Re: [PATCH 1/2] KVM: x86/mmu: Ensure TLBs are flushed when yielding during GFN range zap

From: Ben Gardon
Date: Mon Mar 22 2021 - 17:28:17 EST

Next message: Mathieu Poirier: "Re: [PATCH v4 09/19] coresight: etm4x: Move ETM to prohibited region for disable"
Previous message: Ben Gardon: "Re: [PATCH 2/2] KVM: x86/mmu: Ensure TLBs are flushed when yielding during NX zapping"
In reply to: Sean Christopherson: "[PATCH 1/2] KVM: x86/mmu: Ensure TLBs are flushed when yielding during GFN range zap"
Next in thread: Sean Christopherson: "[PATCH 2/2] KVM: x86/mmu: Ensure TLBs are flushed when yielding during NX zapping"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Mar 19, 2021 at 4:20 PM Sean Christopherson <seanjc@xxxxxxxxxx> wrote:
>
> When flushing a range of GFNs across multiple roots, ensure any pending
> flush from a previous root is honored before yielding while walking the
> tables of the current root.
>
> Note, kvm_tdp_mmu_zap_gfn_range() now intentionally overwrites it local
> "flush" with the result to avoid redundant flushes. zap_gfn_range()
> preserves and return the incoming "flush", unless of course the flush was
> performed prior to yielding and no new flush was triggered.
>
> Fixes: 1af4a96025b3 ("KVM: x86/mmu: Yield in TDU MMU iter even if no SPTES changed")
> Cc: stable@xxxxxxxxxxxxxxx
> Cc: Ben Gardon <bgardon@xxxxxxxxxx>
> Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>

Reviewed-By: Ben Gardon <bgardon@xxxxxxxxxx>

> ---
> arch/x86/kvm/mmu/tdp_mmu.c | 23 ++++++++++++-----------
> 1 file changed, 12 insertions(+), 11 deletions(-)
>
> diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c
> index f0c99fa04ef2..6cf08c3c537f 100644
> --- a/arch/x86/kvm/mmu/tdp_mmu.c
> +++ b/arch/x86/kvm/mmu/tdp_mmu.c
> @@ -86,7 +86,7 @@ static inline struct kvm_mmu_page *tdp_mmu_next_root(struct kvm *kvm,
> list_for_each_entry(_root, &_kvm->arch.tdp_mmu_roots, link)
>
> static bool zap_gfn_range(struct kvm *kvm, struct kvm_mmu_page *root,
> - gfn_t start, gfn_t end, bool can_yield);
> + gfn_t start, gfn_t end, bool can_yield, bool flush);

This function is going to acquire so many arguments. Don't need to do
anything about it here, but this is going to need some kind of cleanup
at some point.
I'll have to add another "shared" type arg for running this function
under the read lock in a series I'm prepping.

>
> void kvm_tdp_mmu_free_root(struct kvm *kvm, struct kvm_mmu_page *root)
> {
> @@ -99,7 +99,7 @@ void kvm_tdp_mmu_free_root(struct kvm *kvm, struct kvm_mmu_page *root)
>
> list_del(&root->link);
>
> - zap_gfn_range(kvm, root, 0, max_gfn, false);
> + zap_gfn_range(kvm, root, 0, max_gfn, false, false);
>
> free_page((unsigned long)root->spt);
> kmem_cache_free(mmu_page_header_cache, root);
> @@ -664,20 +664,21 @@ static inline bool tdp_mmu_iter_cond_resched(struct kvm *kvm,
> * scheduler needs the CPU or there is contention on the MMU lock. If this
> * function cannot yield, it will not release the MMU lock or reschedule and
> * the caller must ensure it does not supply too large a GFN range, or the
> - * operation can cause a soft lockup.
> + * operation can cause a soft lockup. Note, in some use cases a flush may be
> + * required by prior actions. Ensure the pending flush is performed prior to
> + * yielding.
> */
> static bool zap_gfn_range(struct kvm *kvm, struct kvm_mmu_page *root,
> - gfn_t start, gfn_t end, bool can_yield)
> + gfn_t start, gfn_t end, bool can_yield, bool flush)
> {
> struct tdp_iter iter;
> - bool flush_needed = false;
>
> rcu_read_lock();
>
> tdp_root_for_each_pte(iter, root, start, end) {
> if (can_yield &&
> - tdp_mmu_iter_cond_resched(kvm, &iter, flush_needed)) {
> - flush_needed = false;
> + tdp_mmu_iter_cond_resched(kvm, &iter, flush)) {
> + flush = false;
> continue;
> }
>
> @@ -695,11 +696,11 @@ static bool zap_gfn_range(struct kvm *kvm, struct kvm_mmu_page *root,
> continue;
>
> tdp_mmu_set_spte(kvm, &iter, 0);
> - flush_needed = true;
> + flush = true;
> }
>
> rcu_read_unlock();
> - return flush_needed;
> + return flush;
> }
>
> /*
> @@ -714,7 +715,7 @@ bool kvm_tdp_mmu_zap_gfn_range(struct kvm *kvm, gfn_t start, gfn_t end)
> bool flush = false;
>
> for_each_tdp_mmu_root_yield_safe(kvm, root)
> - flush |= zap_gfn_range(kvm, root, start, end, true);
> + flush = zap_gfn_range(kvm, root, start, end, true, flush);
>
> return flush;
> }
> @@ -931,7 +932,7 @@ static int zap_gfn_range_hva_wrapper(struct kvm *kvm,
> struct kvm_mmu_page *root, gfn_t start,
> gfn_t end, unsigned long unused)
> {
> - return zap_gfn_range(kvm, root, start, end, false);
> + return zap_gfn_range(kvm, root, start, end, false, false);
> }
>
> int kvm_tdp_mmu_zap_hva_range(struct kvm *kvm, unsigned long start,
> --
> 2.31.0.rc2.261.g7f71774620-goog
>

Next message: Mathieu Poirier: "Re: [PATCH v4 09/19] coresight: etm4x: Move ETM to prohibited region for disable"
Previous message: Ben Gardon: "Re: [PATCH 2/2] KVM: x86/mmu: Ensure TLBs are flushed when yielding during NX zapping"
In reply to: Sean Christopherson: "[PATCH 1/2] KVM: x86/mmu: Ensure TLBs are flushed when yielding during GFN range zap"
Next in thread: Sean Christopherson: "[PATCH 2/2] KVM: x86/mmu: Ensure TLBs are flushed when yielding during NX zapping"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]