[RFC PATCH 00/13] Optimize nSVM TLB flushes

From: Yosry Ahmed
Date: Wed Feb 05 2025 - 13:25:02 EST

Next message: Yosry Ahmed: "[RFC PATCH 03/13] KVM: nSVM: Split nested_svm_transition_tlb_flush() into entry/exit fns"
Previous message: Yosry Ahmed: "[RFC PATCH 02/13] KVM: nSVM: Rework svm_flush_tlb_asid() to operate on a given VMCB"
Next in thread: Yosry Ahmed: "[RFC PATCH 01/13] KVM: nSVM: Track the ASID per-VMCB"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Currently KVM does a TLB flush and an MMU sync on every nested
transition (L1 <-> L2), because it uses the same ASID to run both L1 and
L2.

This series addresses that by giving a separate ASID to L2, adding the
necessary TLB management for it, and properly virtualizing TLB flushes
for L1.

Patch 1 introduces a separate ASID for L2, althoug not properly handled
yet, so it keeps the unconditional flushes.

Patches 2 to 6 are some refactoring and groundwork.

Patches 7 to 12 add the actual TLB management for nSVM, some of which
are items on the TODO list in nested_svm_transition_tlb_flush().

Patch 13 finally stops the unconditional flushes on every nested
transition.

I tested this by booting an L2 and running some basic workloads,
including a CPUID microbenchmark to measure the performance improvement
(numbers in the last patch). I sent the RFC to get feedback on the
general approach, and meanwhile I will try to run more tests that could
exercise TLB flushing.

Yosry Ahmed (13):
KVM: nSVM: Track the ASID per-VMCB
KVM: nSVM: Rework svm_flush_tlb_asid() to operate on a given VMCB
KVM: nSVM: Split nested_svm_transition_tlb_flush() into entry/exit fns
KVM: SVM: Introduce helpers for updating TLB_CONTROL
KVM: x86/mmu: rename __kvm_mmu_invalidate_addr()
KVM: x86/mmu: Allow skipping the gva flush in
kvm_mmu_invalidate_addr()
KVM: nSVM: Handle INVLPGA interception correctly
KVM: nSVM: Flush both L1 and L2 ASIDs on KVM_REQ_TLB_FLUSH
KVM: nSVM: Handle nested TLB flush requests through TLB_CONTROL
KVM: nSVM: Flush the TLB if L1 changes L2's ASID
KVM: nSVM: Do not reset TLB_CONTROL in VMCB02 on nested entry
KVM: nSVM: Service local TLB flushes before nested transitions
KVM: nSVM: Stop bombing the TLB on nested transitions

arch/x86/include/asm/kvm_host.h | 2 +
arch/x86/include/asm/svm.h | 6 ---
arch/x86/kvm/mmu/mmu.c | 22 +++++---
arch/x86/kvm/svm/nested.c | 64 +++++++++++++++-------
arch/x86/kvm/svm/sev.c | 4 +-
arch/x86/kvm/svm/svm.c | 95 ++++++++++++++++++++++++++-------
arch/x86/kvm/svm/svm.h | 33 +++++++++++-
7 files changed, 170 insertions(+), 56 deletions(-)

--
2.48.1.362.g079036d154-goog

Next message: Yosry Ahmed: "[RFC PATCH 03/13] KVM: nSVM: Split nested_svm_transition_tlb_flush() into entry/exit fns"
Previous message: Yosry Ahmed: "[RFC PATCH 02/13] KVM: nSVM: Rework svm_flush_tlb_asid() to operate on a given VMCB"
Next in thread: Yosry Ahmed: "[RFC PATCH 01/13] KVM: nSVM: Track the ASID per-VMCB"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]