Re: [PATCH v1 2/9] KVM: x86/mmu: Add support for prewrite page tracking

From: Madhavan T. Venkataraman
Date: Wed May 24 2023 - 16:53:27 EST

Next message: Konrad Dybcio: "Re: [PATCH v2 2/4] soc: qcom: smem: introduce qcom_smem_get_msm_id()"
Previous message: Namhyung Kim: "[PATCH v2 2/2] perf annotate: Remove x86 instructions with suffix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/5/23 12:31, Sean Christopherson wrote:
> On Fri, May 05, 2023, Mickaï¿½l Salaï¿½n wrote:
>>
>> On 05/05/2023 18:28, Sean Christopherson wrote:
>>> I have no doubt that we'll need to solve performance and scaling issues with the
>>> memory attributes implementation, e.g. to utilize xarray multi-range support
>>> instead of storing information on a per-4KiB-page basis, but AFAICT, the core
>>> idea is sound. And a very big positive from a maintenance perspective is that
>>> any optimizations, fixes, etc. for one use case (CoCo vs. hardening) should also
>>> benefit the other use case.
>>>
>>> [1] https://lore.kernel.org/all/20230311002258.852397-22-seanjc@xxxxxxxxxx
>>> [2] https://lore.kernel.org/all/Y2WB48kD0J4VGynX@xxxxxxxxxx
>>> [3] https://lore.kernel.org/all/Y1a1i9vbJ%2FpVmV9r@xxxxxxxxxx
>>
>> I agree, I used this mechanism because it was easier at first to rely on a
>> previous work, but while I was working on the MBEC support, I realized that
>> it's not the optimal way to do it.
>>
>> I was thinking about using a new special EPT bit similar to
>> EPT_SPTE_HOST_WRITABLE, but it may not be portable though. What do you
>> think?
>
> On x86, SPTEs are even more ephemeral than memslots. E.g. for historical reasons,
> KVM zaps all SPTEs if _any_ memslot is deleted, which is problematic if the guest
> is moving around BARs, using option ROMs, etc.
>
> ARM's pKVM tracks metadata in its stage-2 PTEs, i.e. doesn't need an xarray to
> otrack attributes, but that works only because pKVM is more privileged than the
> host kernel, and the shared vs. private memory attribute that pKVM cares about
> is very, very restricted in how it can be used and changed.
>
> I tried shoehorning private vs. shared metadata into x86's SPTEs in the past, and
> it ended up being a constant battle with the kernel, e.g. page migration, and with
> KVM itself, e.g. the above memslot mess.

Sorry for the delay in responding to this. I wanted to study the KVM code and fully
understand your comment before responding.

Yes, I quite agree with you. I will make an attempt to address this in the next version.
I am working on it right now.

Thanks.

Madhavan

Next message: Konrad Dybcio: "Re: [PATCH v2 2/4] soc: qcom: smem: introduce qcom_smem_get_msm_id()"
Previous message: Namhyung Kim: "[PATCH v2 2/2] perf annotate: Remove x86 instructions with suffix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]