From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D82B9C83F03 for ; Wed, 9 Jul 2025 11:00:50 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A59036B00DD; Wed, 9 Jul 2025 07:00:24 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 993D06B00DE; Wed, 9 Jul 2025 07:00:24 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8832D6B00DF; Wed, 9 Jul 2025 07:00:24 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 6B8DA6B00DD for ; Wed, 9 Jul 2025 07:00:24 -0400 (EDT) Received: from smtpin17.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 3B39116017E for ; Wed, 9 Jul 2025 11:00:24 +0000 (UTC) X-FDA: 83644432368.17.540E908 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) by imf14.hostedemail.com (Postfix) with ESMTP id 492C9100017 for ; Wed, 9 Jul 2025 11:00:22 +0000 (UTC) Authentication-Results: imf14.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=FxjQFm7z; spf=pass (imf14.hostedemail.com: domain of 3xEtuaAUKCF8Q7887DLLDIB.9LJIFKRU-JJHS79H.LOD@flex--tabba.bounces.google.com designates 209.85.128.74 as permitted sender) smtp.mailfrom=3xEtuaAUKCF8Q7887DLLDIB.9LJIFKRU-JJHS79H.LOD@flex--tabba.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1752058822; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=qIzHHqFELNLM7nSPt2nWKU+n5TiRBgsY+NsOM9op7ZE=; b=z8jBkze+YVBwPNK/kmLNlH0BIZfryD3FsqXfruinlVfXw4EUy/8a0IgUyTniPTK8W0Aj3/ 4tZQzriaeaq9kccLKdF/IwrEo2U3QxBKEfjcaGXxOmlVKFZq/RBAhlt/aCehmz8OkbPjA4 l+Ya8/aoRJ0zlJmM8EW7EkNkjltExy8= ARC-Authentication-Results: i=1; imf14.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=FxjQFm7z; spf=pass (imf14.hostedemail.com: domain of 3xEtuaAUKCF8Q7887DLLDIB.9LJIFKRU-JJHS79H.LOD@flex--tabba.bounces.google.com designates 209.85.128.74 as permitted sender) smtp.mailfrom=3xEtuaAUKCF8Q7887DLLDIB.9LJIFKRU-JJHS79H.LOD@flex--tabba.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1752058822; a=rsa-sha256; cv=none; b=cAdnXHwH157lDnPQ5WiO8zwg75d4cKA+V/ANPpBSYJ97CEdTiO9jK4bPKzHz/OxGx3/2DX VyjJD69voa8RqftPM5tgH6/YId8rVaDPkDDpQKm13SQ3oSdW2mQlcqTQCXF5S/7hMQEFBE tdwfA4KL8L3I7ZWDXZtwKFV6UVRrX1g= Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-4535ad64d30so40314645e9.3 for ; Wed, 09 Jul 2025 04:00:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1752058821; x=1752663621; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=qIzHHqFELNLM7nSPt2nWKU+n5TiRBgsY+NsOM9op7ZE=; b=FxjQFm7zt9e8CBxmLIQdyr/FJuLMQYntkk6lOraszindRJjBSOXnPluIhkEHAK+MfY 2JEAPdZZiQCQd5APPWH6v1LdMV5zHT6IN93sSrqtGttN7uak05OP8juZK3gAcUNOtQe1 RyFSqoqYkVysT50B9wqDjbRh7I68IdaUV461X1ghF8xlD6LN6XnhWPNdCxlyuBc35z+X JaQI0FGhtaVccgwKwc5bY2YpatftOvtcpef5Z7vPfYIxMMPrAAZ1tcnAujJYsIuvqQ0/ qYlLIsdOsMJ4gRXjNr83KmpoRQKOZ0VW4oIdwLWttQF94+gMo5aeFz812mW0AysoLuIT YCzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1752058821; x=1752663621; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=qIzHHqFELNLM7nSPt2nWKU+n5TiRBgsY+NsOM9op7ZE=; b=pgNFw8hia+ebg2m/yOkmo7eVaxgBu5EgyXTO+YjZWJT3Qysos2QAz86hLhqk5/sDPa +HYwOSBXQsR5DYbv0I5nkKxnRZWKye7MKmzfII278smF55aEcT96OkkJvNfyQVSvqsLN ee9FrMmdQTEMiupWw+MjEz2WNftTTD8744aNwkd90gZifGjrkRG89iOFyhc10a7zWClq kjxB7jw2iBRcBAKj3596M/Gx1vnn0UTo1QaX+hNjJjvoz1anP0zSFU7Fk45zhA2/+XZ4 Y/1Ib/Qf0BqaXiCs2C+6xbaIGdy8G6bpost0kEw6Vd6E9DTjeMxWY/EEgat34qHInyYM tYGg== X-Forwarded-Encrypted: i=1; AJvYcCWIyQyguxRWD563zjWqsAC81v4u7N/t5TbIUpiaul0yOuwBZ8F4Gu9fiNdg9Zhn9PNyd8IZXtsHtA==@kvack.org X-Gm-Message-State: AOJu0YwagIntQ6TS3+nZFQpOsiSIJD+qUv/OLg5vHzVHyo0aGewE7qOK FPT3jVVLrwEB47v9zJla+CTUGftXs2tw9YGc4eIAtATpFVhDFK3Ft0dvxPoIJ0qyFLGs24Ewjny lrw== X-Google-Smtp-Source: AGHT+IFfwcoPAuZDh7SssQHfU99/CGMWCk6exIdiHAYe3ZmGFBLWjzis/CJQCyqJomfLecQSOp0oq8ofOg== X-Received: from wmqc14.prod.google.com ([2002:a05:600c:a4e:b0:442:f45c:c10c]) (user=tabba job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:8217:b0:453:9bf:6f7c with SMTP id 5b1f17b1804b1-454d5c8d45amr18182115e9.9.1752058820781; Wed, 09 Jul 2025 04:00:20 -0700 (PDT) Date: Wed, 9 Jul 2025 11:59:41 +0100 In-Reply-To: <20250709105946.4009897-1-tabba@google.com> Mime-Version: 1.0 References: <20250709105946.4009897-1-tabba@google.com> X-Mailer: git-send-email 2.50.0.727.gbf7dc18ff4-goog Message-ID: <20250709105946.4009897-16-tabba@google.com> Subject: [PATCH v13 15/20] KVM: arm64: Refactor user_mem_abort() From: Fuad Tabba To: kvm@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-mm@kvack.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, roypat@amazon.co.uk, shuah@kernel.org, hch@infradead.org, jgg@nvidia.com, rientjes@google.com, jhubbard@nvidia.com, fvdl@google.com, hughd@google.com, jthoughton@google.com, peterx@redhat.com, pankaj.gupta@amd.com, ira.weiny@intel.com, tabba@google.com Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Stat-Signature: 5kp3d3qhig41n59je15quujnh7yf6ezo X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 492C9100017 X-HE-Tag: 1752058822-556610 X-HE-Meta: U2FsdGVkX19djr0MfUUtn9PAgr9bqvKU4zzJUt8SsO7OQpK2EtFlpZHZdCPqUlOGh9Cueo1LFd9gX1W3LIQv/gcKF5EPNCtpjOSQiV783fOt6pmY2yrmiDV6Jw4mTr8eMtP2lJ1cwr1iSGCMSI0es4fGtXGxKtV32LZFHJGNKuXOqdxP0HFAqw1L4sacfI1NujM8NCVe22971DR6JKtq0SPIOEKNDqDO381VWsfO8H+K5tatuF06hK8p0kcA94fyCmAJwAG/l3vD72iIzwW+qXudB/h0cFwABZmH/9WbiYCkeEF/1i7vuM+QTDmDK83MMj/uhWjHqOc88RfEcSqclscau+gnLUcVib7PiMciEbroBmEGB6SHMka9N8KalCaUl21SUGP5lQvhmLwP2euzyoeMBBSNj0kKwTP1EPTS1+n5tsj1G6r3hV905ogVS+myfiXlTJJ0/JuIYW/d3zAt+oep9WUFhOGbwvC5NCt5eYcJVoC63cCXRVaoJAVH9uRGd3tczk7JJYDdBKfMsRyxUmKtGQj+4XlLoim1DqBkgLMmlTsCgaATc+R3YPYyocNduaL4sZSz8cYjYUuZZun7KrfQBliNHxJlJ61Y5KMmHWq84+xtU+7GmUd5M9O7R65iFlv/449XCnT6gM/1EB+GS0CjXaWl4TtnDY5W669D4os8ZIsWSSGKwSFGWiCIrJsE1Dm/TPFl9hJoAvI2rkaahJtC47GqY0sETCfhpDSD0iQJRx5Tl2+2KB51DXx07NtDWPXCPX6uEdJKEinypxoPqgYkKLNwLSOFu+RSf+SgeGTEFcLFqA20BzqFhw07rbfwsB16fh1Y362tblcarAFsY9CkMwqs1FE8NigPAGjk3hXVS2+om5eYZyit/beW+o8QObgLGv4XZ+6E/FxVtaABh5cJpUpNl5tmUJmfZT8dn8cnaKiZqfzncgYAiFHP39u3o10K6EAkjMuqLRnIo+b eyFEggHn J+OtdTPTPyGo82ac2R+f4gqhrZoKsurF7u9AwqwS7AKpgEAm01sofgOKJU6gO+zIKPv9VRwutCoWyBKND/yvcdWRiPSG5bF1jgNzNBxqq6r91clw6QZ8DOEvNboQ1xxSTiz1flU7BiHqijPsv3CjcRtPSolDLjjiipGOO6UkCICS49q0zq1M+L15UzU16quW9IfToK2oR4pqw+SGJ1xsAlHO3QlkOfVy2QzaSa+vfoCCihY9N9jZ+DLJEbQPFapYcGWhjlI2WSDVa8mf6nSAPlrLFWfxfk8dFLvGxZ+gfnySe4gr2yvC/kaalPYPDSB2cxa39+3TC4xTZ9G+88LrGr+b1pjRK5zvkUIUCfJB6R4sBBn1htSK2ep+i3KWeTjs+BkiRidwDXZD7vLIOe9VXST0v+7DBjqBMWUe0MFp+znVjN8yKRoDD1PqJ5sArk6MoRqpslQYk8DfTKXGBQcJgEjEv4q9iEa102MQluSS1zsRX5gawMehYjeQ78ttbt6QKMv/uGExF8eZNlDsvq00bpDAAZBfqDOMu6x+f2onhNauswF33Dm+3lBheBn4YvCe4IkegBJWmgF/Op0qCGNCe6KAnqLNTG1mCts8H/xIymsPmcZ+0O5xFHgsIW85+tFlAhagus/pLaQpcnH3jDTxX8wfbcujHDn0Y/czA8rM0GuaTGZU= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Refactor user_mem_abort() to improve code clarity and simplify assumptions within the function. Key changes include: * Immediately set force_pte to true at the beginning of the function if logging_active is true. This simplifies the flow and makes the condition for forcing a PTE more explicit. * Remove the misleading comment stating that logging_active is guaranteed to never be true for VM_PFNMAP memslots, as this assertion is not entirely correct. * Extract reusable code blocks into new helper functions: * prepare_mmu_memcache(): Encapsulates the logic for preparing and topping up the MMU page cache. * adjust_nested_fault_perms(): Isolates the adjustments to shadow S2 permissions and the encoding of nested translation levels. * Update min(a, (long)b) to min_t(long, a, b) for better type safety and consistency. * Perform other minor tidying up of the code. These changes primarily aim to simplify user_mem_abort() and make its logic easier to understand and maintain, setting the stage for future modifications. No functional change intended. Reviewed-by: Gavin Shan Signed-off-by: Fuad Tabba --- arch/arm64/kvm/mmu.c | 100 ++++++++++++++++++++++++------------------- 1 file changed, 55 insertions(+), 45 deletions(-) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 2942ec92c5a4..58662e0ef13e 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1470,13 +1470,56 @@ static bool kvm_vma_mte_allowed(struct vm_area_struct *vma) return vma->vm_flags & VM_MTE_ALLOWED; } +static int prepare_mmu_memcache(struct kvm_vcpu *vcpu, bool topup_memcache, + void **memcache) +{ + int min_pages; + + if (!is_protected_kvm_enabled()) + *memcache = &vcpu->arch.mmu_page_cache; + else + *memcache = &vcpu->arch.pkvm_memcache; + + if (!topup_memcache) + return 0; + + min_pages = kvm_mmu_cache_min_pages(vcpu->arch.hw_mmu); + + if (!is_protected_kvm_enabled()) + return kvm_mmu_topup_memory_cache(*memcache, min_pages); + + return topup_hyp_memcache(*memcache, min_pages); +} + +/* + * Potentially reduce shadow S2 permissions to match the guest's own S2. For + * exec faults, we'd only reach this point if the guest actually allowed it (see + * kvm_s2_handle_perm_fault). + * + * Also encode the level of the original translation in the SW bits of the leaf + * entry as a proxy for the span of that translation. This will be retrieved on + * TLB invalidation from the guest and used to limit the invalidation scope if a + * TTL hint or a range isn't provided. + */ +static void adjust_nested_fault_perms(struct kvm_s2_trans *nested, + enum kvm_pgtable_prot *prot, + bool *writable) +{ + *writable &= kvm_s2_trans_writable(nested); + if (!kvm_s2_trans_readable(nested)) + *prot &= ~KVM_PGTABLE_PROT_R; + + *prot |= kvm_encode_nested_level(nested); +} + static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, struct kvm_s2_trans *nested, struct kvm_memory_slot *memslot, unsigned long hva, bool fault_is_perm) { int ret = 0; - bool write_fault, writable, force_pte = false; + bool topup_memcache; + bool write_fault, writable; bool exec_fault, mte_allowed; bool device = false, vfio_allow_any_uc = false; unsigned long mmu_seq; @@ -1488,6 +1531,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, gfn_t gfn; kvm_pfn_t pfn; bool logging_active = memslot_is_logging(memslot); + bool force_pte = logging_active; long vma_pagesize, fault_granule; enum kvm_pgtable_prot prot = KVM_PGTABLE_PROT_R; struct kvm_pgtable *pgt; @@ -1505,28 +1549,16 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, return -EFAULT; } - if (!is_protected_kvm_enabled()) - memcache = &vcpu->arch.mmu_page_cache; - else - memcache = &vcpu->arch.pkvm_memcache; - /* * Permission faults just need to update the existing leaf entry, * and so normally don't require allocations from the memcache. The * only exception to this is when dirty logging is enabled at runtime * and a write fault needs to collapse a block entry into a table. */ - if (!fault_is_perm || (logging_active && write_fault)) { - int min_pages = kvm_mmu_cache_min_pages(vcpu->arch.hw_mmu); - - if (!is_protected_kvm_enabled()) - ret = kvm_mmu_topup_memory_cache(memcache, min_pages); - else - ret = topup_hyp_memcache(memcache, min_pages); - - if (ret) - return ret; - } + topup_memcache = !fault_is_perm || (logging_active && write_fault); + ret = prepare_mmu_memcache(vcpu, topup_memcache, &memcache); + if (ret) + return ret; /* * Let's check if we will get back a huge page backed by hugetlbfs, or @@ -1540,16 +1572,10 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, return -EFAULT; } - /* - * logging_active is guaranteed to never be true for VM_PFNMAP - * memslots. - */ - if (logging_active) { - force_pte = true; + if (force_pte) vma_shift = PAGE_SHIFT; - } else { + else vma_shift = get_vma_page_shift(vma, hva); - } switch (vma_shift) { #ifndef __PAGETABLE_PMD_FOLDED @@ -1601,7 +1627,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, max_map_size = PAGE_SIZE; force_pte = (max_map_size == PAGE_SIZE); - vma_pagesize = min(vma_pagesize, (long)max_map_size); + vma_pagesize = min_t(long, vma_pagesize, max_map_size); } /* @@ -1630,7 +1656,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, * Rely on mmap_read_unlock() for an implicit smp_rmb(), which pairs * with the smp_wmb() in kvm_mmu_invalidate_end(). */ - mmu_seq = vcpu->kvm->mmu_invalidate_seq; + mmu_seq = kvm->mmu_invalidate_seq; mmap_read_unlock(current->mm); pfn = __kvm_faultin_pfn(memslot, gfn, write_fault ? FOLL_WRITE : 0, @@ -1665,24 +1691,8 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, if (exec_fault && device) return -ENOEXEC; - /* - * Potentially reduce shadow S2 permissions to match the guest's own - * S2. For exec faults, we'd only reach this point if the guest - * actually allowed it (see kvm_s2_handle_perm_fault). - * - * Also encode the level of the original translation in the SW bits - * of the leaf entry as a proxy for the span of that translation. - * This will be retrieved on TLB invalidation from the guest and - * used to limit the invalidation scope if a TTL hint or a range - * isn't provided. - */ - if (nested) { - writable &= kvm_s2_trans_writable(nested); - if (!kvm_s2_trans_readable(nested)) - prot &= ~KVM_PGTABLE_PROT_R; - - prot |= kvm_encode_nested_level(nested); - } + if (nested) + adjust_nested_fault_perms(nested, &prot, &writable); kvm_fault_lock(kvm); pgt = vcpu->arch.hw_mmu->pgt; -- 2.50.0.727.gbf7dc18ff4-goog