Re: [PATCH 1/2] KVM: x86/mmu: Don't check old SPTE permissions when trying to unsync

Next message: Jason Andryuk: "[PATCH] hvc/xen: Check console connection flag"
Previous message: Shawn Jin: "Re: [BUG] PCIe bridge resource allocation creates invalid limit addresses after Secondary Bus Reset recovery"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sean Christopherson

Date: Thu Mar 12 2026 - 13:40:34 EST

On Fri, Jan 23, 2026, Lai Jiangshan wrote:
> From: Lai Jiangshan <jiangshan.ljs@xxxxxxxxxxxx>
>
> Commit ecc5589f19a5 ("KVM: MMU: optimize set_spte for page sync") added
> a writable permission check on the old SPTE to avoid unnecessary calls
> to mmu_try_to_unsync_pages() when syncing SPTEs.
>
> Later, commit e6722d9211b2 ("KVM: x86/mmu: Reduce the update to the spte
> in FNAME(sync_spte)") indirectly achieves it by avoiding some SPTE
> updates altogether, which makes the writable permission check in
> make_spte() much less useful.
>
> Remove the old-SPTE writable permission check from make_spte() to
> simplify the code.
>
> This may cause mmu_try_to_unsync_pages() to be called in a few
> additional cases not covered by commit e6722d9211b2, such as when the
> guest toggles the execute bit, which is expected to be rare.

Hmm, but it would also apply to spurious faults. The TDP MMU largely guards
against that behavior thanks to commit 386d69f9f29b ("KVM: x86/mmu: Treat TDP MMU
faults as spurious if access is already allowed"), but the shadow MMU does not.

Booting a 24 vCPU VM with shadowing paging gets ~3000 hits on the optimizations,
which isn't a ton, but it's definitely not 0 either. And while I'm generally all
about simplifying code, I'm also generally very hesitant to tweak shadow paging
optimizations without strong evidence for doing so.

Is there an ulterior motive to this change, e.g. does it allow for additional
cleanups, or is simplifying the code the main goal?