[PATCH v2 00/19] KVM: apply chainsaw to struct kvm_mmu
From: Paolo Bonzini
Date: Wed Jun 24 2026 - 17:31:17 EST
The kvm_mmu is a "god data structure" that includes three different
tasks: describing the guest page table's format, walking the guest
page tables and building the page tables. This means that the
(already poorly named) nested_mmu is only used in part, since it
has no page tables to construct.
Furthermore, some parts are reused across guest and host page
tables (such as the reserved bits detector) but others are not;
for example permission_fault is replaced by simplified code such as
is_executable_pte().
This series cleans this up by splitting kvm_mmu in three parts:
- kvm_pagewalk is the page table walker. There are two of them
per vCPU, gva_walk and ngpa_walk. walk_mmu is *always* replaced
by a single gva_walk no matter if running an L1 or L2 guest,
unlike in the current code that moves it between root_mmu and
nested_mmu.
- kvm_mmu retains the page table building functionality. It uses
a page table walker to build shadow pages; that is always gva_walk
for root_mmu or ngpa_walk for guest_mmu.
- kvm_page_format allows KVM to operate on PTEs that already exist,
and merges the code around permission_mask() with the pre-existing
struct rsvd_bits_validate. Both kvm_pagewalk and kvm_mmu have their
own kvm_page_format, just like struct kvm_mmu had two instances of
struct rsvd_bits_validate for gPTE and SPTE reserved bit checks.
The cleanup alone already does something useful, which is to reduce
the confusion between guest_mmu and nested_mmu. nested_mmu came to
exist long before the introduction of guest_mmu and stole the obvious
name, resulting in comments like "Exempt nested MMUs" where the code
actually exempts guest_mmu. Renaming guest_mmu could be the next
step, though the RFC had multiple opinions about how to do this.
However, the last patch also shows the code reuse benefits can be used
for new features too. By adapting the permission_fault() machinery and
using it to test SPTEs against struct kvm_page_fault, it makes it possible
to support SPTEs that have XS!=XU; these were not supported yet by KVM,
but could now be added via memory attributes.
Paolo
v1->v2:
- remove merged patches
- mask pfec in spte_permission_fault()
- swap patches 13 and 14 (18 and 19 in v1) to fix bisectability
Paolo Bonzini (19):
KVM: x86/hyperv: remove unnecessary mmu_is_nested() check
KVM: x86/mmu: introduce struct kvm_pagewalk
KVM: x86/mmu: move get_guest_pgd to struct kvm_pagewalk
KVM: x86/mmu: move gva_to_gpa to struct kvm_pagewalk
KVM: x86/mmu: move get_pdptr to struct kvm_pagewalk
KVM: x86/mmu: move inject_page_fault to struct kvm_pagewalk
KVM: x86/mmu: move CPU-related fields to struct kvm_pagewalk
KVM: x86/mmu: change CPU-role accessor fields to take struct
kvm_pagewalk
KVM: x86/mmu: move remaining permission fields to struct kvm_pagewalk
KVM: x86/mmu: pass struct kvm_pagewalk to kvm_mmu_invalidate_addr
KVM: x86/mmu: change walk_mmu to struct kvm_pagewalk
KVM: x86/mmu: change nested_mmu.w to ngva_walk
KVM: x86/mmu: pull struct kvm_pagewalk out of struct kvm_mmu
KVM: x86/mmu: unify root_gva_walk and ngva_walk
KVM: x86/mmu: cleanup functions that initialize shadow MMU
KVM: x86/mmu: pull page format to a new struct
KVM: x86/mmu: merge struct rsvd_bits_validate into struct
kvm_page_format
KVM: x86/mmu: parameterize update_permission_bitmask()
KVM: x86/mmu: use kvm_page_format to test SPTEs
arch/x86/include/asm/kvm_host.h | 70 +++---
arch/x86/kvm/hyperv.c | 7 +-
arch/x86/kvm/mmu.h | 33 +--
arch/x86/kvm/mmu/mmu.c | 411 +++++++++++++++-----------------
arch/x86/kvm/mmu/paging_tmpl.h | 88 +++----
arch/x86/kvm/mmu/spte.c | 4 +-
arch/x86/kvm/mmu/spte.h | 69 +++---
arch/x86/kvm/mmu/tdp_mmu.c | 3 +-
arch/x86/kvm/regs.c | 7 +-
arch/x86/kvm/svm/nested.c | 13 +-
arch/x86/kvm/vmx/nested.c | 15 +-
arch/x86/kvm/vmx/vmx.c | 2 +-
arch/x86/kvm/x86.c | 51 ++--
13 files changed, 382 insertions(+), 391 deletions(-)
--
2.52.0