[PATCH v9 07/11] KVM: x86/mmu: Only check gfn age in shadow MMU if indirect_shadow_pages > 0
From: James Houghton
Date: Mon Feb 03 2025 - 19:43:21 EST
When aging SPTEs and the TDP MMU is enabled, process the shadow MMU if and
only if the VM has at least one shadow page, as opposed to checking if the
VM has rmaps. Checking for rmaps will effectively yield a false positive
if the VM ran nested TDP VMs in the past, but is not currently doing so.
Signed-off-by: James Houghton <jthoughton@xxxxxxxxxx>
Acked-by: Yu Zhao <yuzhao@xxxxxxxxxx>
---
arch/x86/kvm/mmu/mmu.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index 4a9de4b330d7..f75779d8d6fd 100644
--- a/arch/x86/kvm/mmu/mmu.c
+++ b/arch/x86/kvm/mmu/mmu.c
@@ -1588,6 +1588,11 @@ static bool kvm_rmap_age_gfn_range(struct kvm *kvm,
return young;
}
+static bool kvm_may_have_shadow_mmu_sptes(struct kvm *kvm)
+{
+ return !tdp_mmu_enabled || READ_ONCE(kvm->arch.indirect_shadow_pages);
+}
+
bool kvm_age_gfn(struct kvm *kvm, struct kvm_gfn_range *range)
{
bool young = false;
@@ -1595,7 +1600,7 @@ bool kvm_age_gfn(struct kvm *kvm, struct kvm_gfn_range *range)
if (tdp_mmu_enabled)
young = kvm_tdp_mmu_age_gfn_range(kvm, range);
- if (kvm_memslots_have_rmaps(kvm)) {
+ if (kvm_may_have_shadow_mmu_sptes(kvm)) {
write_lock(&kvm->mmu_lock);
young |= kvm_rmap_age_gfn_range(kvm, range, false);
write_unlock(&kvm->mmu_lock);
@@ -1611,7 +1616,7 @@ bool kvm_test_age_gfn(struct kvm *kvm, struct kvm_gfn_range *range)
if (tdp_mmu_enabled)
young = kvm_tdp_mmu_test_age_gfn(kvm, range);
- if (!young && kvm_memslots_have_rmaps(kvm)) {
+ if (!young && kvm_may_have_shadow_mmu_sptes(kvm)) {
write_lock(&kvm->mmu_lock);
young |= kvm_rmap_age_gfn_range(kvm, range, true);
write_unlock(&kvm->mmu_lock);
--
2.48.1.362.g079036d154-goog