From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B204AC61DB3 for ; Fri, 13 Jan 2023 15:49:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1DBBE8E0003; Fri, 13 Jan 2023 10:49:07 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 1B2CE8E0001; Fri, 13 Jan 2023 10:49:07 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 05F948E0003; Fri, 13 Jan 2023 10:49:07 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id E8AC98E0001 for ; Fri, 13 Jan 2023 10:49:06 -0500 (EST) Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id C3F42120888 for ; Fri, 13 Jan 2023 15:49:06 +0000 (UTC) X-FDA: 80350209492.25.09E43B3 Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com [209.85.216.47]) by imf07.hostedemail.com (Postfix) with ESMTP id 17B284001B for ; Fri, 13 Jan 2023 15:49:04 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=b63RB6SU; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf07.hostedemail.com: domain of seanjc@google.com designates 209.85.216.47 as permitted sender) smtp.mailfrom=seanjc@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1673624945; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=wobIjMJNqTwtr3bYoELqDsKPAwD1PC9Q+itWmni1C6o=; b=oja1dUo+ni5053VvVbMueki1DcNOMZ4VBIHOAaqRQZS+JAVdwU5H9I/2/P8AbD914nTRGY oZL2Zlals4vzv8p0Lu5BHUJ3TJOLRLWzXBy7MsK6B50gZKu7maEjlY38gokD9DKkZ9he9W sMHYsgM2WbkSzA4/AEaZDS9s7bHHHTU= ARC-Authentication-Results: i=1; imf07.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=b63RB6SU; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf07.hostedemail.com: domain of seanjc@google.com designates 209.85.216.47 as permitted sender) smtp.mailfrom=seanjc@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1673624945; a=rsa-sha256; cv=none; b=NHLlVSjdYdmsmdR8XgOwsc9gL08onaaeSAvjUr+WXwx/UOqhtQcQYOx95SJgKY1loiXk2O iRAkKVweHn60fEMYvaK+eAqk5zqh1aYwlqOVmg8J0CON5lr5aOyO5vJRigJ3C+PcKd87Tv l978qjCvFnp/sT7GmcA5Zg2MutdxGiQ= Received: by mail-pj1-f47.google.com with SMTP id w4-20020a17090ac98400b002186f5d7a4cso27458040pjt.0 for ; Fri, 13 Jan 2023 07:49:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=wobIjMJNqTwtr3bYoELqDsKPAwD1PC9Q+itWmni1C6o=; b=b63RB6SUcCzsN6y8LRPVghJm6iLrFxEo37MywBuf7UMlj+FVwXhZZe4YLNQobeby9f 5Y7aa0MQGskyI2wvFHZz+jDqS363pC0Dz1i7oI/i6JDA6Xndz8H2Uyj6ctnHzV51E6/E w792bLZupviwtara97i1v6aHHvJ6p1tQzOr0T7doUpDitcCzKuM5r010rVTnPFIm3Bog RLbnXBcBp5mJBlujcwZJ1eZjCw7yBPrDxzjHsG8vRZXjN1VQLLh9sN8DhDoY0Ki7pAkB 2wQNZMUUctFpcWq/t8PpsJAki9xOcJ8zX1OD7H8Ltkbbcch0m4LNTv2NTDyZ6IZqe46O RhDQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=wobIjMJNqTwtr3bYoELqDsKPAwD1PC9Q+itWmni1C6o=; b=ujJoScnVcOrnHekRy1zav+wqogJO2c6P4KEm0HX/ua/Nw3jxJLmkrLZQQv2v4EANT6 ak6z+J3HtbJxnhLL+hX7VkDLIL4cPy/KH12MnGr8XCbjVLnONLD/BCFDJdYKknt+kJbp g3fIvTJDbj3Zg9+HdVVtcOfSnX7p9PiqoDloRLHxFhU51h5iRvt78R5qF7GmwwhclCZ7 hXWX56jmg6dPIvFs7mxJ6pTxurXrpv/pdslXIHH19ENlavrq9wnseXnQ/IdWBZZaH3wl 5oYicojoSsQ48nKGZ0b4N1teVgGh/2W9nIxIsuJ3YzZABTPXoRp8JkVc2PuoptxmEdu2 yClg== X-Gm-Message-State: AFqh2krb7QQGnbqWnr/2QpZ+D59cJAkuuqBtRp98czn9jqPk0CGnPYqC 6MqHQTH+InLq6JiHw6l4VB/k6Q== X-Google-Smtp-Source: AMrXdXsEAKrdgDrfSletqAhmR5qRLbIJ5zZEClWrVw8g6qy+aLPjc/GLLtqeuK1KgkeyLfP8BgaTBA== X-Received: by 2002:a17:90a:fd12:b0:226:5758:a57f with SMTP id cv18-20020a17090afd1200b002265758a57fmr1478484pjb.2.1673624943743; Fri, 13 Jan 2023 07:49:03 -0800 (PST) Received: from google.com (7.104.168.34.bc.googleusercontent.com. [34.168.104.7]) by smtp.gmail.com with ESMTPSA id nv7-20020a17090b1b4700b00212cf2fe8c3sm2732462pjb.1.2023.01.13.07.49.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Jan 2023 07:49:03 -0800 (PST) Date: Fri, 13 Jan 2023 15:48:59 +0000 From: Sean Christopherson To: Borislav Petkov Cc: Michael Roth , kvm@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de, thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, pbonzini@redhat.com, vkuznets@redhat.com, wanpengli@tencent.com, jmattson@google.com, luto@kernel.org, dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com, peterz@infradead.org, srinivas.pandruvada@linux.intel.com, rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com, tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, alpergun@google.com, dgilbert@redhat.com, jarkko@kernel.org, ashish.kalra@amd.com, harald@profian.com Subject: Re: [PATCH RFC v7 04/64] KVM: x86: Add 'fault_is_private' x86 op Message-ID: References: <20221214194056.161492-1-michael.roth@amd.com> <20221214194056.161492-5-michael.roth@amd.com> <20230105024256.ptujtjgzcdmpakoa@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 17B284001B X-Rspamd-Server: rspam09 X-Rspam-User: X-Stat-Signature: n9o75pk7rntbb1i4jyqtncpgm476rsbk X-HE-Tag: 1673624944-807000 X-HE-Meta: U2FsdGVkX18y2+EmcZhf9cDGYDyKw3zErvOwrk6OGbB3nWncGnaCgO2wveVHxkSfsOrhpOihw/Kf+fUbmOHuj9OXJzC6EBxRWLDdLTG7Cjd92lfTPEGszCdOnTM+vrR4y7vFsQeotWCTzIERIVIc9ER6SU36yuJTcDZV7huAGyJfHm3FaBxV85SErIXggoT/DP8agkrD2oquu9bpSf9i8SehzHAx7ksut1q1IDEQVo2Ovhytb++akxH8Hs8uFM0a8Czgq301pTFHcs14QRgFHO93IKEM42wv1KjeHvhACR/eAA/wiAeNED+pIdrS+PoUj7TU7R5bE36aZVliPNvFtqgbcQy+MnS74nOcqtpxlRlC18GMoCl1lOWcFk9jTWcstKhdThFJufq3HLUbBhsqvXMZ8eC3x7CfNK9zPLBp8cVhi9KlwvmPzhqTBTdZYrbndwzqbI9ev5w1Pj1a3VmnCXGwnU2daDv5b1QxHqq1BrISRsbSkknpGXa8C9+FdtZtuPeF4iSOXMI8qQc0gfMC9ciWuKSMRVnBPeo75CsEuZkA5HqfZUnCT6+ouXle+JlumPAdLdiRSpr9u+qggcJuqe8E/aGs7gc7x8AATsQK/MSwaK4DlrxFS/E3THWkChYhY5Y3IuqTz4tPugmwQrellY3BN+C+u9IyFaSblF9nG3HGpy0UC+V5gMrtFjfWypTi0O/MzNh8nq8xpp+MgjOwjL9PCwrXUT7r1kOr97RPFE2zwNYxkUZd0+4CN4hjRiPQbw2mWzXns/eFX8pBVjbGwb7FPdCcWfhPM+gynEPKbdjXgTDluG5FfNvERS8NOAZAvSAoSX1vuZPBM1BQjBkgnWtE6QO6Qkj1kBnte1/E4HVU7bsIBvZM8cVeKe5KQ2cEjkcNfZNPlZXEzY4/wJPavEW20nhMAGiYFtv6msK2D/uCuwP2mX93vCwYMpH7LUDjB96QD1xIAKU4SHxq3r8 otsAmgRz 2GfpzwvY8c8O9lbNc02/KrqsZ3sJ2wvi8dlRXPhrhJcgXPlPjEKfG8nfkW4vF/k480qYxzZfCj/vV/tBdhO6m9D5rHEVmYyJaR0sjhBIC/04AcpDQIYG/X67uQK0f115d0TmXRHaA8j17vdk= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Jan 13, 2023, Borislav Petkov wrote: > On Wed, Jan 04, 2023 at 08:42:56PM -0600, Michael Roth wrote: > > Obviously I need to add some proper documentation for this, but a 1 > > return basically means 'private_fault' pass-by-ref arg has been set > > with the appropriate value, whereas 0 means "there's no platform-specific > > handling for this, so if you have some generic way to determine this > > then use that instead". > > Still binary, tho, and can be bool, right? > > I.e., you can just as well do: > > if (static_call(kvm_x86_fault_is_private)(kvm, gpa, err, &private_fault)) > goto out; > > at the call site. Ya. Don't spend too much time trying to make this look super pretty though, there are subtle bugs inherited from the base UPM series that need to be sorted out and will impact this code. E.g. invoking kvm_mem_is_private() outside of the protection of mmu_invalidate_seq means changes to the attributes may not be reflected in the page tables. I'm also hoping we can avoid a callback entirely, though that may prove to be more pain than gain. I'm poking at the UPM and testing series right now, will circle back to this and TDX in a few weeks to see if there's a sane way to communicate shared vs. private without having to resort to a callback, and without having races between page faults, KVM_SET_MEMORY_ATTRIBUTES, and KVM_SET_USER_MEMORY_REGION2. > > This is mainly to handle CONFIG_HAVE_KVM_PRIVATE_MEM_TESTING, which > > just parrots whatever kvm_mem_is_private() returns to support running > > KVM selftests without needed hardware/platform support. If we don't > > take care to skip this check where the above fault_is_private() hook > > returns 1, then it ends up breaking SNP in cases where the kernel has > > been compiled with CONFIG_HAVE_KVM_PRIVATE_MEM_TESTING, since SNP > > relies on the page fault flags to make this determination, not > > kvm_mem_is_private(), which normally only tracks the memory attributes > > set by userspace via KVM_SET_MEMORY_ATTRIBUTES ioctl. > > Some of that explanation belongs into the commit message, which is a bit > lacking... I'll circle back to this too when I give this series (and TDX) a proper look, there's got too be a better way to handle this.