From: Sean Christopherson <seanjc@google.com>
To: Junaid Shahid <junaids@google.com>
Cc: kvm@vger.kernel.org, pbonzini@redhat.com, jmattson@google.com,
bgardon@google.com, pshier@google.com
Subject: Re: [PATCH] kvm: vmx: Sync all matching EPTPs when injecting nested EPT fault
Date: Mon, 9 Aug 2021 23:33:39 +0000 [thread overview]
Message-ID: <YRG7U3b3ZM17ggp4@google.com> (raw)
In-Reply-To: <20210806222229.1645356-1-junaids@google.com>
On Fri, Aug 06, 2021, Junaid Shahid wrote:
> When a nested EPT violation/misconfig is injected into the guest,
> the shadow EPT PTEs associated with that address need to be synced.
> This is done by kvm_inject_emulated_page_fault() before it calls
> nested_ept_inject_page_fault(). However, that will only sync the
> shadow EPT PTE associated with the current L1 EPTP. Since the ASID
For the changelog and the comment, IMO using "vmcs12 EPTP" instead of "L1 EPTP"
would add clarity. I usually think of "L1 EPTP" as vmcs01->eptp and "L2 EPTP"
as vmcs02->EPTP. There are enough EPTPs in play with nested that it'd help to
be very explicit.
> is based on EP4TA rather than the full EPTP, so syncing the current
> EPTP is not enough. The SPTEs associated with any other L1 EPTPs
> in the prev_roots cache with the same EP4TA also need to be synced.
No small part of me wonders if we should disallow duplicate vmcs12 EP4TAs in a
single vCPU's root cache, e.g. purge existing roots with the same pgd but
different role. INVEPT does the right thing, but that seems more coincidental
than intentional.
Practically speaking, this only affects A/D bits. Wouldn't a VMM need to flush
the EP4TA if it toggled A/D enabling in order to have deterministic behavior?
In other words, is there a real world use case for switching between EPTPs with
same EP4TAs but different properties that would see a performance hit if KVM
purged unusable cached roots with the same EP4TA?
next prev parent reply other threads:[~2021-08-09 23:33 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-06 22:22 [PATCH] kvm: vmx: Sync all matching EPTPs when injecting nested EPT fault Junaid Shahid
2021-08-09 23:33 ` Sean Christopherson [this message]
2021-08-10 17:52 ` Paolo Bonzini
2021-08-10 21:34 ` Junaid Shahid
-- strict thread matches above, loose matches on Subject: below --
2021-08-06 22:20 Junaid Shahid
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YRG7U3b3ZM17ggp4@google.com \
--to=seanjc@google.com \
--cc=bgardon@google.com \
--cc=jmattson@google.com \
--cc=junaids@google.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=pshier@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox