From: Kai Huang <kai.huang@linux.intel.com>
To: Xiao Guangrong <guangrong.xiao@linux.intel.com>, pbonzini@redhat.com
Cc: gleb@kernel.org, mtosatti@redhat.com, kvm@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 08/11] KVM: MMU: use page track for non-leaf shadow pages
Date: Tue, 15 Dec 2015 15:52:24 +0800 [thread overview]
Message-ID: <566FC6B8.9010008@linux.intel.com> (raw)
In-Reply-To: <1448907973-36066-9-git-send-email-guangrong.xiao@linux.intel.com>
On 12/01/2015 02:26 AM, Xiao Guangrong wrote:
> non-leaf shadow pages are always write protected, it can be the user
> of page track
>
> Signed-off-by: Xiao Guangrong <guangrong.xiao@linux.intel.com>
> ---
> arch/x86/include/asm/kvm_page_track.h | 8 +++++
> arch/x86/kvm/mmu.c | 26 +++++++++++++---
> arch/x86/kvm/page_track.c | 58 +++++++++++++++++++++++------------
> 3 files changed, 67 insertions(+), 25 deletions(-)
>
> diff --git a/arch/x86/include/asm/kvm_page_track.h b/arch/x86/include/asm/kvm_page_track.h
> index 6744234..3447dac 100644
> --- a/arch/x86/include/asm/kvm_page_track.h
> +++ b/arch/x86/include/asm/kvm_page_track.h
> @@ -41,8 +41,16 @@ int kvm_page_track_create_memslot(struct kvm_memory_slot *slot,
> void kvm_page_track_free_memslot(struct kvm_memory_slot *free,
> struct kvm_memory_slot *dont);
>
> +void
> +kvm_slot_page_track_add_page_nolock(struct kvm *kvm,
> + struct kvm_memory_slot *slot, gfn_t gfn,
> + enum kvm_page_track_mode mode);
> void kvm_page_track_add_page(struct kvm *kvm, gfn_t gfn,
> enum kvm_page_track_mode mode);
> +void kvm_slot_page_track_remove_page_nolock(struct kvm *kvm,
> + struct kvm_memory_slot *slot,
> + gfn_t gfn,
> + enum kvm_page_track_mode mode);
> void kvm_page_track_remove_page(struct kvm *kvm, gfn_t gfn,
> enum kvm_page_track_mode mode);
> bool kvm_page_track_check_mode(struct kvm_vcpu *vcpu, gfn_t gfn,
> diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
> index b23f9fc..5a2ca73 100644
> --- a/arch/x86/kvm/mmu.c
> +++ b/arch/x86/kvm/mmu.c
> @@ -806,11 +806,17 @@ static void account_shadowed(struct kvm *kvm, struct kvm_mmu_page *sp)
> struct kvm_memory_slot *slot;
> gfn_t gfn;
>
> + kvm->arch.indirect_shadow_pages++;
> gfn = sp->gfn;
> slots = kvm_memslots_for_spte_role(kvm, sp->role);
> slot = __gfn_to_memslot(slots, gfn);
> +
> + /* the non-leaf shadow pages are keeping readonly. */
> + if (sp->role.level > PT_PAGE_TABLE_LEVEL)
> + return kvm_slot_page_track_add_page_nolock(kvm, slot, gfn,
> + KVM_PAGE_TRACK_WRITE);
> +
> kvm_mmu_gfn_disallow_lpage(slot, gfn);
> - kvm->arch.indirect_shadow_pages++;
> }
>
> static void unaccount_shadowed(struct kvm *kvm, struct kvm_mmu_page *sp)
> @@ -819,11 +825,15 @@ static void unaccount_shadowed(struct kvm *kvm, struct kvm_mmu_page *sp)
> struct kvm_memory_slot *slot;
> gfn_t gfn;
>
> + kvm->arch.indirect_shadow_pages--;
> gfn = sp->gfn;
> slots = kvm_memslots_for_spte_role(kvm, sp->role);
> slot = __gfn_to_memslot(slots, gfn);
> + if (sp->role.level > PT_PAGE_TABLE_LEVEL)
> + return kvm_slot_page_track_remove_page_nolock(kvm, slot, gfn,
> + KVM_PAGE_TRACK_WRITE);
> +
> kvm_mmu_gfn_allow_lpage(slot, gfn);
> - kvm->arch.indirect_shadow_pages--;
> }
>
> static bool __mmu_gfn_lpage_is_disallowed(gfn_t gfn, int level,
> @@ -2140,12 +2150,18 @@ static struct kvm_mmu_page *kvm_mmu_get_page(struct kvm_vcpu *vcpu,
> hlist_add_head(&sp->hash_link,
> &vcpu->kvm->arch.mmu_page_hash[kvm_page_table_hashfn(gfn)]);
> if (!direct) {
> - if (rmap_write_protect(vcpu, gfn))
> + /*
> + * we should do write protection before syncing pages
> + * otherwise the content of the synced shadow page may
> + * be inconsistent with guest page table.
> + */
> + account_shadowed(vcpu->kvm, sp);
> +
> + if (level == PT_PAGE_TABLE_LEVEL &&
> + rmap_write_protect(vcpu, gfn))
> kvm_flush_remote_tlbs(vcpu->kvm);
I think your modification is good but I am little bit confused here. In
account_shadowed, if sp->role.level > PT_PAGE_TABLE_LEVEL, the sp->gfn
is write protected, and this is reasonable. So why write protecting the
gfn of PT_PAGE_TABLE_LEVEL here?
> if (level > PT_PAGE_TABLE_LEVEL && need_sync)
> kvm_sync_pages(vcpu, gfn);
> -
> - account_shadowed(vcpu->kvm, sp);
> }
> sp->mmu_valid_gen = vcpu->kvm->arch.mmu_valid_gen;
> init_shadow_page_table(sp);
> diff --git a/arch/x86/kvm/page_track.c b/arch/x86/kvm/page_track.c
> index 84420df..87554d3 100644
> --- a/arch/x86/kvm/page_track.c
> +++ b/arch/x86/kvm/page_track.c
> @@ -77,6 +77,26 @@ static void update_gfn_track(struct kvm_memory_slot *slot, gfn_t gfn,
> WARN_ON(val < 0);
> }
>
> +void
> +kvm_slot_page_track_add_page_nolock(struct kvm *kvm,
> + struct kvm_memory_slot *slot, gfn_t gfn,
> + enum kvm_page_track_mode mode)
> +{
> + WARN_ON(!check_mode(mode));
> +
> + update_gfn_track(slot, gfn, mode, 1);
> +
> + /*
> + * new track stops large page mapping for the
> + * tracked page.
> + */
> + kvm_mmu_gfn_disallow_lpage(slot, gfn);
> +
> + if (mode == KVM_PAGE_TRACK_WRITE)
> + if (kvm_mmu_slot_gfn_write_protect(kvm, slot, gfn))
> + kvm_flush_remote_tlbs(kvm);
> +}
> +
> /*
> * add guest page to the tracking pool so that corresponding access on that
> * page will be intercepted.
> @@ -101,21 +121,27 @@ void kvm_page_track_add_page(struct kvm *kvm, gfn_t gfn,
> slot = __gfn_to_memslot(slots, gfn);
>
> spin_lock(&kvm->mmu_lock);
> - update_gfn_track(slot, gfn, mode, 1);
> -
> - /*
> - * new track stops large page mapping for the
> - * tracked page.
> - */
> - kvm_mmu_gfn_disallow_lpage(slot, gfn);
> -
> - if (mode == KVM_PAGE_TRACK_WRITE)
> - if (kvm_mmu_slot_gfn_write_protect(kvm, slot, gfn))
> - kvm_flush_remote_tlbs(kvm);
> + kvm_slot_page_track_add_page_nolock(kvm, slot, gfn, mode);
> spin_unlock(&kvm->mmu_lock);
> }
> }
>
> +void kvm_slot_page_track_remove_page_nolock(struct kvm *kvm,
> + struct kvm_memory_slot *slot,
> + gfn_t gfn,
> + enum kvm_page_track_mode mode)
> +{
> + WARN_ON(!check_mode(mode));
> +
> + update_gfn_track(slot, gfn, mode, -1);
> +
> + /*
> + * allow large page mapping for the tracked page
> + * after the tracker is gone.
> + */
> + kvm_mmu_gfn_allow_lpage(slot, gfn);
> +}
> +
> /*
> * remove the guest page from the tracking pool which stops the interception
> * of corresponding access on that page. It is the opposed operation of
> @@ -134,20 +160,12 @@ void kvm_page_track_remove_page(struct kvm *kvm, gfn_t gfn,
> struct kvm_memory_slot *slot;
> int i;
>
> - WARN_ON(!check_mode(mode));
> -
> for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++) {
> slots = __kvm_memslots(kvm, i);
> slot = __gfn_to_memslot(slots, gfn);
>
> spin_lock(&kvm->mmu_lock);
> - update_gfn_track(slot, gfn, mode, -1);
> -
> - /*
> - * allow large page mapping for the tracked page
> - * after the tracker is gone.
> - */
> - kvm_mmu_gfn_allow_lpage(slot, gfn);
> + kvm_slot_page_track_remove_page_nolock(kvm, slot, gfn, mode);
Looks you need to merge this part with patch 1, as you are modifying
kvm_page_track_{add,remove}_page here, which are introduced in your patch 1.
Thanks,
-Kai
> spin_unlock(&kvm->mmu_lock);
> }
> }
next prev parent reply other threads:[~2015-12-15 7:56 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-30 18:26 [PATCH 00/11] KVM: x86: track guest page access Xiao Guangrong
2015-11-30 18:26 ` [PATCH 01/11] KVM: MMU: rename has_wrprotected_page to mmu_gfn_lpage_is_disallowed Xiao Guangrong
2015-11-30 18:26 ` [PATCH 02/11] KVM: MMU: introduce kvm_mmu_gfn_{allow,disallow}_lpage Xiao Guangrong
2015-11-30 18:26 ` [PATCH 03/11] KVM: MMU: introduce kvm_mmu_slot_gfn_write_protect Xiao Guangrong
2015-11-30 18:26 ` [PATCH 04/11] KVM: page track: add the framework of guest page tracking Xiao Guangrong
2015-12-15 7:06 ` Kai Huang
2015-12-15 8:46 ` Xiao Guangrong
2015-12-16 7:33 ` Kai Huang
2015-11-30 18:26 ` [PATCH 05/11] KVM: page track: introduce kvm_page_track_{add,remove}_page Xiao Guangrong
2015-12-15 7:15 ` Kai Huang
2015-12-15 7:56 ` Kai Huang
2015-11-30 18:26 ` [PATCH 06/11] KVM: MMU: let page fault handler be aware tracked page Xiao Guangrong
2015-12-15 8:11 ` Kai Huang
2015-12-15 9:03 ` Xiao Guangrong
2015-12-16 7:31 ` Kai Huang
2015-12-16 8:23 ` Xiao Guangrong
2015-11-30 18:26 ` [PATCH 07/11] KVM: page track: add notifier support Xiao Guangrong
2015-12-16 5:53 ` Jike Song
2015-12-16 6:26 ` Xiao Guangrong
2015-11-30 18:26 ` [PATCH 08/11] KVM: MMU: use page track for non-leaf shadow pages Xiao Guangrong
2015-12-15 7:52 ` Kai Huang [this message]
2015-12-15 7:59 ` Kai Huang
2015-12-15 9:10 ` Xiao Guangrong
2015-12-16 7:51 ` Kai Huang
2015-12-16 8:39 ` Xiao Guangrong
2015-12-17 2:44 ` Kai Huang
2015-12-17 4:07 ` Xiao Guangrong
2015-11-30 18:26 ` [PATCH 09/11] KVM: MMU: simplify mmu_need_write_protect Xiao Guangrong
2015-12-15 8:43 ` Kai Huang
2015-12-15 8:47 ` Kai Huang
2015-12-15 9:26 ` Xiao Guangrong
2015-12-15 9:25 ` Xiao Guangrong
2015-12-16 8:05 ` Kai Huang
2015-12-16 8:48 ` Xiao Guangrong
2015-12-17 2:51 ` Kai Huang
2015-11-30 18:26 ` [PATCH 10/11] KVM: MMU: clear write-flooding on the fast path of tracked page Xiao Guangrong
2015-11-30 18:26 ` [PATCH 11/11] KVM: MMU: apply page track notifier Xiao Guangrong
2015-12-01 10:17 ` [PATCH 00/11] KVM: x86: track guest page access Paolo Bonzini
2015-12-01 15:02 ` Andrea Arcangeli
2015-12-01 15:08 ` Paolo Bonzini
2015-12-01 17:00 ` Xiao Guangrong
2015-12-05 16:56 ` Xiao Guangrong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=566FC6B8.9010008@linux.intel.com \
--to=kai.huang@linux.intel.com \
--cc=gleb@kernel.org \
--cc=guangrong.xiao@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).