++ b/arch/x86/kvm/svm/svm.h\n" + "> @@ -732,6 +732,8 @@ void sev_vcpu_unblocking(struct kvm_vcpu *vcpu);\n" + "> void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu);\n" + "> int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order);\n" + "> void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end);\n" + "> +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private,\n" + "> +\t\t\t u8 *max_level);\n" + "> #else\n" + "> static inline struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) {\n" + "> \treturn alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO);\n" + "> @@ -753,6 +755,11 @@ static inline int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, in\n" + "> \treturn 0;\n" + "> }\n" + "> static inline void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) {}\n" + "> +static inline int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn,\n" + "> +\t\t\t\t\t bool is_private, u8 *max_level)\n" + "> +{\n" + "> +\treturn 0;\n" + "> +}\n" + "> \n" + "> #endif\n" + "> \n" + "\n" + "\n" + "X-sender: <linux-kernel+bounces-125895-steffen.klassert=secunet.com@vger.kernel.org>\n" + "X-Receiver: <steffen.klassert@secunet.com> ORCPT=rfc822;steffen.klassert@secunet.com NOTIFY=NEVER; X-ExtendedProps=BQAVABYAAgAAAAUAFAARAPDFCS25BAlDktII2g02frgPADUAAABNaWNyb3NvZnQuRXhjaGFuZ2UuVHJhbnNwb3J0LkRpcmVjdG9yeURhdGEuSXNSZXNvdXJjZQIAAAUAagAJAAEAAAAAAAAABQAWAAIAAAUAQwACAAAFAEYABwADAAAABQBHAAIAAAUAEgAPAGIAAAAvbz1zZWN1bmV0L291PUV4Y2hhbmdlIEFkbWluaXN0cmF0aXZlIEdyb3VwIChGWURJQk9IRjIzU1BETFQpL2NuPVJlY2lwaWVudHMvY249U3RlZmZlbiBLbGFzc2VydDY4YwUACwAXAL4AAACheZxkHSGBRqAcAp3ukbifQ049REI2LENOPURhdGFiYXNlcyxDTj1FeGNoYW5nZSBBZG1pbmlzdHJhdGl2ZSBHcm91cCAoRllESUJPSEYyM1NQRExUKSxDTj1BZG1pbmlzdHJhdGl2ZSBHcm91cHMsQ049c2VjdW5ldCxDTj1NaWNyb3NvZnQgRXhjaGFuZ2UsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1zZWN1bmV0LERDPWRlBQAOABEABiAS9uuMOkqzwmEZDvWNNQUAHQAPAAwAAABtYngtZXNzZW4tMDIFADwAAgAADwA2AAAATWljcm9zb2Z0LkV4Y2hhbmdlLlRyYW5zcG9ydC5NYWlsUmVjaXBpZW50LkRpc3BsYXlOYW1lDwARAAAAS2xhc3NlcnQsIFN0ZWZmZW4FAAwAAgAABQBsAAIAAAUAWAAXAEoAAADwxQktuQQJQ5LSCNoNNn64Q049S2xhc3NlcnQgU3RlZmZlbixPVT1Vc2VycyxPVT1NaWdyYXRpb24sREM9c2VjdW5ldCxEQz1kZQUAJgACAAEFACIADwAxAAAAQXV0b1Jlc3BvbnNlU3VwcHJlc3M6IDANClRyYW5zbWl0SGlzdG9yeTogRmFsc2UNCg8ALwAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuRXhwYW5zaW9uR3JvdXBUeXBlDwAVAAAATWVtYmVyc0dyb3VwRXhwYW5zaW9uBQAjAAIAAQ==\n" + "X-CreatedBy: MSExchange15\n" + "X-HeloDomain: a.mx.secunet.com\n" + "X-ExtendedProps: BQBjAAoAtaNAQuxQ3AgFAGEACAABAAAABQA3AAIAAA8APAAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuTWFpbFJlY2lwaWVudC5Pcmdhbml6YXRpb25TY29wZREAAAAAAAAAAAAAAAAAAAAAAAUASQACAAEFAGIACgBaAAAAo4oAAAUABAAUIAEAAAAcAAAAc3RlZmZlbi5rbGFzc2VydEBzZWN1bmV0LmNvbQUABgACAAEFACkAAgABDwAJAAAAQ0lBdWRpdGVkAgABBQACAAcAAQAAAAUAAwAHAAAAAAAFAAUAAgABBQBkAA8AAwAAAEh1Yg==\n" + "X-Source: SMTP:Default MBX-DRESDEN-01\n" + "X-SourceIPAddress: 62.96.220.36\n" + "X-EndOfInjectedXHeaders: 23237\n" + "Received: from cas-essen-02.secunet.de (10.53.40.202) by\n" + " mbx-dresden-01.secunet.de (10.53.40.199) with Microsoft SMTP Server\n" + " (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id\n" + " 15.1.2507.37; Sat, 30 Mar 2024 22:35:58 +0100\n" + "Received: from a.mx.secunet.com (62.96.220.36) by cas-essen-02.secunet.de\n" + " (10.53.40.202) with Microsoft SMTP Server (version=TLS1_2,\n" + " cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.37 via Frontend\n" + " Transport; Sat, 30 Mar 2024 22:35:58 +0100\n" + "Received: from localhost (localhost [127.0.0.1])\n" + "\tby a.mx.secunet.com (Postfix) with ESMTP id 8EC8920883\n" + "\tfor <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 22:35:58 +0100 (CET)\n" + "X-Virus-Scanned: by secunet\n" + "X-Spam-Flag: NO\n" + "X-Spam-Score: -2.851\n" + "X-Spam-Level:\n" + "X-Spam-Status: No, score=-2.851 tagged_above=-999 required=2.1\n" + "\ttests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.1, DKIM_SIGNED=0.1,\n" + "\tDKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,\n" + "\tHEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1,\n" + "\tRCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001]\n" + "\tautolearn=ham autolearn_force=no\n" + "Authentication-Results: a.mx.secunet.com (amavisd-new);\n" + "\tdkim=pass (1024-bit key) header.d=redhat.com\n" + "Received: from a.mx.secunet.com ([127.0.0.1])\n" + "\tby localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024)\n" + "\twith ESMTP id WvBMAZHTwSqc for <steffen.klassert@secunet.com>;\n" + "\tSat, 30 Mar 2024 22:35:57 +0100 (CET)\n" + "Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=147.75.199.223; helo=ny.mirrors.kernel.org; envelope-from=linux-kernel+bounces-125895-steffen.klassert=secunet.com@vger.kernel.org; receiver=steffen.klassert@secunet.com \n" + "DKIM-Filter: OpenDKIM Filter v2.11.0 a.mx.secunet.com 135CB2076B\n" + "Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org [147.75.199.223])\n" + "\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n" + "\t(No client certificate requested)\n" + "\tby a.mx.secunet.com (Postfix) with ESMTPS id 135CB2076B\n" + "\tfor <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 22:35:51 +0100 (CET)\n" + "Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])\n" + "\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n" + "\t(No client certificate requested)\n" + "\tby ny.mirrors.kernel.org (Postfix) with ESMTPS id EDEB11C21721\n" + "\tfor <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 21:35:50 +0000 (UTC)\n" + "Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])\n" + "\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 89EA04F5FD;\n" + "\tSat, 30 Mar 2024 21:35:33 +0000 (UTC)\n" + "Authentication-Results: smtp.subspace.kernel.org;\n" + "\tdkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=\"PwZ9MZ1i\"\n" + "Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])\n" + "\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n" + "\t(No client certificate requested)\n" + "\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id A388345948\n" + "\tfor <linux-kernel@vger.kernel.org>; Sat, 30 Mar 2024 21:35:28 +0000 (UTC)\n" + "Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124\n" + "ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n" + "\tt=1711834530; cv=none; b=fO/lEHbAvPLPvD4Czk3OqRCafqKiRL8iA0CO8q3eZQUN1kteZWed50dTZAyxTZuCdaX9qS/XnXuBeW5qVjX9QR8/wTnWHHzz2AMuaZjzC3tb1Dr6TyQ2SmNypR8s7rZVDdK6ARJUpxAZud/DR7rrr/s5fFn/Kmo2G7UC5c5imR4=\n" + "ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;\n" + "\ts=arc-20240116; t=1711834530; c=relaxed/simple;\n" + "\tbh=g0toAGCQtFi0G3GbWa0Q4HZPWv8jGtxInPF/JxlP71A=;\n" + "\th=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:\n" + "\t In-Reply-To:Content-Type; b=VDk1AdWfivfUlDYWWV0aeHeinK3zHP6Dwj3CQ2qewUTiR3JkY389d6bV/9E9OKg2J0ACGBw1DWYUPuF6lGvUnq274kQdBU+HYQaf3VVKagAkxwJnR9csNwkpG3T1KCpCWClj7sLvSTcqgcR3yTTn3MVnPc35I5YZ5/XMmBDm6Vc=\n" + "ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=PwZ9MZ1i; arc=none smtp.client-ip=170.10.133.124\n" + "Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com\n" + "Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com\n" + "DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;\n" + "\ts=mimecast20190719; t=1711834527;\n" + "\th=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n" + "\t to:to:cc:cc:mime-version:mime-version:content-type:content-type:\n" + "\t content-transfer-encoding:content-transfer-encoding:\n" + "\t in-reply-to:in-reply-to:references:references:autocrypt:autocrypt;\n" + "\tbh=EwmuW/k3ZL7znVA8wS56lDlLW9BhS4TEVksrt7Me+Z8=;\n" + "\tb=PwZ9MZ1iyCAVzBUash6/9hnMVBP48I4GsfrdulDjf7X0dySw+dhCyQuoNF9cRn97oZnC0V\n" + "\tcTOQYa0rlarrHCAeQS/Hszk96ip36xl7O644Vw+ylUW0h4uRIhxuKMLJ1NrVHXnq/yslBs\n" + "\trhet5l0+ntjKgvhS1bHVq1nOKnn3br4=\n" + "Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com\n" + " [209.85.208.72]) by relay.mimecast.com with ESMTP with STARTTLS\n" + " (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id\n" + " us-mta-112-tSJu9a0cMgmQB3On25fBYg-1; Sat, 30 Mar 2024 17:35:23 -0400\n" + "X-MC-Unique: tSJu9a0cMgmQB3On25fBYg-1\n" + "Received: by mail-ed1-f72.google.com with SMTP id 4fb4d7f45d1cf-5689f41cf4dso2408093a12.3\n" + " for <linux-kernel@vger.kernel.org>; Sat, 30 Mar 2024 14:35:23 -0700 (PDT)\n" + "X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;\n" + " d=1e100.net; s=20230601; t=1711834522; x=1712439322;\n" + " h=content-transfer-encoding:in-reply-to:autocrypt:content-language\n" + " :from:references:cc:to:subject:user-agent:mime-version:date\n" + " :message-id:x-gm-message-state:from:to:cc:subject:date:message-id\n" + " :reply-to;\n" + " bh=EwmuW/k3ZL7znVA8wS56lDlLW9BhS4TEVksrt7Me+Z8=;\n" + " b=jTT2FBgSYMoeJE5ccOi5DsUyE0juZB4gBpRsaeSs9kH9ALQmj2ilHm8toqrL4cyyRv\n" + " Ofppy6SnyGFp2zfcHgVCc/EKCvuOaQZK6JLnQl8X2ElNIadsNZPGYktkgwtSlkzXYkvz\n" + " CLb+Mcn2pOShlO2CvLTXusmuKk3Y/Zt5FdLpngbspaovc+VJ1pXRCKMkKMylEO5vmetk\n" + " Hny51o7yTwHFWOegSUEFqtPM2imlks1J7mBZ0WuWiM7shRLBCiY9cNmWZLphMb+nEs9a\n" + " ipG4IOi+Wmp8zeHIcqDBWl6+wdAwUQO1tV70NDjBvGynKbt8FATmGTDxCv+bQ1fv2rIQ\n" + " GuZQ==\n" + "X-Forwarded-Encrypted: i=1; AJvYcCX4Pp+/19Mb2juuK84MNGHHMO5BHtlVbuQw6u4ZjA70d901hLiKrIUob09YFXAiG9zaWUumWi5S5A3ycfm7kpmU1INlD4mcb72VKS3k\n" + "X-Gm-Message-State: AOJu0YzQvpxLO0QoT38CtX9+7v5jgy51U7OMzC5vh+PxRqnKlxdZhHH8\n" + "\t6ZlZLqCDd5Th1F5x22MqKJ+q7SSedAzc4vh61ECYbvvQsECUlrHUi24/Y+QP5l0Lt05efWXFOnw\n" + "\tNWMVbeMVoNNqFiKg+nNGL//njdocX9xu1QzBM7wXulm42lMtfWzkkBnz5rJgmgA==\n" + "X-Received: by 2002:a50:bb44:0:b0:567:23a2:5b1e with SMTP id y62-20020a50bb44000000b0056723a25b1emr4176662ede.23.1711834522688;\n" + " Sat, 30 Mar 2024 14:35:22 -0700 (PDT)\n" + "X-Google-Smtp-Source: AGHT+IH4Y1Y1ai02PAHKv5gHHk8E9vouw7+IeXJOAyuQtq3+b2c4PJy15b2ZKcJKFYMqFhtFpYJu6A==\n" + "X-Received: by 2002:a50:bb44:0:b0:567:23a2:5b1e with SMTP id y62-20020a50bb44000000b0056723a25b1emr4176630ede.23.1711834522369;\n" + " Sat, 30 Mar 2024 14:35:22 -0700 (PDT)\n" + "Received: from [192.168.10.4] ([151.95.49.219])\n" + " by smtp.googlemail.com with ESMTPSA id cy14-20020a0564021c8e00b0056bf31fa2a3sm3688481edb.80.2024.03.30.14.35.18\n" + " (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);\n" + " Sat, 30 Mar 2024 14:35:21 -0700 (PDT)\n" + "Message-ID: <4e89479a-e170-403a-b2eb-ce7b895e55a3@redhat.com>\n" + "Date: Sat, 30 Mar 2024 22:35:17 +0100\n" + "Precedence: bulk\n" + "X-Mailing-List: linux-kernel@vger.kernel.org\n" + "List-Id: <linux-kernel.vger.kernel.org>\n" + "List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>\n" + "List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>\n" + "MIME-Version: 1.0\n" + "User-Agent: Mozilla Thunderbird\n" + "Subject: Re: [PATCH v12 23/29] KVM: x86: Implement gmem hook for determining\n" + " max NPT mapping level\n" + "To: Michael Roth <michael.roth@amd.com>, kvm@vger.kernel.org\n" + "Cc: linux-coco@lists.linux.dev, linux-mm@kvack.org,\n" + " linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org,\n" + " tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de,\n" + " thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, seanjc@google.com,\n" + " vkuznets@redhat.com, jmattson@google.com, luto@kernel.org,\n" + " dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com,\n" + " peterz@infradead.org, srinivas.pandruvada@linux.intel.com,\n" + " rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de,\n" + " vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com,\n" + " tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com,\n" + " alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com,\n" + " nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com\n" + "References: <20240329225835.400662-1-michael.roth@amd.com>\n" + " <20240329225835.400662-24-michael.roth@amd.com>\n" + "From: Paolo Bonzini <pbonzini@redhat.com>\n" + "Content-Language: en-US\n" + "Autocrypt: addr=pbonzini@redhat.com; keydata=\n" + " xsEhBFRCcBIBDqDGsz4K0zZun3jh+U6Z9wNGLKQ0kSFyjN38gMqU1SfP+TUNQepFHb/Gc0E2\n" + " CxXPkIBTvYY+ZPkoTh5xF9oS1jqI8iRLzouzF8yXs3QjQIZ2SfuCxSVwlV65jotcjD2FTN04\n" + " hVopm9llFijNZpVIOGUTqzM4U55sdsCcZUluWM6x4HSOdw5F5Utxfp1wOjD/v92Lrax0hjiX\n" + " DResHSt48q+8FrZzY+AUbkUS+Jm34qjswdrgsC5uxeVcLkBgWLmov2kMaMROT0YmFY6A3m1S\n" + " P/kXmHDXxhe23gKb3dgwxUTpENDBGcfEzrzilWueOeUWiOcWuFOed/C3SyijBx3Av/lbCsHU\n" + " Vx6pMycNTdzU1BuAroB+Y3mNEuW56Yd44jlInzG2UOwt9XjjdKkJZ1g0P9dwptwLEgTEd3Fo\n" + " UdhAQyRXGYO8oROiuh+RZ1lXp6AQ4ZjoyH8WLfTLf5g1EKCTc4C1sy1vQSdzIRu3rBIjAvnC\n" + " tGZADei1IExLqB3uzXKzZ1BZ+Z8hnt2og9hb7H0y8diYfEk2w3R7wEr+Ehk5NQsT2MPI2QBd\n" + " wEv1/Aj1DgUHZAHzG1QN9S8wNWQ6K9DqHZTBnI1hUlkp22zCSHK/6FwUCuYp1zcAEQEAAc0j\n" + " UGFvbG8gQm9uemluaSA8cGJvbnppbmlAcmVkaGF0LmNvbT7CwU0EEwECACMFAlRCcBICGwMH\n" + " CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRB+FRAMzTZpsbceDp9IIN6BIA0Ol7MoB15E\n" + " 11kRz/ewzryFY54tQlMnd4xxfH8MTQ/mm9I482YoSwPMdcWFAKnUX6Yo30tbLiNB8hzaHeRj\n" + " jx12K+ptqYbg+cevgOtbLAlL9kNgLLcsGqC2829jBCUTVeMSZDrzS97ole/YEez2qFpPnTV0\n" + " VrRWClWVfYh+JfzpXmgyhbkuwUxNFk421s4Ajp3d8nPPFUGgBG5HOxzkAm7xb1cjAuJ+oi/K\n" + " CHfkuN+fLZl/u3E/fw7vvOESApLU5o0icVXeakfSz0LsygEnekDbxPnE5af/9FEkXJD5EoYG\n" + " SEahaEtgNrR4qsyxyAGYgZlS70vkSSYJ+iT2rrwEiDlo31MzRo6Ba2FfHBSJ7lcYdPT7bbk9\n" + " AO3hlNMhNdUhoQv7M5HsnqZ6unvSHOKmReNaS9egAGdRN0/GPDWr9wroyJ65ZNQsHl9nXBqE\n" + " AukZNr5oJO5vxrYiAuuTSd6UI/xFkjtkzltG3mw5ao2bBpk/V/YuePrJsnPFHG7NhizrxttB\n" + " nTuOSCMo45pfHQ+XYd5K1+Cv/NzZFNWscm5htJ0HznY+oOsZvHTyGz3v91pn51dkRYN0otqr\n" + " bQ4tlFFuVjArBZcapSIe6NV8C4cEiSTOwE0EVEJx7gEIAMeHcVzuv2bp9HlWDp6+RkZe+vtl\n" + " KwAHplb/WH59j2wyG8V6i33+6MlSSJMOFnYUCCL77bucx9uImI5nX24PIlqT+zasVEEVGSRF\n" + " m8dgkcJDB7Tps0IkNrUi4yof3B3shR+vMY3i3Ip0e41zKx0CvlAhMOo6otaHmcxr35sWq1Jk\n" + " tLkbn3wG+fPQCVudJJECvVQ//UAthSSEklA50QtD2sBkmQ14ZryEyTHQ+E42K3j2IUmOLriF\n" + " dNr9NvE1QGmGyIcbw2NIVEBOK/GWxkS5+dmxM2iD4Jdaf2nSn3jlHjEXoPwpMs0KZsgdU0pP\n" + " JQzMUMwmB1wM8JxovFlPYrhNT9MAEQEAAcLBMwQYAQIACQUCVEJx7gIbDAAKCRB+FRAMzTZp\n" + " sadRDqCctLmYICZu4GSnie4lKXl+HqlLanpVMOoFNnWs9oRP47MbE2wv8OaYh5pNR9VVgyhD\n" + " OG0AU7oidG36OeUlrFDTfnPYYSF/mPCxHttosyt8O5kabxnIPv2URuAxDByz+iVbL+RjKaGM\n" + " GDph56ZTswlx75nZVtIukqzLAQ5fa8OALSGum0cFi4ptZUOhDNz1onz61klD6z3MODi0sBZN\n" + " Aj6guB2L/+2ZwElZEeRBERRd/uommlYuToAXfNRdUwrwl9gRMiA0WSyTb190zneRRDfpSK5d\n" + " usXnM/O+kr3Dm+Ui+UioPf6wgbn3T0o6I5BhVhs4h4hWmIW7iNhPjX1iybXfmb1gAFfjtHfL\n" + " xRUr64svXpyfJMScIQtBAm0ihWPltXkyITA92ngCmPdHa6M1hMh4RDX+Jf1fiWubzp1voAg0\n" + " JBrdmNZSQDz0iKmSrx8xkoXYfA3bgtFN8WJH2xgFL28XnqY4M6dLhJwV3z08tPSRqYFm4NMP\n" + " dRsn0/7oymhneL8RthIvjDDQ5ktUjMe8LtHr70OZE/TT88qvEdhiIVUogHdo4qBrk41+gGQh\n" + " b906Dudw5YhTJFU3nC6bbF2nrLlB4C/XSiH76ZvqzV0Z/cAMBo5NF/w=\n" + "In-Reply-To: <20240329225835.400662-24-michael.roth@amd.com>\n" + "Content-Type: text/plain; charset=UTF-8; format=flowed\n" + "Content-Transfer-Encoding: 7bit\n" + "Return-Path: linux-kernel+bounces-125895-steffen.klassert=secunet.com@vger.kernel.org\n" + "X-MS-Exchange-Organization-OriginalArrivalTime: 30 Mar 2024 21:35:58.5206\n" + " (UTC)\n" + "X-MS-Exchange-Organization-Network-Message-Id: 240c94ed-22c0-47b6-7326-08dc51016375\n" + "X-MS-Exchange-Organization-OriginalClientIPAddress: 62.96.220.36\n" + "X-MS-Exchange-Organization-OriginalServerIPAddress: 10.53.40.202\n" + "X-MS-Exchange-Organization-Cross-Premises-Headers-Processed: cas-essen-02.secunet.de\n" + "X-MS-Exchange-Organization-OrderedPrecisionLatencyInProgress: LSRV=mbx-dresden-01.secunet.de:TOTAL-HUB=0.435|SMR=0.348(SMRDE=0.035|SMRC=0.312(SMRCL=0.101|X-SMRCR=0.313))|CAT=0.086(CATOS=0.011\n" + " (CATSM=0.011(CATSM-Malware\n" + " Agent=0.011))|CATRESL=0.040(CATRESLP2R=0.021)|CATORES=0.032\n" + " (CATRS=0.032(CATRS-Index Routing Agent=0.031)));2024-03-30T21:35:59.004Z\n" + "X-MS-Exchange-Forest-ArrivalHubServer: mbx-dresden-01.secunet.de\n" + "X-MS-Exchange-Organization-AuthSource: cas-essen-02.secunet.de\n" + "X-MS-Exchange-Organization-AuthAs: Anonymous\n" + "X-MS-Exchange-Organization-FromEntityHeader: Internet\n" + "X-MS-Exchange-Organization-OriginalSize: 16255\n" + "X-MS-Exchange-Organization-HygienePolicy: Standard\n" + "X-MS-Exchange-Organization-MessageLatency: SRV=cas-essen-02.secunet.de:TOTAL-FE=0.049|SMR=0.008(SMRPI=0.005(SMRPI-FrontendProxyAgent=0.005))|SMS=0.041\n" + "X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0\n" + "X-MS-Exchange-Organization-Recipient-Limit-Verified: True\n" + "X-MS-Exchange-Organization-TotalRecipientCount: 1\n" + "X-MS-Exchange-Organization-Rules-Execution-History: 0b0cf904-14ac-4724-8bdf-482ee6223cf2%%%fd34672d-751c-45ae-a963-ed177fcabe23%%%d8080257-b0c3-47b4-b0db-23bc0c8ddb3c%%%95e591a2-5d7d-4afa-b1d0-7573d6c0a5d9%%%f7d0f6bc-4dcc-4876-8c5d-b3d6ddbb3d55%%%16355082-c50b-4214-9c7d-d39575f9f79b\n" + "X-MS-Exchange-Forest-RulesExecuted: mbx-dresden-01\n" + "X-MS-Exchange-Organization-RulesExecuted: mbx-dresden-01\n" + "X-MS-Exchange-Forest-IndexAgent-0: AQ0CZW4AAScJAAAPAAADH4sIAAAAAAAEAM1XbXPbxhE+kiJFUqTd2I\n" + " 7ddCYzG2ec6oWiKJGiZMlO7SRy6nEkcyTFHzqdwRyBg4gaBDgASEtx\n" + " /bW/u7t7AAlS706nLUwDh73bvWeffTnoX4/fetBc23i6ttGCjebO5n\n" + " YN9h2zJ5ULh37Ugw+BH6mdavl7eO1B1FNgylCBb8PR3rvVo4NODT70\n" + " FMoD8APw/AgkbOz/AAN5Qks96Croy8FAWTByJEgyRPMkc7wTcLTRk6\n" + " EKoz+H4OEDl7J2JLuuAksNlGeF4HszG5El6Z1BOOzS8hA+OFEvNhdI\n" + " Dw305EiBdAMlrTPEoTzczYkc6Tq/4R4yhEHgjGSkyFKseLjf0fvW4R\n" + " hf1akTRgSz75wqa1VGUeB0hxFiC6T5Psb/5t0+OKE2Eg5t2zEd5UWA\n" + " SFUNbASL4kh6JrNIy/BahZO+6iM41zcRQTjmbDJPjKDdEJ/Qeffyl9\n" + " c/vTzeIxouWeqinQBM3xupIAoxDDExEPkQ9mSgrLEChg16PuqYvqXG\n" + " exztvzz6K68euE7E2xAdSaRwovVmbIKc3t//Va8N4aBzfMnCC8FFPR\n" + " nFoHSsu0gnKU4iQgZeRrjSwTj5jkdDZBRQB6OvAwLjgIQ1zAWLUX3w\n" + " h66FS4I+snvGWYIsf+BIkE8pqMjSiXS8GqAJvRP+pBkNSVMnM6lq5r\n" + " rKlENM/ak0SVlCXK03jALTnnQx8weB3/cpoX1OLzLTOxuoYOSEiCZ0\n" + " LMyQ0GeTU7D6Q+QMM891yYrr9B0ywsTincz0ZWT2GHM9Jut1f+CqPm\n" + " WehPejvnG63Tb8QVinRDNGmPQWEmvYcuhGi0sYfv89U4JlrMNh9pT5\n" + " ntOYxMwGxsvCgkHw5Ja0/oGwQkabxNpVI2wU0jT9wMJ39yxBc+SceF\n" + " gxvm2vds92plvKs75+q2Nr6b2Qfatu+n3UqpYP1chRyDfrdKTv+vCD\n" + " 7/2GZQvPBl09eoFJg3jHOt/D6uqqTjcZmL019HsN/V8L6b8a1U34Jz\n" + " Q3YOWa6zILoz5bgHW4akmPlmzBlK0m2I6LhYW+YjeyatBqUCvAAkBG\n" + " w8WVpZgqy7Ft9OEEa06uXeJC95IJ3XUsdQrbW1Z7Y91qrDdlq15vrt\n" + " ttu7W13d5sNGG90Wi3WjFTl+5B84j9yq1evIDVVqvVrDVhRT83STby\n" + " HQtwkcG55nhJti1SHg5sz6BklkFUg4kAm/pS3CRSF87BynPAOjM2+s\n" + " ZwQFbgL9A5PjwyOnuHRmf/J9iB9d2J5ic95AcTv7K2zA9YhkO1ylk9\n" + " PjnwPPr2oPOKM1wmzWaNW/H4wBqXXUh1alLgMPsTk7oIMP9Pnf6wP1\n" + " MHjo0HmLKUVY+Xr/GTmteYnZlKDKNgaEbECyzjLc0Q3mtwwsMTGnZ9\n" + " H7cIjRh2Te9x2TXchmVEaTAyZnrl40SDIPFMDQJzdyLnPWQYcvXuTj\n" + " jVSjYsfkOOhN7A4L5OAV5aOg8kUNEw8KAxayEw4TmQtovtZzgwgj4e\n" + " 7lFwtsi+fpdsjEMNe3d688Bcgo/ndxsEhgoCI0BS4la5+Bjb2g63ab\n" + " bPvdz2h561Az+/OoAnrnsKnWSgg/fEArSCifHE+rv3+Bp244vjwtjH\n" + " ZKYxz9Cxunfwdu/gOLXg00UMJyx8rq/YuPnois1c5fHnOnqlk68P8G\n" + " vlGic1gGfnUnTK4mQSs4af5/JpKs8+3aCbcju/qMXRxKSbdlub7aeN\n" + " tr3R3mrU6xtPt7stU21tyU37Bt00MXVZN03mqZtuNrbXa21Y4ecWib\n" + " BTRo4Jk8aQnOQQpsaGQd+y2EgkcvNx8mGJlz7xB4Ea0DfJ80nriUW1\n" + " 2aWThp1ePZGmUuSir4m00vRMvNOn3TE+3Zuvj1HvMuJ6kxg1bTzkrK\n" + " bVlJaq17dabXt7/alsW6p1sxj1rolRL4nRVnODQkSP7anjbmQOhsbQ\n" + " 6+JHPP0xkGrmPAXLdF+KD6uxFvU/Ch7GA78NTSxh3UwNiry62sjUUR\n" + " LH8zZnCOlTVeHnmgrOIbvl8b37/3K6xX58q9ww/qsoLiLHcx1PJbXE\n" + " R/wy0R9KWxn8x5dBwks41/13qruldH5+1THe7B0e7P1ivPzxx7e/Hh\n" + " zjN6BhkPhve4dvNShOn80mp8/mZm19PVXhMbjfH9JzKBu7qY+iWTI+\n" + " N9rwUTfyK9B/dvRvdAbF12yiXPOlc/6ISJIF/7ax+ZX+CZEVuUxGzO\n" + " ufyOJrNpPLC5EX8/OiOCfyeVFGYU7M4ZgGtGwuJ/I4q+UZkdWzeEdJ\n" + " QcyzkF7Ha3CAcrZW0MJkihYXRUlr4ewcW8b7gqjwsgVtgWfjxfmMuC\n" + " sKJVHGsZ7NikJFVOdEgRd8ieo4y6iqaBONlyZekAR/qIvINYyCuKtd\n" + " wB8uxh8K82xt7EVWLOhXDXUsHFvTutoII7+Dd+2yNqVtlkUlcQe1Ku\n" + " NdYtfYuLaAr7zRAu6VUilpUxqJXqaZLIsFZGBMl4aUZ0mCFn8FJrmC\n" + " hFDgMmIh2R1jdl/kGUNRR1MjKcRMxpRqMHhHOwvifiEjqow5y0IEgI\n" + " n0YGKhWKQtEOEch75UpF10uO+Pd9G/TAaNYEIunZNjwEWG3blAnrnL\n" + " s1mynymxhVxZPJiL8zA7qyWyFwmJqIq4U8lUC0IUxJ2L1pQuEGaKVC\n" + " yZAiPJ6jFjoEzOkbNEHYYGx6UEAEU59ZoTD3MsqcYVVEJpRW+kLYtF\n" + " BF3k/OFQTnzRxaJR6VgXKUwLBa5fHSa2+YCtiUeMh6Nc4Cjkc4wzBY\n" + " Ze88mYUjEjypRC32XZQok2eqjrMUtFh9b+mGWtapKlOfGokJln5F9k\n" + " Ex5wO85ezGGsGpSjs4/Q+D3O2AVRzSVeJMWuqdbCec0bh29Rw2YADw\n" + " vUW77JEoyvL7SmK4JpmTWYMvVVYgenSombXyUDpPHLxKPK/zC1GEDc\n" + " o9LFmxojvX/S+TOPLmfEHzji81hu1DYxFauptHyYrvrp9Pj6v+bmnM\n" + " CHruXsZKyzOlVB2uUivVIH07OPkzaF3Ul32pllmpyEhOJNcj43yfPq\n" + " baq4/B8tsTtzoqwDzcdKYQxDn5LTbn6Br3kyErede1xu85lyWZ/Ome\n" + " p5knWbinPp9ixlRSWpiLsJyJtzVUnve0vGGinGSummlOC5l/83zkEU\n" + " IeEZAAABCtQCPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idX\n" + " RmLTE2Ij8+DQo8RW1haWxTZXQ+DQogIDxWZXJzaW9uPjE1LjAuMC4w\n" + " PC9WZXJzaW9uPg0KICA8RW1haWxzPg0KICAgIDxFbWFpbCBTdGFydE\n" + " luZGV4PSIxMTM5Ij4NCiAgICAgIDxFbWFpbFN0cmluZz5taWNoYWVs\n" + " LnJvdGhAYW1kLmNvbTwvRW1haWxTdHJpbmc+DQogICAgPC9FbWFpbD\n" + " 4NCiAgICA8RW1haWwgU3RhcnRJbmRleD0iMTE5MiIgUG9zaXRpb249\n" + " IlNpZ25hdHVyZSI+DQogICAgICA8RW1haWxTdHJpbmc+cGJvbnppbm\n" + " lAcmVkaGF0LmNvbTwvRW1haWxTdHJpbmc+DQogICAgPC9FbWFpbD4N\n" + " CiAgPC9FbWFpbHM+DQo8L0VtYWlsU2V0PgEMpwc8P3htbCB2ZXJzaW\n" + " 9uPSIxLjAiIGVuY29kaW5nPSJ1dGYtMTYiPz4NCjxDb250YWN0U2V0\n" + " Pg0KICA8VmVyc2lvbj4xNS4wLjAuMDwvVmVyc2lvbj4NCiAgPENvbn\n" + " RhY3RzPg0KICAgIDxDb250YWN0IFN0YXJ0SW5kZXg9IjExMjUiPg0K\n" + " ICAgICAgPFBlcnNvbiBTdGFydEluZGV4PSIxMTI1Ij4NCiAgICAgIC\n" + " AgPFBlcnNvblN0cmluZz5NaWNoYWVsIFJvdGg8L1BlcnNvblN0cmlu\n" + " Zz4NCiAgICAgIDwvUGVyc29uPg0KICAgICAgPEVtYWlscz4NCiAgIC\n" + " AgICAgPEVtYWlsIFN0YXJ0SW5kZXg9IjExMzkiPg0KICAgICAgICAg\n" + " IDxFbWFpbFN0cmluZz5taWNoYWVsLnJvdGhAYW1kLmNvbTwvRW1haW\n" + " xTdHJpbmc+DQogICAgICAgIDwvRW1haWw+DQogICAgICA8L0VtYWls\n" + " cz4NCiAgICAgIDxDb250YWN0U3RyaW5nPk1pY2hhZWwgUm90aCAmbH\n" + " Q7bWljaGFlbC5yb3RoQGFtZC5jb208L0NvbnRhY3RTdHJpbmc+DQog\n" + " ICAgPC9Db250YWN0Pg0KICAgIDxDb250YWN0IFN0YXJ0SW5kZXg9Ij\n" + " ExNzciIFBvc2l0aW9uPSJTaWduYXR1cmUiPg0KICAgICAgPFBlcnNv\n" + " biBTdGFydEluZGV4PSIxMTc3IiBQb3NpdGlvbj0iU2lnbmF0dXJlIj\n" + " 4NCiAgICAgICAgPFBlcnNvblN0cmluZz5QYW9sbyBCb256aW5pPC9Q\n" + " ZXJzb25TdHJpbmc+DQogICAgICA8L1BlcnNvbj4NCiAgICAgIDxFbW\n" + " FpbHM+DQogICAgICAgIDxFbWFpbCBTdGFydEluZGV4PSIxMTkyIiBQ\n" + " b3NpdGlvbj0iU2lnbmF0dXJlIj4NCiAgICAgICAgICA8RW1haWxTdH\n" + " Jpbmc+cGJvbnppbmlAcmVkaGF0LmNvbTwvRW1haWxTdHJpbmc+DQog\n" + " ICAgICAgIDwvRW1haWw+DQogICAgICA8L0VtYWlscz4NCiAgICAgID\n" + " xDb250YWN0U3RyaW5nPlBhb2xvIEJvbnppbmkgJmx0O3Bib256aW5p\n" + " QHJlZGhhdC5jb208L0NvbnRhY3RTdHJpbmc+DQogICAgPC9Db250YW\n" + " N0Pg0KICA8L0NvbnRhY3RzPg0KPC9Db250YWN0U2V0PgEOzwFSZXRy\n" + " aWV2ZXJPcGVyYXRvciwxMCwwO1JldHJpZXZlck9wZXJhdG9yLDExLD\n" + " E7UG9zdERvY1BhcnNlck9wZXJhdG9yLDEwLDA7UG9zdERvY1BhcnNl\n" + " ck9wZXJhdG9yLDExLDA7UG9zdFdvcmRCcmVha2VyRGlhZ25vc3RpY0\n" + " 9wZXJhdG9yLDEwLDE7UG9zdFdvcmRCcmVha2VyRGlhZ25vc3RpY09w\n" + " ZXJhdG9yLDExLDA7VHJhbnNwb3J0V3JpdGVyUHJvZHVjZXIsMjAsMj A=\n" + "X-MS-Exchange-Forest-IndexAgent: 1 3848\n" + "X-MS-Exchange-Forest-EmailMessageHash: DDBAC2FC\n" + "X-MS-Exchange-Forest-Language: en\n" + "X-MS-Exchange-Organization-Processed-By-Journaling: Journal Agent\n" + "\n" + "On 3/29/24 23:58, Michael Roth wrote:\n" + "> In the case of SEV-SNP, whether or not a 2MB page can be mapped via a\n" + "> 2MB mapping in the guest's nested page table depends on whether or not\n" + "> any subpages within the range have already been initialized as private\n" + "> in the RMP table. The existing mixed-attribute tracking in KVM is\n" + "> insufficient here, for instance:\n" + "> \n" + "> - gmem allocates 2MB page\n" + "> - guest issues PVALIDATE on 2MB page\n" + "> - guest later converts a subpage to shared\n" + "> - SNP host code issues PSMASH to split 2MB RMP mapping to 4K\n" + "> - KVM MMU splits NPT mapping to 4K\n" + "> - guest later converts that shared page back to private\n" + "> \n" + "> At this point there are no mixed attributes, and KVM would normally\n" + "> allow for 2MB NPT mappings again, but this is actually not allowed\n" + "> because the RMP table mappings are 4K and cannot be promoted on the\n" + "> hypervisor side, so the NPT mappings must still be limited to 4K to\n" + "> match this.\n" + "> \n" + "> Implement a kvm_x86_ops.gmem_validate_fault() hook for SEV that checks\n" + "> for this condition and adjusts the mapping level accordingly.\n" + "> \n" + "> Signed-off-by: Michael Roth <michael.roth@amd.com>\n" + "\n" + "Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>\n" + "\n" + "> ---\n" + "> arch/x86/kvm/svm/sev.c | 32 ++++++++++++++++++++++++++++++++\n" + "> arch/x86/kvm/svm/svm.c | 1 +\n" + "> arch/x86/kvm/svm/svm.h | 7 +++++++\n" + "> 3 files changed, 40 insertions(+)\n" + "> \n" + "> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c\n" + "> index 87d621d013a4..31f6f4786503 100644\n" + "> --- a/arch/x86/kvm/svm/sev.c\n" + "> +++ b/arch/x86/kvm/svm/sev.c\n" + "> @@ -4443,3 +4443,35 @@ void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end)\n" + "> \t\tpfn += use_2m_update ? PTRS_PER_PMD : 1;\n" + "> \t}\n" + "> }\n" + "> +\n" + "> +/*\n" + "> + * Re-check whether an #NPF for a private/gmem page can still be serviced, and\n" + "> + * adjust maximum mapping level if needed.\n" + "> + */\n" + "> +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private,\n" + "> +\t\t\t u8 *max_level)\n" + "> +{\n" + "> +\tint level, rc;\n" + "> +\tbool assigned;\n" + "> +\n" + "> +\tif (!sev_snp_guest(kvm))\n" + "> +\t\treturn 0;\n" + "> +\n" + "> +\trc = snp_lookup_rmpentry(pfn, &assigned, &level);\n" + "> +\tif (rc) {\n" + "> +\t\tpr_err_ratelimited(\"SEV: RMP entry not found: GFN %llx PFN %llx level %d error %d\\n\",\n" + "> +\t\t\t\t gfn, pfn, level, rc);\n" + "> +\t\treturn -ENOENT;\n" + "> +\t}\n" + "> +\n" + "> +\tif (!assigned) {\n" + "> +\t\tpr_err_ratelimited(\"SEV: RMP entry is not assigned: GFN %llx PFN %llx level %d\\n\",\n" + "> +\t\t\t\t gfn, pfn, level);\n" + "> +\t\treturn -EINVAL;\n" + "> +\t}\n" + "> +\n" + "> +\tif (level < *max_level)\n" + "> +\t\t*max_level = level;\n" + "> +\n" + "> +\treturn 0;\n" + "> +}\n" + "> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c\n" + "> index b456906f2670..298b4ce77a5f 100644\n" + "> --- a/arch/x86/kvm/svm/svm.c\n" + "> +++ b/arch/x86/kvm/svm/svm.c\n" + "> @@ -5081,6 +5081,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = {\n" + "> \n" + "> \t.gmem_prepare = sev_gmem_prepare,\n" + "> \t.gmem_invalidate = sev_gmem_invalidate,\n" + "> +\t.gmem_validate_fault = sev_gmem_validate_fault,\n" + "> };\n" + "> \n" + "> /*\n" + "> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h\n" + "> index 3f1f6d3d3ade..746f819a6de4 100644\n" + "> --- a/arch/x86/kvm/svm/svm.h\n" + "> +++ b/arch/x86/kvm/svm/svm.h\n" + "> @@ -732,6 +732,8 @@ void sev_vcpu_unblocking(struct kvm_vcpu *vcpu);\n" + "> void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu);\n" + "> int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order);\n" + "> void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end);\n" + "> +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private,\n" + "> +\t\t\t u8 *max_level);\n" + "> #else\n" + "> static inline struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) {\n" + "> \treturn alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO);\n" + "> @@ -753,6 +755,11 @@ static inline int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, in\n" + "> \treturn 0;\n" + "> }\n" + "> static inline void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) {}\n" + "> +static inline int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn,\n" + "> +\t\t\t\t\t bool is_private, u8 *max_level)\n" + "> +{\n" + "> +\treturn 0;\n" + "> +}\n" + "> \n" + "> #endif\n" > -b500f0e3d832a3b58dd1c663d1514045e70607d04cbe9b4d70e46a9cb261dc56 +c3b2821387508a7f01b4db3da7c402111b5714f7b322f2a1dc53d8c5ae0c3072
diff --git a/a/1.txt b/N2/1.txt index 906b7a4..679534b 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -25,6 +25,311 @@ On 3/29/24 23:58, Michael Roth wrote: Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> +> --- +> arch/x86/kvm/svm/sev.c | 32 ++++++++++++++++++++++++++++++++ +> arch/x86/kvm/svm/svm.c | 1 + +> arch/x86/kvm/svm/svm.h | 7 +++++++ +> 3 files changed, 40 insertions(+) +> +> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c +> index 87d621d013a4..31f6f4786503 100644 +> --- a/arch/x86/kvm/svm/sev.c +> +++ b/arch/x86/kvm/svm/sev.c +> @@ -4443,3 +4443,35 @@ void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) +> pfn += use_2m_update ? PTRS_PER_PMD : 1; +> } +> } +> + +> +/* +> + * Re-check whether an #NPF for a private/gmem page can still be serviced, and +> + * adjust maximum mapping level if needed. +> + */ +> +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private, +> + u8 *max_level) +> +{ +> + int level, rc; +> + bool assigned; +> + +> + if (!sev_snp_guest(kvm)) +> + return 0; +> + +> + rc = snp_lookup_rmpentry(pfn, &assigned, &level); +> + if (rc) { +> + pr_err_ratelimited("SEV: RMP entry not found: GFN %llx PFN %llx level %d error %d\n", +> + gfn, pfn, level, rc); +> + return -ENOENT; +> + } +> + +> + if (!assigned) { +> + pr_err_ratelimited("SEV: RMP entry is not assigned: GFN %llx PFN %llx level %d\n", +> + gfn, pfn, level); +> + return -EINVAL; +> + } +> + +> + if (level < *max_level) +> + *max_level = level; +> + +> + return 0; +> +} +> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c +> index b456906f2670..298b4ce77a5f 100644 +> --- a/arch/x86/kvm/svm/svm.c +> +++ b/arch/x86/kvm/svm/svm.c +> @@ -5081,6 +5081,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { +> +> .gmem_prepare = sev_gmem_prepare, +> .gmem_invalidate = sev_gmem_invalidate, +> + .gmem_validate_fault = sev_gmem_validate_fault, +> }; +> +> /* +> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h +> index 3f1f6d3d3ade..746f819a6de4 100644 +> --- a/arch/x86/kvm/svm/svm.h +> +++ b/arch/x86/kvm/svm/svm.h +> @@ -732,6 +732,8 @@ void sev_vcpu_unblocking(struct kvm_vcpu *vcpu); +> void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); +> int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); +> void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end); +> +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private, +> + u8 *max_level); +> #else +> static inline struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) { +> return alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); +> @@ -753,6 +755,11 @@ static inline int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, in +> return 0; +> } +> static inline void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) {} +> +static inline int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, +> + bool is_private, u8 *max_level) +> +{ +> + return 0; +> +} +> +> #endif +> + + +X-sender: <linux-kernel+bounces-125895-steffen.klassert=secunet.com@vger.kernel.org> +X-Receiver: <steffen.klassert@secunet.com> ORCPT=rfc822;steffen.klassert@secunet.com +X-CreatedBy: MSExchange15 +X-HeloDomain: mbx-dresden-01.secunet.de +X-ExtendedProps: BQBjAAoAvmQFfe5Q3AgFADcAAgAADwA8AAAATWljcm9zb2Z0LkV4Y2hhbmdlLlRyYW5zcG9ydC5NYWlsUmVjaXBpZW50Lk9yZ2FuaXphdGlvblNjb3BlEQAAAAAAAAAAAAAAAAAAAAAADwA/AAAATWljcm9zb2Z0LkV4Y2hhbmdlLlRyYW5zcG9ydC5EaXJlY3RvcnlEYXRhLk1haWxEZWxpdmVyeVByaW9yaXR5DwADAAAATG93 +X-Source: SMTP:Default MBX-ESSEN-02 +X-SourceIPAddress: 10.53.40.199 +X-EndOfInjectedXHeaders: 16802 +Received: from mbx-dresden-01.secunet.de (10.53.40.199) by + mbx-essen-02.secunet.de (10.53.40.198) with Microsoft SMTP Server + (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id + 15.1.2507.37; Sat, 30 Mar 2024 22:35:58 +0100 +Received: from a.mx.secunet.com (62.96.220.36) by cas-essen-02.secunet.de + (10.53.40.202) with Microsoft SMTP Server (version=TLS1_2, + cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.37 via Frontend + Transport; Sat, 30 Mar 2024 22:35:58 +0100 +Received: from localhost (localhost [127.0.0.1]) + by a.mx.secunet.com (Postfix) with ESMTP id 8EC8920883 + for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 22:35:58 +0100 (CET) +X-Virus-Scanned: by secunet +X-Spam-Flag: NO +X-Spam-Score: -2.851 +X-Spam-Level: +X-Spam-Status: No, score=-2.851 tagged_above=-999 required=2.1 + tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.1, DKIM_SIGNED=0.1, + DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, + HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, + RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] + autolearn=ham autolearn_force=no +Authentication-Results: a.mx.secunet.com (amavisd-new); + dkim=pass (1024-bit key) header.d=redhat.com +Received: from a.mx.secunet.com ([127.0.0.1]) + by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id WvBMAZHTwSqc for <steffen.klassert@secunet.com>; + Sat, 30 Mar 2024 22:35:57 +0100 (CET) +Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=147.75.199.223; helo=ny.mirrors.kernel.org; envelope-from=linux-kernel+bounces-125895-steffen.klassert=secunet.com@vger.kernel.org; receiver=steffen.klassert@secunet.com +DKIM-Filter: OpenDKIM Filter v2.11.0 a.mx.secunet.com 135CB2076B +Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org [147.75.199.223]) + (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) + (No client certificate requested) + by a.mx.secunet.com (Postfix) with ESMTPS id 135CB2076B + for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 22:35:51 +0100 (CET) +Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) + (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) + (No client certificate requested) + by ny.mirrors.kernel.org (Postfix) with ESMTPS id EDEB11C21721 + for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 21:35:50 +0000 (UTC) +Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) + by smtp.subspace.kernel.org (Postfix) with ESMTP id 89EA04F5FD; + Sat, 30 Mar 2024 21:35:33 +0000 (UTC) +Authentication-Results: smtp.subspace.kernel.org; + dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="PwZ9MZ1i" +Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) + (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) + (No client certificate requested) + by smtp.subspace.kernel.org (Postfix) with ESMTPS id A388345948 + for <linux-kernel@vger.kernel.org>; Sat, 30 Mar 2024 21:35:28 +0000 (UTC) +Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 +ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; + t=1711834530; cv=none; b=fO/lEHbAvPLPvD4Czk3OqRCafqKiRL8iA0CO8q3eZQUN1kteZWed50dTZAyxTZuCdaX9qS/XnXuBeW5qVjX9QR8/wTnWHHzz2AMuaZjzC3tb1Dr6TyQ2SmNypR8s7rZVDdK6ARJUpxAZud/DR7rrr/s5fFn/Kmo2G7UC5c5imR4= +ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; + s=arc-20240116; t=1711834530; c=relaxed/simple; + bh=g0toAGCQtFi0G3GbWa0Q4HZPWv8jGtxInPF/JxlP71A=; + h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: + In-Reply-To:Content-Type; b=VDk1AdWfivfUlDYWWV0aeHeinK3zHP6Dwj3CQ2qewUTiR3JkY389d6bV/9E9OKg2J0ACGBw1DWYUPuF6lGvUnq274kQdBU+HYQaf3VVKagAkxwJnR9csNwkpG3T1KCpCWClj7sLvSTcqgcR3yTTn3MVnPc35I5YZ5/XMmBDm6Vc= +ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=PwZ9MZ1i; arc=none smtp.client-ip=170.10.133.124 +Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com +Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; + s=mimecast20190719; t=1711834527; + h=from:from:reply-to:subject:subject:date:date:message-id:message-id: + to:to:cc:cc:mime-version:mime-version:content-type:content-type: + content-transfer-encoding:content-transfer-encoding: + in-reply-to:in-reply-to:references:references:autocrypt:autocrypt; + bh=EwmuW/k3ZL7znVA8wS56lDlLW9BhS4TEVksrt7Me+Z8=; + b=PwZ9MZ1iyCAVzBUash6/9hnMVBP48I4GsfrdulDjf7X0dySw+dhCyQuoNF9cRn97oZnC0V + cTOQYa0rlarrHCAeQS/Hszk96ip36xl7O644Vw+ylUW0h4uRIhxuKMLJ1NrVHXnq/yslBs + rhet5l0+ntjKgvhS1bHVq1nOKnn3br4= +Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com + [209.85.208.72]) by relay.mimecast.com with ESMTP with STARTTLS + (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id + us-mta-112-tSJu9a0cMgmQB3On25fBYg-1; Sat, 30 Mar 2024 17:35:23 -0400 +X-MC-Unique: tSJu9a0cMgmQB3On25fBYg-1 +Received: by mail-ed1-f72.google.com with SMTP id 4fb4d7f45d1cf-5689f41cf4dso2408093a12.3 + for <linux-kernel@vger.kernel.org>; Sat, 30 Mar 2024 14:35:23 -0700 (PDT) +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=1e100.net; s=20230601; t=1711834522; x=1712439322; + h=content-transfer-encoding:in-reply-to:autocrypt:content-language + :from:references:cc:to:subject:user-agent:mime-version:date + :message-id:x-gm-message-state:from:to:cc:subject:date:message-id + :reply-to; + bh=EwmuW/k3ZL7znVA8wS56lDlLW9BhS4TEVksrt7Me+Z8=; + b=jTT2FBgSYMoeJE5ccOi5DsUyE0juZB4gBpRsaeSs9kH9ALQmj2ilHm8toqrL4cyyRv + Ofppy6SnyGFp2zfcHgVCc/EKCvuOaQZK6JLnQl8X2ElNIadsNZPGYktkgwtSlkzXYkvz + CLb+Mcn2pOShlO2CvLTXusmuKk3Y/Zt5FdLpngbspaovc+VJ1pXRCKMkKMylEO5vmetk + Hny51o7yTwHFWOegSUEFqtPM2imlks1J7mBZ0WuWiM7shRLBCiY9cNmWZLphMb+nEs9a + ipG4IOi+Wmp8zeHIcqDBWl6+wdAwUQO1tV70NDjBvGynKbt8FATmGTDxCv+bQ1fv2rIQ + GuZQ== +X-Forwarded-Encrypted: i=1; AJvYcCX4Pp+/19Mb2juuK84MNGHHMO5BHtlVbuQw6u4ZjA70d901hLiKrIUob09YFXAiG9zaWUumWi5S5A3ycfm7kpmU1INlD4mcb72VKS3k +X-Gm-Message-State: AOJu0YzQvpxLO0QoT38CtX9+7v5jgy51U7OMzC5vh+PxRqnKlxdZhHH8 + 6ZlZLqCDd5Th1F5x22MqKJ+q7SSedAzc4vh61ECYbvvQsECUlrHUi24/Y+QP5l0Lt05efWXFOnw + NWMVbeMVoNNqFiKg+nNGL//njdocX9xu1QzBM7wXulm42lMtfWzkkBnz5rJgmgA== +X-Received: by 2002:a50:bb44:0:b0:567:23a2:5b1e with SMTP id y62-20020a50bb44000000b0056723a25b1emr4176662ede.23.1711834522688; + Sat, 30 Mar 2024 14:35:22 -0700 (PDT) +X-Google-Smtp-Source: AGHT+IH4Y1Y1ai02PAHKv5gHHk8E9vouw7+IeXJOAyuQtq3+b2c4PJy15b2ZKcJKFYMqFhtFpYJu6A== +X-Received: by 2002:a50:bb44:0:b0:567:23a2:5b1e with SMTP id y62-20020a50bb44000000b0056723a25b1emr4176630ede.23.1711834522369; + Sat, 30 Mar 2024 14:35:22 -0700 (PDT) +Received: from [192.168.10.4] ([151.95.49.219]) + by smtp.googlemail.com with ESMTPSA id cy14-20020a0564021c8e00b0056bf31fa2a3sm3688481edb.80.2024.03.30.14.35.18 + (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); + Sat, 30 Mar 2024 14:35:21 -0700 (PDT) +Message-ID: <4e89479a-e170-403a-b2eb-ce7b895e55a3@redhat.com> +Date: Sat, 30 Mar 2024 22:35:17 +0100 +Precedence: bulk +X-Mailing-List: linux-kernel@vger.kernel.org +List-Id: <linux-kernel.vger.kernel.org> +List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org> +List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org> +MIME-Version: 1.0 +User-Agent: Mozilla Thunderbird +Subject: Re: [PATCH v12 23/29] KVM: x86: Implement gmem hook for determining + max NPT mapping level +To: Michael Roth <michael.roth@amd.com>, kvm@vger.kernel.org +Cc: linux-coco@lists.linux.dev, linux-mm@kvack.org, + linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, + tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de, + thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, seanjc@google.com, + vkuznets@redhat.com, jmattson@google.com, luto@kernel.org, + dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com, + peterz@infradead.org, srinivas.pandruvada@linux.intel.com, + rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de, + vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com, + tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, + alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com, + nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com +References: <20240329225835.400662-1-michael.roth@amd.com> + <20240329225835.400662-24-michael.roth@amd.com> +From: Paolo Bonzini <pbonzini@redhat.com> +Content-Language: en-US +Autocrypt: addr=pbonzini@redhat.com; keydata= + xsEhBFRCcBIBDqDGsz4K0zZun3jh+U6Z9wNGLKQ0kSFyjN38gMqU1SfP+TUNQepFHb/Gc0E2 + CxXPkIBTvYY+ZPkoTh5xF9oS1jqI8iRLzouzF8yXs3QjQIZ2SfuCxSVwlV65jotcjD2FTN04 + hVopm9llFijNZpVIOGUTqzM4U55sdsCcZUluWM6x4HSOdw5F5Utxfp1wOjD/v92Lrax0hjiX + DResHSt48q+8FrZzY+AUbkUS+Jm34qjswdrgsC5uxeVcLkBgWLmov2kMaMROT0YmFY6A3m1S + P/kXmHDXxhe23gKb3dgwxUTpENDBGcfEzrzilWueOeUWiOcWuFOed/C3SyijBx3Av/lbCsHU + Vx6pMycNTdzU1BuAroB+Y3mNEuW56Yd44jlInzG2UOwt9XjjdKkJZ1g0P9dwptwLEgTEd3Fo + UdhAQyRXGYO8oROiuh+RZ1lXp6AQ4ZjoyH8WLfTLf5g1EKCTc4C1sy1vQSdzIRu3rBIjAvnC + tGZADei1IExLqB3uzXKzZ1BZ+Z8hnt2og9hb7H0y8diYfEk2w3R7wEr+Ehk5NQsT2MPI2QBd + wEv1/Aj1DgUHZAHzG1QN9S8wNWQ6K9DqHZTBnI1hUlkp22zCSHK/6FwUCuYp1zcAEQEAAc0j + UGFvbG8gQm9uemluaSA8cGJvbnppbmlAcmVkaGF0LmNvbT7CwU0EEwECACMFAlRCcBICGwMH + CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRB+FRAMzTZpsbceDp9IIN6BIA0Ol7MoB15E + 11kRz/ewzryFY54tQlMnd4xxfH8MTQ/mm9I482YoSwPMdcWFAKnUX6Yo30tbLiNB8hzaHeRj + jx12K+ptqYbg+cevgOtbLAlL9kNgLLcsGqC2829jBCUTVeMSZDrzS97ole/YEez2qFpPnTV0 + VrRWClWVfYh+JfzpXmgyhbkuwUxNFk421s4Ajp3d8nPPFUGgBG5HOxzkAm7xb1cjAuJ+oi/K + CHfkuN+fLZl/u3E/fw7vvOESApLU5o0icVXeakfSz0LsygEnekDbxPnE5af/9FEkXJD5EoYG + SEahaEtgNrR4qsyxyAGYgZlS70vkSSYJ+iT2rrwEiDlo31MzRo6Ba2FfHBSJ7lcYdPT7bbk9 + AO3hlNMhNdUhoQv7M5HsnqZ6unvSHOKmReNaS9egAGdRN0/GPDWr9wroyJ65ZNQsHl9nXBqE + AukZNr5oJO5vxrYiAuuTSd6UI/xFkjtkzltG3mw5ao2bBpk/V/YuePrJsnPFHG7NhizrxttB + nTuOSCMo45pfHQ+XYd5K1+Cv/NzZFNWscm5htJ0HznY+oOsZvHTyGz3v91pn51dkRYN0otqr + bQ4tlFFuVjArBZcapSIe6NV8C4cEiSTOwE0EVEJx7gEIAMeHcVzuv2bp9HlWDp6+RkZe+vtl + KwAHplb/WH59j2wyG8V6i33+6MlSSJMOFnYUCCL77bucx9uImI5nX24PIlqT+zasVEEVGSRF + m8dgkcJDB7Tps0IkNrUi4yof3B3shR+vMY3i3Ip0e41zKx0CvlAhMOo6otaHmcxr35sWq1Jk + tLkbn3wG+fPQCVudJJECvVQ//UAthSSEklA50QtD2sBkmQ14ZryEyTHQ+E42K3j2IUmOLriF + dNr9NvE1QGmGyIcbw2NIVEBOK/GWxkS5+dmxM2iD4Jdaf2nSn3jlHjEXoPwpMs0KZsgdU0pP + JQzMUMwmB1wM8JxovFlPYrhNT9MAEQEAAcLBMwQYAQIACQUCVEJx7gIbDAAKCRB+FRAMzTZp + sadRDqCctLmYICZu4GSnie4lKXl+HqlLanpVMOoFNnWs9oRP47MbE2wv8OaYh5pNR9VVgyhD + OG0AU7oidG36OeUlrFDTfnPYYSF/mPCxHttosyt8O5kabxnIPv2URuAxDByz+iVbL+RjKaGM + GDph56ZTswlx75nZVtIukqzLAQ5fa8OALSGum0cFi4ptZUOhDNz1onz61klD6z3MODi0sBZN + Aj6guB2L/+2ZwElZEeRBERRd/uommlYuToAXfNRdUwrwl9gRMiA0WSyTb190zneRRDfpSK5d + usXnM/O+kr3Dm+Ui+UioPf6wgbn3T0o6I5BhVhs4h4hWmIW7iNhPjX1iybXfmb1gAFfjtHfL + xRUr64svXpyfJMScIQtBAm0ihWPltXkyITA92ngCmPdHa6M1hMh4RDX+Jf1fiWubzp1voAg0 + JBrdmNZSQDz0iKmSrx8xkoXYfA3bgtFN8WJH2xgFL28XnqY4M6dLhJwV3z08tPSRqYFm4NMP + dRsn0/7oymhneL8RthIvjDDQ5ktUjMe8LtHr70OZE/TT88qvEdhiIVUogHdo4qBrk41+gGQh + b906Dudw5YhTJFU3nC6bbF2nrLlB4C/XSiH76ZvqzV0Z/cAMBo5NF/w= +In-Reply-To: <20240329225835.400662-24-michael.roth@amd.com> +Content-Type: text/plain; charset=UTF-8; format=flowed +Content-Transfer-Encoding: 7bit +Return-Path: linux-kernel+bounces-125895-steffen.klassert=secunet.com@vger.kernel.org +X-MS-Exchange-Organization-OriginalArrivalTime: 30 Mar 2024 21:35:58.5206 + (UTC) +X-MS-Exchange-Organization-Network-Message-Id: 240c94ed-22c0-47b6-7326-08dc51016375 +X-MS-Exchange-Organization-OriginalClientIPAddress: 62.96.220.36 +X-MS-Exchange-Organization-OriginalServerIPAddress: 10.53.40.202 +X-MS-Exchange-Organization-Cross-Premises-Headers-Processed: cas-essen-02.secunet.de +X-MS-Exchange-Organization-OrderedPrecisionLatencyInProgress: LSRV=cas-essen-02.secunet.de:TOTAL-FE=0.008|SMR=0.008(SMRPI=0.005(SMRPI-FrontendProxyAgent=0.005));2024-03-30T21:35:58.528Z +X-MS-Exchange-Forest-ArrivalHubServer: mbx-essen-02.secunet.de +X-MS-Exchange-Organization-AuthSource: cas-essen-02.secunet.de +X-MS-Exchange-Organization-AuthAs: Anonymous +X-MS-Exchange-Organization-OriginalSize: 16255 +X-MS-Exchange-Organization-Transport-Properties: DeliveryPriority=Low +X-MS-Exchange-Organization-Prioritization: 2:ShadowRedundancy +X-MS-Exchange-Organization-IncludeInSla: False:ShadowRedundancy + +On 3/29/24 23:58, Michael Roth wrote: +> In the case of SEV-SNP, whether or not a 2MB page can be mapped via a +> 2MB mapping in the guest's nested page table depends on whether or not +> any subpages within the range have already been initialized as private +> in the RMP table. The existing mixed-attribute tracking in KVM is +> insufficient here, for instance: +> +> - gmem allocates 2MB page +> - guest issues PVALIDATE on 2MB page +> - guest later converts a subpage to shared +> - SNP host code issues PSMASH to split 2MB RMP mapping to 4K +> - KVM MMU splits NPT mapping to 4K +> - guest later converts that shared page back to private +> +> At this point there are no mixed attributes, and KVM would normally +> allow for 2MB NPT mappings again, but this is actually not allowed +> because the RMP table mappings are 4K and cannot be promoted on the +> hypervisor side, so the NPT mappings must still be limited to 4K to +> match this. +> +> Implement a kvm_x86_ops.gmem_validate_fault() hook for SEV that checks +> for this condition and adjusts the mapping level accordingly. +> +> Signed-off-by: Michael Roth <michael.roth@amd.com> + +Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> + > --- > arch/x86/kvm/svm/sev.c | 32 ++++++++++++++++++++++++++++++++ > arch/x86/kvm/svm/svm.c | 1 + diff --git a/a/content_digest b/N2/content_digest index 69bd346..6ddf2b8 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -151,6 +151,311 @@ "> +}\n" "> \n" "> #endif\n" + "> \n" + "\n" + "\n" + "X-sender: <linux-kernel+bounces-125895-steffen.klassert=secunet.com@vger.kernel.org>\n" + "X-Receiver: <steffen.klassert@secunet.com> ORCPT=rfc822;steffen.klassert@secunet.com\n" + "X-CreatedBy: MSExchange15\n" + "X-HeloDomain: mbx-dresden-01.secunet.de\n" + "X-ExtendedProps: BQBjAAoAvmQFfe5Q3AgFADcAAgAADwA8AAAATWljcm9zb2Z0LkV4Y2hhbmdlLlRyYW5zcG9ydC5NYWlsUmVjaXBpZW50Lk9yZ2FuaXphdGlvblNjb3BlEQAAAAAAAAAAAAAAAAAAAAAADwA/AAAATWljcm9zb2Z0LkV4Y2hhbmdlLlRyYW5zcG9ydC5EaXJlY3RvcnlEYXRhLk1haWxEZWxpdmVyeVByaW9yaXR5DwADAAAATG93\n" + "X-Source: SMTP:Default MBX-ESSEN-02\n" + "X-SourceIPAddress: 10.53.40.199\n" + "X-EndOfInjectedXHeaders: 16802\n" + "Received: from mbx-dresden-01.secunet.de (10.53.40.199) by\n" + " mbx-essen-02.secunet.de (10.53.40.198) with Microsoft SMTP Server\n" + " (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id\n" + " 15.1.2507.37; Sat, 30 Mar 2024 22:35:58 +0100\n" + "Received: from a.mx.secunet.com (62.96.220.36) by cas-essen-02.secunet.de\n" + " (10.53.40.202) with Microsoft SMTP Server (version=TLS1_2,\n" + " cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.37 via Frontend\n" + " Transport; Sat, 30 Mar 2024 22:35:58 +0100\n" + "Received: from localhost (localhost [127.0.0.1])\n" + "\tby a.mx.secunet.com (Postfix) with ESMTP id 8EC8920883\n" + "\tfor <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 22:35:58 +0100 (CET)\n" + "X-Virus-Scanned: by secunet\n" + "X-Spam-Flag: NO\n" + "X-Spam-Score: -2.851\n" + "X-Spam-Level:\n" + "X-Spam-Status: No, score=-2.851 tagged_above=-999 required=2.1\n" + "\ttests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.1, DKIM_SIGNED=0.1,\n" + "\tDKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,\n" + "\tHEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1,\n" + "\tRCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001]\n" + "\tautolearn=ham autolearn_force=no\n" + "Authentication-Results: a.mx.secunet.com (amavisd-new);\n" + "\tdkim=pass (1024-bit key) header.d=redhat.com\n" + "Received: from a.mx.secunet.com ([127.0.0.1])\n" + "\tby localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024)\n" + "\twith ESMTP id WvBMAZHTwSqc for <steffen.klassert@secunet.com>;\n" + "\tSat, 30 Mar 2024 22:35:57 +0100 (CET)\n" + "Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=147.75.199.223; helo=ny.mirrors.kernel.org; envelope-from=linux-kernel+bounces-125895-steffen.klassert=secunet.com@vger.kernel.org; receiver=steffen.klassert@secunet.com \n" + "DKIM-Filter: OpenDKIM Filter v2.11.0 a.mx.secunet.com 135CB2076B\n" + "Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org [147.75.199.223])\n" + "\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n" + "\t(No client certificate requested)\n" + "\tby a.mx.secunet.com (Postfix) with ESMTPS id 135CB2076B\n" + "\tfor <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 22:35:51 +0100 (CET)\n" + "Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])\n" + "\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n" + "\t(No client certificate requested)\n" + "\tby ny.mirrors.kernel.org (Postfix) with ESMTPS id EDEB11C21721\n" + "\tfor <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 21:35:50 +0000 (UTC)\n" + "Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])\n" + "\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 89EA04F5FD;\n" + "\tSat, 30 Mar 2024 21:35:33 +0000 (UTC)\n" + "Authentication-Results: smtp.subspace.kernel.org;\n" + "\tdkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=\"PwZ9MZ1i\"\n" + "Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])\n" + "\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n" + "\t(No client certificate requested)\n" + "\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id A388345948\n" + "\tfor <linux-kernel@vger.kernel.org>; Sat, 30 Mar 2024 21:35:28 +0000 (UTC)\n" + "Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124\n" + "ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n" + "\tt=1711834530; cv=none; b=fO/lEHbAvPLPvD4Czk3OqRCafqKiRL8iA0CO8q3eZQUN1kteZWed50dTZAyxTZuCdaX9qS/XnXuBeW5qVjX9QR8/wTnWHHzz2AMuaZjzC3tb1Dr6TyQ2SmNypR8s7rZVDdK6ARJUpxAZud/DR7rrr/s5fFn/Kmo2G7UC5c5imR4=\n" + "ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;\n" + "\ts=arc-20240116; t=1711834530; c=relaxed/simple;\n" + "\tbh=g0toAGCQtFi0G3GbWa0Q4HZPWv8jGtxInPF/JxlP71A=;\n" + "\th=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:\n" + "\t In-Reply-To:Content-Type; b=VDk1AdWfivfUlDYWWV0aeHeinK3zHP6Dwj3CQ2qewUTiR3JkY389d6bV/9E9OKg2J0ACGBw1DWYUPuF6lGvUnq274kQdBU+HYQaf3VVKagAkxwJnR9csNwkpG3T1KCpCWClj7sLvSTcqgcR3yTTn3MVnPc35I5YZ5/XMmBDm6Vc=\n" + "ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=PwZ9MZ1i; arc=none smtp.client-ip=170.10.133.124\n" + "Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com\n" + "Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com\n" + "DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;\n" + "\ts=mimecast20190719; t=1711834527;\n" + "\th=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n" + "\t to:to:cc:cc:mime-version:mime-version:content-type:content-type:\n" + "\t content-transfer-encoding:content-transfer-encoding:\n" + "\t in-reply-to:in-reply-to:references:references:autocrypt:autocrypt;\n" + "\tbh=EwmuW/k3ZL7znVA8wS56lDlLW9BhS4TEVksrt7Me+Z8=;\n" + "\tb=PwZ9MZ1iyCAVzBUash6/9hnMVBP48I4GsfrdulDjf7X0dySw+dhCyQuoNF9cRn97oZnC0V\n" + "\tcTOQYa0rlarrHCAeQS/Hszk96ip36xl7O644Vw+ylUW0h4uRIhxuKMLJ1NrVHXnq/yslBs\n" + "\trhet5l0+ntjKgvhS1bHVq1nOKnn3br4=\n" + "Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com\n" + " [209.85.208.72]) by relay.mimecast.com with ESMTP with STARTTLS\n" + " (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id\n" + " us-mta-112-tSJu9a0cMgmQB3On25fBYg-1; Sat, 30 Mar 2024 17:35:23 -0400\n" + "X-MC-Unique: tSJu9a0cMgmQB3On25fBYg-1\n" + "Received: by mail-ed1-f72.google.com with SMTP id 4fb4d7f45d1cf-5689f41cf4dso2408093a12.3\n" + " for <linux-kernel@vger.kernel.org>; Sat, 30 Mar 2024 14:35:23 -0700 (PDT)\n" + "X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;\n" + " d=1e100.net; s=20230601; t=1711834522; x=1712439322;\n" + " h=content-transfer-encoding:in-reply-to:autocrypt:content-language\n" + " :from:references:cc:to:subject:user-agent:mime-version:date\n" + " :message-id:x-gm-message-state:from:to:cc:subject:date:message-id\n" + " :reply-to;\n" + " bh=EwmuW/k3ZL7znVA8wS56lDlLW9BhS4TEVksrt7Me+Z8=;\n" + " b=jTT2FBgSYMoeJE5ccOi5DsUyE0juZB4gBpRsaeSs9kH9ALQmj2ilHm8toqrL4cyyRv\n" + " Ofppy6SnyGFp2zfcHgVCc/EKCvuOaQZK6JLnQl8X2ElNIadsNZPGYktkgwtSlkzXYkvz\n" + " CLb+Mcn2pOShlO2CvLTXusmuKk3Y/Zt5FdLpngbspaovc+VJ1pXRCKMkKMylEO5vmetk\n" + " Hny51o7yTwHFWOegSUEFqtPM2imlks1J7mBZ0WuWiM7shRLBCiY9cNmWZLphMb+nEs9a\n" + " ipG4IOi+Wmp8zeHIcqDBWl6+wdAwUQO1tV70NDjBvGynKbt8FATmGTDxCv+bQ1fv2rIQ\n" + " GuZQ==\n" + "X-Forwarded-Encrypted: i=1; AJvYcCX4Pp+/19Mb2juuK84MNGHHMO5BHtlVbuQw6u4ZjA70d901hLiKrIUob09YFXAiG9zaWUumWi5S5A3ycfm7kpmU1INlD4mcb72VKS3k\n" + "X-Gm-Message-State: AOJu0YzQvpxLO0QoT38CtX9+7v5jgy51U7OMzC5vh+PxRqnKlxdZhHH8\n" + "\t6ZlZLqCDd5Th1F5x22MqKJ+q7SSedAzc4vh61ECYbvvQsECUlrHUi24/Y+QP5l0Lt05efWXFOnw\n" + "\tNWMVbeMVoNNqFiKg+nNGL//njdocX9xu1QzBM7wXulm42lMtfWzkkBnz5rJgmgA==\n" + "X-Received: by 2002:a50:bb44:0:b0:567:23a2:5b1e with SMTP id y62-20020a50bb44000000b0056723a25b1emr4176662ede.23.1711834522688;\n" + " Sat, 30 Mar 2024 14:35:22 -0700 (PDT)\n" + "X-Google-Smtp-Source: AGHT+IH4Y1Y1ai02PAHKv5gHHk8E9vouw7+IeXJOAyuQtq3+b2c4PJy15b2ZKcJKFYMqFhtFpYJu6A==\n" + "X-Received: by 2002:a50:bb44:0:b0:567:23a2:5b1e with SMTP id y62-20020a50bb44000000b0056723a25b1emr4176630ede.23.1711834522369;\n" + " Sat, 30 Mar 2024 14:35:22 -0700 (PDT)\n" + "Received: from [192.168.10.4] ([151.95.49.219])\n" + " by smtp.googlemail.com with ESMTPSA id cy14-20020a0564021c8e00b0056bf31fa2a3sm3688481edb.80.2024.03.30.14.35.18\n" + " (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);\n" + " Sat, 30 Mar 2024 14:35:21 -0700 (PDT)\n" + "Message-ID: <4e89479a-e170-403a-b2eb-ce7b895e55a3@redhat.com>\n" + "Date: Sat, 30 Mar 2024 22:35:17 +0100\n" + "Precedence: bulk\n" + "X-Mailing-List: linux-kernel@vger.kernel.org\n" + "List-Id: <linux-kernel.vger.kernel.org>\n" + "List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>\n" + "List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>\n" + "MIME-Version: 1.0\n" + "User-Agent: Mozilla Thunderbird\n" + "Subject: Re: [PATCH v12 23/29] KVM: x86: Implement gmem hook for determining\n" + " max NPT mapping level\n" + "To: Michael Roth <michael.roth@amd.com>, kvm@vger.kernel.org\n" + "Cc: linux-coco@lists.linux.dev, linux-mm@kvack.org,\n" + " linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org,\n" + " tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de,\n" + " thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, seanjc@google.com,\n" + " vkuznets@redhat.com, jmattson@google.com, luto@kernel.org,\n" + " dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com,\n" + " peterz@infradead.org, srinivas.pandruvada@linux.intel.com,\n" + " rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de,\n" + " vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com,\n" + " tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com,\n" + " alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com,\n" + " nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com\n" + "References: <20240329225835.400662-1-michael.roth@amd.com>\n" + " <20240329225835.400662-24-michael.roth@amd.com>\n" + "From: Paolo Bonzini <pbonzini@redhat.com>\n" + "Content-Language: en-US\n" + "Autocrypt: addr=pbonzini@redhat.com; keydata=\n" + " xsEhBFRCcBIBDqDGsz4K0zZun3jh+U6Z9wNGLKQ0kSFyjN38gMqU1SfP+TUNQepFHb/Gc0E2\n" + " CxXPkIBTvYY+ZPkoTh5xF9oS1jqI8iRLzouzF8yXs3QjQIZ2SfuCxSVwlV65jotcjD2FTN04\n" + " hVopm9llFijNZpVIOGUTqzM4U55sdsCcZUluWM6x4HSOdw5F5Utxfp1wOjD/v92Lrax0hjiX\n" + " DResHSt48q+8FrZzY+AUbkUS+Jm34qjswdrgsC5uxeVcLkBgWLmov2kMaMROT0YmFY6A3m1S\n" + " P/kXmHDXxhe23gKb3dgwxUTpENDBGcfEzrzilWueOeUWiOcWuFOed/C3SyijBx3Av/lbCsHU\n" + " Vx6pMycNTdzU1BuAroB+Y3mNEuW56Yd44jlInzG2UOwt9XjjdKkJZ1g0P9dwptwLEgTEd3Fo\n" + " UdhAQyRXGYO8oROiuh+RZ1lXp6AQ4ZjoyH8WLfTLf5g1EKCTc4C1sy1vQSdzIRu3rBIjAvnC\n" + " tGZADei1IExLqB3uzXKzZ1BZ+Z8hnt2og9hb7H0y8diYfEk2w3R7wEr+Ehk5NQsT2MPI2QBd\n" + " wEv1/Aj1DgUHZAHzG1QN9S8wNWQ6K9DqHZTBnI1hUlkp22zCSHK/6FwUCuYp1zcAEQEAAc0j\n" + " UGFvbG8gQm9uemluaSA8cGJvbnppbmlAcmVkaGF0LmNvbT7CwU0EEwECACMFAlRCcBICGwMH\n" + " CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRB+FRAMzTZpsbceDp9IIN6BIA0Ol7MoB15E\n" + " 11kRz/ewzryFY54tQlMnd4xxfH8MTQ/mm9I482YoSwPMdcWFAKnUX6Yo30tbLiNB8hzaHeRj\n" + " jx12K+ptqYbg+cevgOtbLAlL9kNgLLcsGqC2829jBCUTVeMSZDrzS97ole/YEez2qFpPnTV0\n" + " VrRWClWVfYh+JfzpXmgyhbkuwUxNFk421s4Ajp3d8nPPFUGgBG5HOxzkAm7xb1cjAuJ+oi/K\n" + " CHfkuN+fLZl/u3E/fw7vvOESApLU5o0icVXeakfSz0LsygEnekDbxPnE5af/9FEkXJD5EoYG\n" + " SEahaEtgNrR4qsyxyAGYgZlS70vkSSYJ+iT2rrwEiDlo31MzRo6Ba2FfHBSJ7lcYdPT7bbk9\n" + " AO3hlNMhNdUhoQv7M5HsnqZ6unvSHOKmReNaS9egAGdRN0/GPDWr9wroyJ65ZNQsHl9nXBqE\n" + " AukZNr5oJO5vxrYiAuuTSd6UI/xFkjtkzltG3mw5ao2bBpk/V/YuePrJsnPFHG7NhizrxttB\n" + " nTuOSCMo45pfHQ+XYd5K1+Cv/NzZFNWscm5htJ0HznY+oOsZvHTyGz3v91pn51dkRYN0otqr\n" + " bQ4tlFFuVjArBZcapSIe6NV8C4cEiSTOwE0EVEJx7gEIAMeHcVzuv2bp9HlWDp6+RkZe+vtl\n" + " KwAHplb/WH59j2wyG8V6i33+6MlSSJMOFnYUCCL77bucx9uImI5nX24PIlqT+zasVEEVGSRF\n" + " m8dgkcJDB7Tps0IkNrUi4yof3B3shR+vMY3i3Ip0e41zKx0CvlAhMOo6otaHmcxr35sWq1Jk\n" + " tLkbn3wG+fPQCVudJJECvVQ//UAthSSEklA50QtD2sBkmQ14ZryEyTHQ+E42K3j2IUmOLriF\n" + " dNr9NvE1QGmGyIcbw2NIVEBOK/GWxkS5+dmxM2iD4Jdaf2nSn3jlHjEXoPwpMs0KZsgdU0pP\n" + " JQzMUMwmB1wM8JxovFlPYrhNT9MAEQEAAcLBMwQYAQIACQUCVEJx7gIbDAAKCRB+FRAMzTZp\n" + " sadRDqCctLmYICZu4GSnie4lKXl+HqlLanpVMOoFNnWs9oRP47MbE2wv8OaYh5pNR9VVgyhD\n" + " OG0AU7oidG36OeUlrFDTfnPYYSF/mPCxHttosyt8O5kabxnIPv2URuAxDByz+iVbL+RjKaGM\n" + " GDph56ZTswlx75nZVtIukqzLAQ5fa8OALSGum0cFi4ptZUOhDNz1onz61klD6z3MODi0sBZN\n" + " Aj6guB2L/+2ZwElZEeRBERRd/uommlYuToAXfNRdUwrwl9gRMiA0WSyTb190zneRRDfpSK5d\n" + " usXnM/O+kr3Dm+Ui+UioPf6wgbn3T0o6I5BhVhs4h4hWmIW7iNhPjX1iybXfmb1gAFfjtHfL\n" + " xRUr64svXpyfJMScIQtBAm0ihWPltXkyITA92ngCmPdHa6M1hMh4RDX+Jf1fiWubzp1voAg0\n" + " JBrdmNZSQDz0iKmSrx8xkoXYfA3bgtFN8WJH2xgFL28XnqY4M6dLhJwV3z08tPSRqYFm4NMP\n" + " dRsn0/7oymhneL8RthIvjDDQ5ktUjMe8LtHr70OZE/TT88qvEdhiIVUogHdo4qBrk41+gGQh\n" + " b906Dudw5YhTJFU3nC6bbF2nrLlB4C/XSiH76ZvqzV0Z/cAMBo5NF/w=\n" + "In-Reply-To: <20240329225835.400662-24-michael.roth@amd.com>\n" + "Content-Type: text/plain; charset=UTF-8; format=flowed\n" + "Content-Transfer-Encoding: 7bit\n" + "Return-Path: linux-kernel+bounces-125895-steffen.klassert=secunet.com@vger.kernel.org\n" + "X-MS-Exchange-Organization-OriginalArrivalTime: 30 Mar 2024 21:35:58.5206\n" + " (UTC)\n" + "X-MS-Exchange-Organization-Network-Message-Id: 240c94ed-22c0-47b6-7326-08dc51016375\n" + "X-MS-Exchange-Organization-OriginalClientIPAddress: 62.96.220.36\n" + "X-MS-Exchange-Organization-OriginalServerIPAddress: 10.53.40.202\n" + "X-MS-Exchange-Organization-Cross-Premises-Headers-Processed: cas-essen-02.secunet.de\n" + "X-MS-Exchange-Organization-OrderedPrecisionLatencyInProgress: LSRV=cas-essen-02.secunet.de:TOTAL-FE=0.008|SMR=0.008(SMRPI=0.005(SMRPI-FrontendProxyAgent=0.005));2024-03-30T21:35:58.528Z\n" + "X-MS-Exchange-Forest-ArrivalHubServer: mbx-essen-02.secunet.de\n" + "X-MS-Exchange-Organization-AuthSource: cas-essen-02.secunet.de\n" + "X-MS-Exchange-Organization-AuthAs: Anonymous\n" + "X-MS-Exchange-Organization-OriginalSize: 16255\n" + "X-MS-Exchange-Organization-Transport-Properties: DeliveryPriority=Low\n" + "X-MS-Exchange-Organization-Prioritization: 2:ShadowRedundancy\n" + "X-MS-Exchange-Organization-IncludeInSla: False:ShadowRedundancy\n" + "\n" + "On 3/29/24 23:58, Michael Roth wrote:\n" + "> In the case of SEV-SNP, whether or not a 2MB page can be mapped via a\n" + "> 2MB mapping in the guest's nested page table depends on whether or not\n" + "> any subpages within the range have already been initialized as private\n" + "> in the RMP table. The existing mixed-attribute tracking in KVM is\n" + "> insufficient here, for instance:\n" + "> \n" + "> - gmem allocates 2MB page\n" + "> - guest issues PVALIDATE on 2MB page\n" + "> - guest later converts a subpage to shared\n" + "> - SNP host code issues PSMASH to split 2MB RMP mapping to 4K\n" + "> - KVM MMU splits NPT mapping to 4K\n" + "> - guest later converts that shared page back to private\n" + "> \n" + "> At this point there are no mixed attributes, and KVM would normally\n" + "> allow for 2MB NPT mappings again, but this is actually not allowed\n" + "> because the RMP table mappings are 4K and cannot be promoted on the\n" + "> hypervisor side, so the NPT mappings must still be limited to 4K to\n" + "> match this.\n" + "> \n" + "> Implement a kvm_x86_ops.gmem_validate_fault() hook for SEV that checks\n" + "> for this condition and adjusts the mapping level accordingly.\n" + "> \n" + "> Signed-off-by: Michael Roth <michael.roth@amd.com>\n" + "\n" + "Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>\n" + "\n" + "> ---\n" + "> arch/x86/kvm/svm/sev.c | 32 ++++++++++++++++++++++++++++++++\n" + "> arch/x86/kvm/svm/svm.c | 1 +\n" + "> arch/x86/kvm/svm/svm.h | 7 +++++++\n" + "> 3 files changed, 40 insertions(+)\n" + "> \n" + "> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c\n" + "> index 87d621d013a4..31f6f4786503 100644\n" + "> --- a/arch/x86/kvm/svm/sev.c\n" + "> +++ b/arch/x86/kvm/svm/sev.c\n" + "> @@ -4443,3 +4443,35 @@ void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end)\n" + "> \t\tpfn += use_2m_update ? PTRS_PER_PMD : 1;\n" + "> \t}\n" + "> }\n" + "> +\n" + "> +/*\n" + "> + * Re-check whether an #NPF for a private/gmem page can still be serviced, and\n" + "> + * adjust maximum mapping level if needed.\n" + "> + */\n" + "> +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private,\n" + "> +\t\t\t u8 *max_level)\n" + "> +{\n" + "> +\tint level, rc;\n" + "> +\tbool assigned;\n" + "> +\n" + "> +\tif (!sev_snp_guest(kvm))\n" + "> +\t\treturn 0;\n" + "> +\n" + "> +\trc = snp_lookup_rmpentry(pfn, &assigned, &level);\n" + "> +\tif (rc) {\n" + "> +\t\tpr_err_ratelimited(\"SEV: RMP entry not found: GFN %llx PFN %llx level %d error %d\\n\",\n" + "> +\t\t\t\t gfn, pfn, level, rc);\n" + "> +\t\treturn -ENOENT;\n" + "> +\t}\n" + "> +\n" + "> +\tif (!assigned) {\n" + "> +\t\tpr_err_ratelimited(\"SEV: RMP entry is not assigned: GFN %llx PFN %llx level %d\\n\",\n" + "> +\t\t\t\t gfn, pfn, level);\n" + "> +\t\treturn -EINVAL;\n" + "> +\t}\n" + "> +\n" + "> +\tif (level < *max_level)\n" + "> +\t\t*max_level = level;\n" + "> +\n" + "> +\treturn 0;\n" + "> +}\n" + "> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c\n" + "> index b456906f2670..298b4ce77a5f 100644\n" + "> --- a/arch/x86/kvm/svm/svm.c\n" + "> +++ b/arch/x86/kvm/svm/svm.c\n" + "> @@ -5081,6 +5081,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = {\n" + "> \n" + "> \t.gmem_prepare = sev_gmem_prepare,\n" + "> \t.gmem_invalidate = sev_gmem_invalidate,\n" + "> +\t.gmem_validate_fault = sev_gmem_validate_fault,\n" + "> };\n" + "> \n" + "> /*\n" + "> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h\n" + "> index 3f1f6d3d3ade..746f819a6de4 100644\n" + "> --- a/arch/x86/kvm/svm/svm.h\n" + "> +++ b/arch/x86/kvm/svm/svm.h\n" + "> @@ -732,6 +732,8 @@ void sev_vcpu_unblocking(struct kvm_vcpu *vcpu);\n" + "> void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu);\n" + "> int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order);\n" + "> void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end);\n" + "> +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private,\n" + "> +\t\t\t u8 *max_level);\n" + "> #else\n" + "> static inline struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) {\n" + "> \treturn alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO);\n" + "> @@ -753,6 +755,11 @@ static inline int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, in\n" + "> \treturn 0;\n" + "> }\n" + "> static inline void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) {}\n" + "> +static inline int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn,\n" + "> +\t\t\t\t\t bool is_private, u8 *max_level)\n" + "> +{\n" + "> +\treturn 0;\n" + "> +}\n" + "> \n" + "> #endif\n" > -b500f0e3d832a3b58dd1c663d1514045e70607d04cbe9b4d70e46a9cb261dc56 +873651d5f085e4a4c4b8867f04337dd1ec0362db32481e9f4b0bb135b98a4984
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox