Re: [PATCH v2 4/4] KVM: SVM: Add Page modification logging support

public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed

From: Nikunj A Dadhania <nikunj@amd.com>
To: "Huang, Kai" <kai.huang@intel.com>,
	"pbonzini@redhat.com" <pbonzini@redhat.com>,
	"seanjc@google.com" <seanjc@google.com>
Cc: "thomas.lendacky@amd.com" <thomas.lendacky@amd.com>,
	"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
	"joao.m.martins@oracle.com" <joao.m.martins@oracle.com>,
	"santosh.shukla@amd.com" <santosh.shukla@amd.com>,
	"bp@alien8.de" <bp@alien8.de>
Subject: Re: [PATCH v2 4/4] KVM: SVM: Add Page modification logging support
Date: Wed, 24 Sep 2025 06:26:33 +0000	[thread overview]
Message-ID: <85a52k1i3q.fsf@amd.com> (raw)
In-Reply-To: <85ecs4nva5.fsf@amd.com>

Nikunj A Dadhania <nikunj@amd.com> writes:

> "Huang, Kai" <kai.huang@intel.com> writes:
>
>> On Mon, 2025-09-15 at 08:59 +0000, Nikunj A Dadhania wrote:
>>> 
>>> PML is enabled by default when supported and can be disabled via the 'pml'
>>> module parameter.
>>
>> This changelog mentions nothing about interaction between PML vs nested.
>>
>> On VMX, PML is emulated for L2 (for nested EPT) but is never enabled in
>> hardware when CPU runs in L2, so:
>>
>> 1) PML is exposed to L1 (for nested EPT).
>> 2) PML needs to be turned off when CPU runs in L2 otherwise L2's GPA 
>>    could be logged, and turned on again after CPU leaves L2 (and restore
>>    PML buffer/index of VMCS01).
>
> I get your point and I see that when nested VM entry, PML is set in
> the nested_ctl for L2.

As nested_ctl from L1 was getting copied into L2, PML flag was also set
for L2. I have disabled this now.

>
> I am trying to create this scenario, and couldnt get the L2 GPA's.

L2 GPA's were not logged because PML_ADDR and PML_INDEX of the VMCB02
was not populated.

>
>>
>> It doesn't seem this series supports emulating PML for L2 (for nested
>> NPT), because AMD's PML is also enumerated via a CPUID bit (while VMX
>> doesn't) and it's not exposed to guest, so we don't need to handle nested
>> PML_FULL VMEXIT etc.
>>
>> This is fine I think, and we can support this in the future if needed.
>>
>> But 2) is also needed anyway for AMD's PML AFAICT, regardless of whether
>> 1) is supported or not ?
>
> I see your point, we will need to disable PML for L2.
>
>>
>> If so, could we add some text to clarify all of these in the changelog?
>>
>>
>> [...]
>>
>>>  
>>> +void svm_update_cpu_dirty_logging(struct kvm_vcpu *vcpu)
>>> +{
>>> +	struct vcpu_svm *svm = to_svm(vcpu);
>>> +
>>> +	if (WARN_ON_ONCE(!pml))
>>> +		return;
>>> +
>>> +	if (is_guest_mode(vcpu))
>>> +		return;
>>
>> VMX has a vmx->nested.update_vmcs01_cpu_dirty_logging boolean.  It's set
>> here to indicate PML enabling is not updated for L2 here, but later when
>> switching to run in L1, the PML enabling needs to updated.
>>
>> Shouldn't SVM have similar handling?
>
> Sure, will get back to you on this.

Yes, this will be required as it is handling a case when there is a
dirty logging change for L1 while L2 is running. So this variable is
used to record such change and when L2 exits, the pending change needs
to be made in L1's VMCB.

Thanks for the detailed review.

Regards
Nikunj

     prev parent reply	other threads:[~2025-09-24  6:26 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-09-15  8:59 [PATCH v2 0/4] KVM: SVM: Add Page Modification Logging (PML) support Nikunj A Dadhania
2025-09-15  8:59 ` [PATCH v2 1/4] KVM: x86: Carve out PML flush routine Nikunj A Dadhania
2025-09-15  8:59 ` [PATCH v2 2/4] KVM: x86: Move PML page to common vcpu arch structure Nikunj A Dadhania
2025-09-16 10:27   ` Huang, Kai
2025-09-17  3:31     ` Nikunj A. Dadhania
2025-09-17 10:13       ` Huang, Kai
2025-09-17 10:17         ` Nikunj A. Dadhania
2025-09-17 10:28           ` Huang, Kai
2025-09-15  8:59 ` [PATCH v2 3/4] x86/cpufeatures: Add Page modification logging Nikunj A Dadhania
2025-09-15  8:59 ` [PATCH v2 4/4] KVM: SVM: Add Page modification logging support Nikunj A Dadhania
2025-09-15 12:35   ` Huang, Kai
2025-09-18  6:12     ` Nikunj A Dadhania
2025-09-24  6:26       ` Nikunj A Dadhania [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=85a52k1i3q.fsf@amd.com \
    --to=nikunj@amd.com \
    --cc=bp@alien8.de \
    --cc=joao.m.martins@oracle.com \
    --cc=kai.huang@intel.com \
    --cc=kvm@vger.kernel.org \
    --cc=pbonzini@redhat.com \
    --cc=santosh.shukla@amd.com \
    --cc=seanjc@google.com \
    --cc=thomas.lendacky@amd.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox