From nobody Sun Oct 19 19:22:22 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 676612DCBE3 for ; Fri, 23 May 2025 01:18:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747963083; cv=none; b=bMBJ5XoPcazihFBleewlE/+p1ODAbz2x6P1ULjcfQ+KhmI/9l7VphWZOOuPJm/4pOwYaGWtqr5sIfSODK9fKpIoNKn3zYLWfSBlU5EewWy0IK6WcFmikoIMlHq8+uDoXCxK6XdTvxwXrJromCuYQj6nl9Kjyh6tOJnrZ0GFR9Ng= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747963083; c=relaxed/simple; bh=NvuqvCPgnQ92aEAvwxdw3ZIVmayzoEG8SN2JilVlEUU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=hqGLsaHKyNHdOzalUqGbCCvegHSkCqGyDjfopyXbKrSY8dPuvwb+uZkKLzfbxgBufW5w/YJ5uwkvrECxS/6psi9gRZmWvOrcvCFEgnRuYBd3ePA/iqfnpII0vUPJzZdadjCO/5Py148PYYYYNd9+rW5mltYkRxw9ecAaU/4HjbM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=wb/dkA5c; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="wb/dkA5c" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-310a0668968so2269469a91.0 for ; Thu, 22 May 2025 18:18:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747963082; x=1748567882; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=rI/vnFBqTVpLs4/0IdbviGwHNeIm39eoJp7REcUpk+M=; b=wb/dkA5cQcmg1FPvJ13CtwJec73zSfLpPt8SeTvLYu7YUIoywxJnGOU1h7PFQFVwU2 igl/kwp4nY8WCB0k+vZo8lRO0BCiHmsvM340/cNyayymtB0oaKgX45a1DsVF6Rqb6iqh pppb9xZ9dzM31NCahsNAFhhf2IJiz32KOhXmtMh/lU8EAzadTe3XCfnFGmme25Vvelp6 HPARWpu0W1mNKR4qOzP8eubJmgDL7YzTX3tqTtw2lbieuLQRKaLj5P4WffA2NmATzHcj cDPbIDS+e0iy7ieerxlgXK8QrHLXgeUt6CIx11teg/jzbsAyTMfxbWP7umo3RNqp3Pfw Crxw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747963082; x=1748567882; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=rI/vnFBqTVpLs4/0IdbviGwHNeIm39eoJp7REcUpk+M=; b=BFW55XvGYSIFyXtsezRFpqQBKBOyu1LPtc/dWWQRSHOuyOvN/urSFCXKhmTWtNnD6W YO/I6oCORhq955KyDd4VQb0BqKvbDCK1A0V1Vybd81cKGvGEer93aXeXtjP2IFLcV4iH jFwUD630e0us1cWpssu8ky1E0pGH2q+mfcZEOrcYBcuPwLy5myccVSZSORdzi8J59JYl 6a7ZrPdKVPCOaH9tN9NtHxGh8egIh4QDxHwAHZrUwg0iubuIvHcAHnvo2nGG8HPT+Xrs paiCuXaKaWgd9PsA2O9cS9AhWK4VumQDOrDwOeVw7NPXHBfxtPdO4Btc3UjyQOe4Wbbr myTw== X-Forwarded-Encrypted: i=1; AJvYcCX64NNRAaZGkUV+uu3kDyaANd1ZarQ95qm0quwrMwkWjsWA5QKSh/UjBUKTZWM/sqs6xBarhHy++SgxAv4=@vger.kernel.org X-Gm-Message-State: AOJu0Yy59NpAgINwfKGwQPwZMCjrCl1r6CF742f2E/GOD54DXxhRBwfa q1cdRbz+x1PWyCY+vUg9+ysv4uKrySfw4hEuT23iX9hzsYSQmeGaI4S8o16u5iaTExmnv+K0iPQ fSNOWtQ== X-Google-Smtp-Source: AGHT+IHLl5bCAqQXVkkQxqrNz2rEoCWWa5k1A4wEL6dWtWfKB08joHCVVO4G9A0LH9Pbassi3Sg1u1Jjxtg= X-Received: from pjuw7.prod.google.com ([2002:a17:90a:d607:b0:308:867e:1ced]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:1ccc:b0:30e:823f:ef3a with SMTP id 98e67ed59e1d1-30e823ff012mr40871933a91.30.1747963081726; Thu, 22 May 2025 18:18:01 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 22 May 2025 18:17:52 -0700 In-Reply-To: <20250523011756.3243624-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250523011756.3243624-1-seanjc@google.com> X-Mailer: git-send-email 2.49.0.1151.ga128411c76-goog Message-ID: <20250523011756.3243624-2-seanjc@google.com> Subject: [PATCH 1/5] KVM: x86: Avoid calling kvm_is_mmio_pfn() when kvm_x86_ops.get_mt_mask is NULL From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Pawan Gupta , Borislav Petkov , Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Guard the call to kvm_x86_call(get_mt_mask) with an explicit check on kvm_x86_ops.get_mt_mask so as to avoid unnecessarily calling kvm_is_mmio_pfn(), which is moderately expensive for some backing types. E.g. lookup_memtype() conditionally takes a system-wide spinlock if KVM ends up being call pat_pfn_immune_to_uc_mtrr(), e.g. for DAX memory. While the call to kvm_x86_ops.get_mt_mask() itself is elided, the compiler still needs to compute all parameters, as it can't know at build time that the call will be squashed. <+243>: call 0xffffffff812ad880 <+248>: mov %r13,%rsi <+251>: mov %rbx,%rdi <+254>: movzbl %al,%edx <+257>: call 0xffffffff81c26af0 <__SCT__kvm_x86_get_mt_mask> Fixes: 3fee4837ef40 ("KVM: x86: remove shadow_memtype_mask") Signed-off-by: Sean Christopherson Tested-by: Pawan Gupta --- arch/x86/kvm/mmu/spte.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index cfce03d8f123..f262c380f40e 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -209,7 +209,9 @@ bool make_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_pa= ge *sp, if (level > PG_LEVEL_4K) spte |=3D PT_PAGE_SIZE_MASK; =20 - spte |=3D kvm_x86_call(get_mt_mask)(vcpu, gfn, kvm_is_mmio_pfn(pfn)); + if (kvm_x86_ops.get_mt_mask) + spte |=3D kvm_x86_call(get_mt_mask)(vcpu, gfn, kvm_is_mmio_pfn(pfn)); + if (host_writable) spte |=3D shadow_host_writable_mask; else --=20 2.49.0.1151.ga128411c76-goog From nobody Sun Oct 19 19:22:22 2025 Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2032D2DCC03 for ; Fri, 23 May 2025 01:18:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747963085; cv=none; b=huxlM1Oc5lhsntA3vanz+JxSwKsluxy0nEDpWUNhGDtrqlrvrUeWEEVJZDk5ukhTxVCqIprCEMpsAdjF0GK2UGbnkFdVPYvMmoh4voj6UZzEFcfmbqIumz0MMiRp2qIV36wdAcs7cmLn73JLEKsp+GPEUvYpR8e2hHOCMgqpVpo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747963085; c=relaxed/simple; bh=IYjWllSf1O8tGVaK5iCgFM0YX8YjXb0UCSJCL+k4n68=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=X57vJzthcJTsH51xZHUcgAws2k0IUimF9HSTNPN5cJwzq0ujXOiucsu7NMAhEAUde7RgnKSYq/As6aPkLtVood+qRUecPRvZpa4OvQ6urJr4jRMgj/Jjq6tj5FLAByLjVAv5iYxoIPzKjcsRzOnbfnEBTGqzwKJCwHIVqrPegU8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=MjKaOVui; arc=none smtp.client-ip=209.85.210.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="MjKaOVui" Received: by mail-pf1-f202.google.com with SMTP id d2e1a72fcca58-745e89b0c32so1439473b3a.3 for ; Thu, 22 May 2025 18:18:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747963083; x=1748567883; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=qTLufNJ/dvcL77EPEmmugmyvzPgpujC1/Gy6ospWm2I=; b=MjKaOVuiQwzJuqprDH/qTe1WyxIo6olIPKfs6m/q0WxI4mb/J/j5auf00amipwcrhq aNS1z6of9c2zYSpZcYsuSF2loe97Qn7+z/xbU/gNsV638VBcveJwGIXZu0JUp3gUhLS7 pb1YGRPVVARLSgce5smUM6NiyW4v2IoOD2NUmymzXIOkLMTstyygjRl8pZOCLrXjonvb iiZWw1ajPoSuVK20kqinQd/J4/C1MIO61gW91byQwRX4pUkuM54MZajmwjEr1/bkbvPP pcyQ3cxNUlbFUoYMqRcWyBkAI/Nx7RdFPDDoWBZCZs5KalIDDaEtXl8OuOU7WL9OxT5l lUfg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747963083; x=1748567883; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=qTLufNJ/dvcL77EPEmmugmyvzPgpujC1/Gy6ospWm2I=; b=iuJv0koZTcLTdlFv8pJ6n1N+vi++ABQDjDO4qmPPbtRJN/OF049bFDblBexMmp7F2g ii42fbvZbfZ7QSUpCc3nRwJhuovh5BYjYJws9ebVNXZXQI0BF8C8Adh3q/6i4YIyGqVw w4uGdsKBJJ8vAwo8bikT9nFBOLqsZXvhfy4C1qDRUV3JdgQq7bGaUgxH4tefJOFuq9S+ w6Xn9OGX5baWriRK631Dyq08TqSY8BVrxr0+uONVqEExAPw0r/3LHe2ahs8TCf3BldnE 0LUWUzbmbBsNy18sdDqouKXNf3Wg5BR/vNzWGNiRE9Q3NacJzX3CY01DlR9TGlQcMgba 7hkA== X-Forwarded-Encrypted: i=1; AJvYcCXJwmDHnqhAe+E13585vPQuo2rBoECNjKomfp6CEO9i1R8lkZSQ1LFFr3ucRVPDYuHU+Gn4z9/2LEb7ViU=@vger.kernel.org X-Gm-Message-State: AOJu0YxtbOkl1QShsouymwQ81njNZKUqR2lVrAAix2yW1Xyxsr/4lUTB limrBpUtr7s6KITOsFXAVxSHPZ5tCtQkq5ByreMn93y5EZKXE9wYqc+FEgU4x+4s8s7W4dGOj6J Yx+uvWg== X-Google-Smtp-Source: AGHT+IGSpyjSGm+MgA+g3xXjWNrM165HUil7dCrm1uZ6rDDoZjKKJ55Uqf1PAPwBWmntbiHC/fsKAvwDTxc= X-Received: from pfxa7.prod.google.com ([2002:a05:6a00:1d07:b0:742:a97f:55eb]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:4106:b0:740:9c57:3907 with SMTP id d2e1a72fcca58-742acd50f3amr37465447b3a.19.1747963083329; Thu, 22 May 2025 18:18:03 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 22 May 2025 18:17:53 -0700 In-Reply-To: <20250523011756.3243624-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250523011756.3243624-1-seanjc@google.com> X-Mailer: git-send-email 2.49.0.1151.ga128411c76-goog Message-ID: <20250523011756.3243624-3-seanjc@google.com> Subject: [PATCH 2/5] KVM: x86/mmu: Locally cache whether a PFN is host MMIO when making a SPTE From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Pawan Gupta , Borislav Petkov , Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When making a SPTE, cache whether or not the target PFN is host MMIO in order to avoid multiple rounds of the slow path of kvm_is_mmio_pfn(), e.g. hitting pat_pfn_immune_to_uc_mtrr() in particular can be problematic. KVM currently avoids multiple calls by virtue of the two users being mutually exclusive (.get_mt_mask() is Intel-only, shadow_me_value is AMD-only), but that won't hold true if/when KVM needs to detect host MMIO mappings for other reasons, e.g. for mitigating the MMIO Stale Data vulnerability. No functional change intended. Signed-off-by: Sean Christopherson Tested-by: Pawan Gupta --- arch/x86/kvm/mmu/spte.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index f262c380f40e..3f16c91aa042 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -104,7 +104,7 @@ u64 make_mmio_spte(struct kvm_vcpu *vcpu, u64 gfn, unsi= gned int access) return spte; } =20 -static bool kvm_is_mmio_pfn(kvm_pfn_t pfn) +static bool __kvm_is_mmio_pfn(kvm_pfn_t pfn) { if (pfn_valid(pfn)) return !is_zero_pfn(pfn) && PageReserved(pfn_to_page(pfn)) && @@ -125,6 +125,19 @@ static bool kvm_is_mmio_pfn(kvm_pfn_t pfn) E820_TYPE_RAM); } =20 +static bool kvm_is_mmio_pfn(kvm_pfn_t pfn, int *is_host_mmio) +{ + /* + * Determining if a PFN is host MMIO is relative expensive. Cache the + * result locally (in the sole caller) to avoid doing the full query + * multiple times when creating a single SPTE. + */ + if (*is_host_mmio < 0) + *is_host_mmio =3D __kvm_is_mmio_pfn(pfn); + + return *is_host_mmio; +} + /* * Returns true if the SPTE needs to be updated atomically due to having b= its * that may be changed without holding mmu_lock, and for which KVM must not @@ -162,6 +175,7 @@ bool make_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_pa= ge *sp, { int level =3D sp->role.level; u64 spte =3D SPTE_MMU_PRESENT_MASK; + int is_host_mmio =3D -1; bool wrprot =3D false; =20 /* @@ -210,14 +224,14 @@ bool make_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_= page *sp, spte |=3D PT_PAGE_SIZE_MASK; =20 if (kvm_x86_ops.get_mt_mask) - spte |=3D kvm_x86_call(get_mt_mask)(vcpu, gfn, kvm_is_mmio_pfn(pfn)); - + spte |=3D kvm_x86_call(get_mt_mask)(vcpu, gfn, + kvm_is_mmio_pfn(pfn, &is_host_mmio)); if (host_writable) spte |=3D shadow_host_writable_mask; else pte_access &=3D ~ACC_WRITE_MASK; =20 - if (shadow_me_value && !kvm_is_mmio_pfn(pfn)) + if (shadow_me_value && !kvm_is_mmio_pfn(pfn, &is_host_mmio)) spte |=3D shadow_me_value; =20 spte |=3D (u64)pfn << PAGE_SHIFT; --=20 2.49.0.1151.ga128411c76-goog From nobody Sun Oct 19 19:22:22 2025 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C05D12040B6 for ; Fri, 23 May 2025 01:18:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747963087; cv=none; b=Qa5tnKlZn7OMydK9pmlLq3rhu6tF85c8qd/l73TOR4MjDzEK7r/DrvXk80bTDAfVWoCYkSMwa4a+rYKL1Qb64dhwu6IPbencrZq0PVJjBH+5ZOdfShYeXhZA+5lEWwekocXZws/DM7A/+2Tx6jLM3CHMhpyo6LrKCH2lEsWofKY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747963087; c=relaxed/simple; bh=y8TDpZKk7aB10UFoOK8n344XpdWL97IbthgkYf0JuKQ=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=YRw4ZWwubJI+/+f0liMi0ANJ3V4R66YFPzmT4v7HD+3pLrrWiEepHmgU6/dEnfIvXJjXBa8xxU+cQbVf8VoZHvWu9Oriejd6+pXcEerDpm348KqsisUHfT/maRo+kyBMuXSyMl9hyJeZ/S9AO6I2ya2f+6KWJd01qBeycHRRY94= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=oOBXs11A; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="oOBXs11A" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-b26f30486f0so8049900a12.2 for ; Thu, 22 May 2025 18:18:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747963085; x=1748567885; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=YuMGLHcCivRBl+VtofjiQzXDjtOgKsnDLWsQSOS9M50=; b=oOBXs11AR6PgE8N+YnIZjImyxdSDfadsR2zzt92q8PC2nrHUDAbhxTy3n1TFHL+u4f uR5fGh/PVm/FXJOkDbJ0HQ5wP3y0QBuI0jBRtMC3QYqURIN2kp5SZuxJ7CYf347DJh5E 5mWkj8VwWjq1edASbVR6Q9TmPEbdRMISJmCnb/VWOVz47yn1+9qxYPKKOEgFFP3lEs2X 0V+oM0kq0yHjFC4MrL0jU2Ut6qa/a/Q6t4mHNNRYCKZPBOW0khpKIhrYfrQsy69EXCk/ 9msQyATS8Z38jGQhu2i2TmEDJNZIPXnovCJ+4U5duWET4CyKOXmbRDU/xhQlVmqyPBiS qCqQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747963085; x=1748567885; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=YuMGLHcCivRBl+VtofjiQzXDjtOgKsnDLWsQSOS9M50=; b=YDMvwaymHVofdHo7FNzKOKPzQhl7R9Z/Lq17Y1DGHBf9v1aYokaqO9HiSPL8dblymi Q0Qz2bVarOGPEXf8Y5jF5w9pm1SqkEuJj268mFksDdGmls0HhgzBfu22JGRici1LT1oJ M3NxFjvX82STieZ2QPjESaYmvVSUjDf8N+LrorP4K9dWmYLJHxu7fRjNnPSkvrhjSC/1 i+Dng7cY2n60lI6pn9aiqFLi+O63tcwUQd7Godz5Y50XNcbYthlTzGqwoIr8IRtIxkkC KwhMZ/sOK5gYoCMJVnycm5mssUVrg27zcmTPtYx1w89zZSSBLkgJo/50eP5Oogm9dIYh AkHw== X-Forwarded-Encrypted: i=1; AJvYcCXqzglODVGfmdIJPQY6p6DWkGBN2ZG8e6GzmGIFpJAXlWFvZE0HFanIiowkjnqyhbUTRec99SSxCFiEz6s=@vger.kernel.org X-Gm-Message-State: AOJu0YzOJIY+sJWaK2k3TihF1wdiUgYgNtqSFLLSxtx+l6HKa7A1+jwK HAqVd4/GgB/mCj8Bs4n4Tu7SiwVcTP6M/SBL0xIt4oyhcfXn6rrF4cREOsf1c0BHJYb/1fBRce4 Hp5litg== X-Google-Smtp-Source: AGHT+IEMoSdvAqq5gy38p0MEs35p+JrBTqeXvKk4+bxVzHgPqe9zQDnWpFzFQm7IXYyhXA7CIorXuUED+Po= X-Received: from pjbeu5.prod.google.com ([2002:a17:90a:f945:b0:2ef:d136:17fc]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:350e:b0:310:8d7a:cece with SMTP id 98e67ed59e1d1-3108d7acedbmr13311760a91.35.1747963085039; Thu, 22 May 2025 18:18:05 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 22 May 2025 18:17:54 -0700 In-Reply-To: <20250523011756.3243624-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250523011756.3243624-1-seanjc@google.com> X-Mailer: git-send-email 2.49.0.1151.ga128411c76-goog Message-ID: <20250523011756.3243624-4-seanjc@google.com> Subject: [PATCH 3/5] KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Pawan Gupta , Borislav Petkov , Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Enforce the MMIO State Data mitigation if KVM has ever mapped host MMIO into the VM, not if the VM has an assigned device. VFIO is but one of many ways to map host MMIO into a KVM guest, and even within VFIO, formally attaching a device to a VM via KVM_DEV_VFIO_FILE_ADD is entirely optional. Track whether or not the guest can access host MMIO on a per-MMU basis, i.e. based on whether or not the vCPU has a mapping to host MMIO. For simplicity, track MMIO mappings in "special" rools (those without a kvm_mmu_page) at the VM level, as only Intel CPUs are vulnerable, and so only legacy 32-bit shadow paging is affected, i.e. lack of precise tracking is a complete non-issue. Make the per-MMU and per-VM flags sticky. Detecting when *all* MMIO mappings have been removed would be absurdly complex. And in practice, removing MMIO from a guest will be done by deleting the associated memslot, which by default will force KVM to re-allocate all roots. Special roots will forever be mitigated, but as above, the affected scenarios are not expected to be performance sensitive. Use a VMX_RUN flag to communicate the need for a buffers flush to vmx_vcpu_enter_exit() so that kvm_vcpu_can_access_host_mmio() and all its dependencies don't need to be marked __always_inline, e.g. so that KASAN doesn't trigger a noinstr violation. Cc: Pawan Gupta Cc: Borislav Petkov Fixes: 8cb861e9e3c9 ("x86/speculation/mmio: Add mitigation for Processor MM= IO Stale Data") Signed-off-by: Sean Christopherson Tested-by: Pawan Gupta --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/mmu/mmu_internal.h | 3 +++ arch/x86/kvm/mmu/spte.c | 21 +++++++++++++++++++++ arch/x86/kvm/mmu/spte.h | 10 ++++++++++ arch/x86/kvm/vmx/run_flags.h | 10 ++++++---- arch/x86/kvm/vmx/vmx.c | 8 +++++++- 6 files changed, 48 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 01edcefbd937..043be00ec5b8 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1458,6 +1458,7 @@ struct kvm_arch { bool x2apic_format; bool x2apic_broadcast_quirk_disabled; =20 + bool has_mapped_host_mmio; bool guest_can_read_msr_platform_info; bool exception_payload_enabled; =20 diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_interna= l.h index db8f33e4de62..65f3c89d7c5d 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -103,6 +103,9 @@ struct kvm_mmu_page { int root_count; refcount_t tdp_mmu_root_count; }; + + bool has_mapped_host_mmio; + union { /* These two members aren't used for TDP MMU */ struct { diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index 3f16c91aa042..5fb43a834d48 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -138,6 +138,22 @@ static bool kvm_is_mmio_pfn(kvm_pfn_t pfn, int *is_hos= t_mmio) return *is_host_mmio; } =20 +static void kvm_track_host_mmio_mapping(struct kvm_vcpu *vcpu) +{ + struct kvm_mmu_page *root =3D root_to_sp(vcpu->arch.mmu->root.hpa); + + if (root) + WRITE_ONCE(root->has_mapped_host_mmio, true); + else + WRITE_ONCE(vcpu->kvm->arch.has_mapped_host_mmio, true); + + /* + * Force vCPUs to exit and flush CPU buffers if the vCPU is using the + * affected root(s). + */ + kvm_make_all_cpus_request(vcpu->kvm, KVM_REQ_OUTSIDE_GUEST_MODE); +} + /* * Returns true if the SPTE needs to be updated atomically due to having b= its * that may be changed without holding mmu_lock, and for which KVM must not @@ -276,6 +292,11 @@ bool make_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_p= age *sp, mark_page_dirty_in_slot(vcpu->kvm, slot, gfn); } =20 + if (static_branch_unlikely(&mmio_stale_data_clear) && + !kvm_vcpu_can_access_host_mmio(vcpu) && + kvm_is_mmio_pfn(pfn, &is_host_mmio)) + kvm_track_host_mmio_mapping(vcpu); + *new_spte =3D spte; return wrprot; } diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 1e94f081bdaf..3133f066927e 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -280,6 +280,16 @@ static inline bool is_mirror_sptep(tdp_ptep_t sptep) return is_mirror_sp(sptep_to_sp(rcu_dereference(sptep))); } =20 +static inline bool kvm_vcpu_can_access_host_mmio(struct kvm_vcpu *vcpu) +{ + struct kvm_mmu_page *root =3D root_to_sp(vcpu->arch.mmu->root.hpa); + + if (root) + return READ_ONCE(root->has_mapped_host_mmio); + + return READ_ONCE(vcpu->kvm->arch.has_mapped_host_mmio); +} + static inline bool is_mmio_spte(struct kvm *kvm, u64 spte) { return (spte & shadow_mmio_mask) =3D=3D kvm->arch.shadow_mmio_value && diff --git a/arch/x86/kvm/vmx/run_flags.h b/arch/x86/kvm/vmx/run_flags.h index 6a9bfdfbb6e5..2f20fb170def 100644 --- a/arch/x86/kvm/vmx/run_flags.h +++ b/arch/x86/kvm/vmx/run_flags.h @@ -2,10 +2,12 @@ #ifndef __KVM_X86_VMX_RUN_FLAGS_H #define __KVM_X86_VMX_RUN_FLAGS_H =20 -#define VMX_RUN_VMRESUME_SHIFT 0 -#define VMX_RUN_SAVE_SPEC_CTRL_SHIFT 1 +#define VMX_RUN_VMRESUME_SHIFT 0 +#define VMX_RUN_SAVE_SPEC_CTRL_SHIFT 1 +#define VMX_RUN_CLEAR_CPU_BUFFERS_FOR_MMIO_SHIFT 2 =20 -#define VMX_RUN_VMRESUME BIT(VMX_RUN_VMRESUME_SHIFT) -#define VMX_RUN_SAVE_SPEC_CTRL BIT(VMX_RUN_SAVE_SPEC_CTRL_SHIFT) +#define VMX_RUN_VMRESUME BIT(VMX_RUN_VMRESUME_SHIFT) +#define VMX_RUN_SAVE_SPEC_CTRL BIT(VMX_RUN_SAVE_SPEC_CTRL_SHIFT) +#define VMX_RUN_CLEAR_CPU_BUFFERS_FOR_MMIO BIT(VMX_RUN_CLEAR_CPU_BUFFERS_F= OR_MMIO_SHIFT) =20 #endif /* __KVM_X86_VMX_RUN_FLAGS_H */ diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index f79604bc0127..27e870d83122 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -74,6 +74,8 @@ #include "vmx_onhyperv.h" #include "posted_intr.h" =20 +#include "mmu/spte.h" + MODULE_AUTHOR("Qumranet"); MODULE_DESCRIPTION("KVM support for VMX (Intel VT-x) extensions"); MODULE_LICENSE("GPL"); @@ -959,6 +961,10 @@ unsigned int __vmx_vcpu_run_flags(struct vcpu_vmx *vmx) if (!msr_write_intercepted(vmx, MSR_IA32_SPEC_CTRL)) flags |=3D VMX_RUN_SAVE_SPEC_CTRL; =20 + if (static_branch_unlikely(&mmio_stale_data_clear) && + kvm_vcpu_can_access_host_mmio(&vmx->vcpu)) + flags |=3D VMX_RUN_CLEAR_CPU_BUFFERS_FOR_MMIO; + return flags; } =20 @@ -7282,7 +7288,7 @@ static noinstr void vmx_vcpu_enter_exit(struct kvm_vc= pu *vcpu, if (static_branch_unlikely(&vmx_l1d_should_flush)) vmx_l1d_flush(vcpu); else if (static_branch_unlikely(&mmio_stale_data_clear) && - kvm_arch_has_assigned_device(vcpu->kvm)) + (flags & VMX_RUN_CLEAR_CPU_BUFFERS_FOR_MMIO)) mds_clear_cpu_buffers(); =20 vmx_disable_fb_clear(vmx); --=20 2.49.0.1151.ga128411c76-goog From nobody Sun Oct 19 19:22:22 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 15D531CB518 for ; Fri, 23 May 2025 01:18:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747963088; cv=none; b=WCKMXT51X4Gpk02YojYzkqg9u8L+wYExzCoMNb8V/pDC/YmRRD/IOqMA91IUZoKhvvBg/OJHSSSMhjnf3T1uesH/+tVqzW5w+TYyhZePcHUai9XVuUl0rQeyJ+Zy5OYmLGfyrBR3zeoCe5Ke0URpqk5SrrNxdcJWxMQzrfrnD4M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747963088; c=relaxed/simple; bh=v0i9XFKRas/49gZ2a2wU7oWN5OJL8p0CsC9g9Dbr8MY=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Wb4yjQa8eh3e/W/f5HtfMLk5okAlREXbFvqj7LDYpN2Q+CXTqiyxgNZEwxNRIwemUkNC3ril2dTlljiG2PLx91ecmxLJILC48bh/hXd6Q5VCxg5Blz9gbtNAQ7tEtrlSrCu7OFvbsYi15Illrvo7o5zX89Usvur0JbXr5P7yRyw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=kNNo8hx0; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="kNNo8hx0" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-30e6980471cso6974866a91.1 for ; Thu, 22 May 2025 18:18:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747963086; x=1748567886; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=fTBTDLrGR2u813pcv7sYfr/Q+KML7c2us8ddsfnVayQ=; b=kNNo8hx08LuT5ABTk+A1MIBYsuxbhVzLIWEjJbpuOJcTPGuHKssqAnLgNZsgJO7B2o JodRw9zLo5TUgziJDbInjETACgiLXRhZmGj2dS/NeDNhpDnHxfi8QlJlSHM1wveRyL3m vbn91VY26VmLFBZ+zrbkKiBOgwyhxXLOgvP4y+d2hMv6PUFan1zHtSoCw4Ige7wdr3WY 8wiPZovFQPD9yzTVph4XK/DNewt2Y2q2UZcF9wX27MS3G6c+8FB3fiLKIpLZ9JmEg5hI xH3PJIVqPreY6UbJ57dafiQ+EK33CLN47eDIS2AsYZvrlEDl4FkDd3K2SXAti0wmqFch abEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747963086; x=1748567886; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=fTBTDLrGR2u813pcv7sYfr/Q+KML7c2us8ddsfnVayQ=; b=my0hovPYsDBpaSyNAb3PvwGpa267wKZ9kyHEMOCw6im+uvv4viK1Hd4Wgd3gFAk6g1 skbzVfJVhDOjmKtqsCcAepfRyyLVRqbBOrHqzb1VUmds4oP8C7hLwHksyo6NTFo+aSCA 9SvLsgrDfhbaZXpGOqpoMh4sdB+N1CQshYVLcGrLF3E9HhOE0nUW15sdSv+REFTXR+yM l43VZkhkpOWjuB+cfuIhkqUH+1l3aSncesTOvZrO/doyw6bIrOfCHuPIUugMIIsOE73r hQmG/+EtPAjPXJhBuvSfND0/lCFciJj2V+f/amAZmj4NXf+RFseSZOeLsOTJdoo66sa8 JlBQ== X-Forwarded-Encrypted: i=1; AJvYcCUQGYrKLiDCLWeRs6SZAmiBI7Z844aAufzISNuqQoeBJJ9OotmIY/lkWt3O/VUab7UTyaS4Yosl8oHvl5k=@vger.kernel.org X-Gm-Message-State: AOJu0YxCfWtu5bJ6NwFoznH0DVPQK/Ovxi6pSJX8XJHg2+KLznMQdSCw yUzxMga8j37ZcDet7xSlmcIskRsPajswuJtyPcr1gyxH5UxDrS/QezWIise+tqR24I2kb9Ccxmh pupI6NA== X-Google-Smtp-Source: AGHT+IGpv4P+ODkqYm9t4Pze/9SaR4vsp6B14xH4cnqHe5pE3SxHs7E/dTqTwNcOj1dkoAiUjvMAkLqVaXw= X-Received: from pjbpq9.prod.google.com ([2002:a17:90b:3d89:b0:2ee:3128:390f]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90a:c2cd:b0:2fe:861b:1ae3 with SMTP id 98e67ed59e1d1-30e7d5212aemr41307871a91.8.1747963086468; Thu, 22 May 2025 18:18:06 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 22 May 2025 18:17:55 -0700 In-Reply-To: <20250523011756.3243624-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250523011756.3243624-1-seanjc@google.com> X-Mailer: git-send-email 2.49.0.1151.ga128411c76-goog Message-ID: <20250523011756.3243624-5-seanjc@google.com> Subject: [PATCH 4/5] Revert "kvm: detect assigned device via irqbypass manager" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Pawan Gupta , Borislav Petkov , Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that KVM explicitly tracks the number of possible bypass IRQs, and doesn't conflate IRQ bypass with host MMIO access, stop bumping the assigned device count when adding an IRQ bypass producer. This reverts commit 2edd9cb79fb31b0907c6e0cdce2824780cf9b153. Signed-off-by: Sean Christopherson Tested-by: Pawan Gupta --- arch/x86/kvm/irq.c | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/arch/x86/kvm/irq.c b/arch/x86/kvm/irq.c index 7586cf6f1215..b9bdec66a611 100644 --- a/arch/x86/kvm/irq.c +++ b/arch/x86/kvm/irq.c @@ -565,8 +565,6 @@ int kvm_arch_irq_bypass_add_producer(struct irq_bypass_= consumer *cons, struct kvm *kvm =3D irqfd->kvm; int ret =3D 0; =20 - kvm_arch_start_assignment(irqfd->kvm); - spin_lock_irq(&kvm->irqfds.lock); irqfd->producer =3D prod; =20 @@ -575,10 +573,8 @@ int kvm_arch_irq_bypass_add_producer(struct irq_bypass= _consumer *cons, =20 if (irqfd->irq_entry.type =3D=3D KVM_IRQ_ROUTING_MSI) { ret =3D kvm_pi_update_irte(irqfd, &irqfd->irq_entry); - if (ret) { + if (ret) kvm->arch.nr_possible_bypass_irqs--; - kvm_arch_end_assignment(irqfd->kvm); - } } spin_unlock_irq(&kvm->irqfds.lock); =20 @@ -614,9 +610,6 @@ void kvm_arch_irq_bypass_del_producer(struct irq_bypass= _consumer *cons, kvm->arch.nr_possible_bypass_irqs--; =20 spin_unlock_irq(&kvm->irqfds.lock); - - - kvm_arch_end_assignment(irqfd->kvm); } =20 void kvm_arch_update_irqfd_routing(struct kvm_kernel_irqfd *irqfd, --=20 2.49.0.1151.ga128411c76-goog From nobody Sun Oct 19 19:22:22 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CC10621E0B7 for ; Fri, 23 May 2025 01:18:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747963090; cv=none; b=Ev5URa144H6MRij8t7d0o7Mvl//rSIgxqglR7jP13Lp/2lWtEdu07WzBPHlxcCrv5RFhbsI7MEsY2cOiTn200nd00iaEE3VB0RI5M6HIplIK1diy9xmyRXNAvmsEof7jDfmnjzYvf3MlhR8H3jBZw8PwZoMFBF8lUzM/n2GyV0A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747963090; c=relaxed/simple; bh=dX8nq0dpc2EQQRTZJEyJJGSZKFyoPAvHvk+9J9cF//A=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=r7/4n0FRXFt/n5RtK6grXBF45lcCxFgHgwZ41l4RYIMT0Xj4tNXsbJFTHo5zSkGvllr1egG3KRyHsXXj5vD/3+tSmaaxfz+Eplj1X2lABH9B2cMO/fkJmXEx03Y1a5yp80qdnoZ2K8TRRRu7pI9ECsuNQdCWg8V3dzgSRmxyggQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=QEWAt09y; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="QEWAt09y" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-310e7c24158so490657a91.3 for ; Thu, 22 May 2025 18:18:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747963088; x=1748567888; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=fufLLC396JAskRTF6ENXv8IgKQdaTngu642No/aWLio=; b=QEWAt09y2pL8xG9VRU4461w6qLuofwC+yLiRdknAL0xtWwFAqHZ8VjRVDIohbbYNEc B6Jj5GjKuWuwI1aPUhbe4+C5w03MKf27Ofzqc68/1TcK3+lXV/hVvo3XnJJ8OsLTl9FX 240RvsUP5t2IX9sOCLrYyua54J7NsWt+T82AYpbRC7eh2UYkdtGS+K+esKqZgpURd/WJ 5f8d/3J1fjAO0fZb1ZHwM8l7Oe13taCnWrERktiuJhXRcSN3QrlCOfTGoUc1hOJ78LWG wQZu0l1d6vuyqHJHAvTasiwsaQQBRk/7De3OiUMMx3ZV26nr6hbq4EERN7gWp3Ny+k2l QxgQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747963088; x=1748567888; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=fufLLC396JAskRTF6ENXv8IgKQdaTngu642No/aWLio=; b=vKKVeogRcxRuwuBywlQn9B/cW6NDZqbKEC1ZLf7xXx+p3xn2OD42a7ZHVp4DTHN0CW 22qWzxyPiJ5JdGvB6/pf5fr9WN3d+wMM75COLoIlGWafGqhB6OTIVJSpSlW472HDDL9G wwdAkcTScabk/YaUUJ6BWYh7b4ZQW0GdXgDgWGJ/sV1txoPg3A0gWKT4RTcSZjXyk+fY pkyO54S7QfGSDDI4YViGThi1aW8uCNPklty2zb61r1u5f0dIJfpWxk1Z7eBOVr1vb8P0 28k1wpjOVYVcqbr+x9BiiP2cTj4A25U7kjVdRaxzddwlODJpFY/M4W2OoZ1VkGlSW/XE VghQ== X-Forwarded-Encrypted: i=1; AJvYcCWk/ZMevTgNci+t3OKpNAWYFSyYQsBsxsRh3PfpY/HNqQuPylxhSjxcmL3d6vjxX84n+zYk+nuSUoiaM+8=@vger.kernel.org X-Gm-Message-State: AOJu0YxM3YSZh/rhd/IqlJF0fTdJYHPrQopbrSnQUTlog3yhld9p6Ux4 MiENrEONXZ5duHg6ekKLDp/8DdZKA2wz8s0X5JqEZ4CixzneZISiEiMHcvYBDN2IlY2xvtUPWo6 PZYN8nQ== X-Google-Smtp-Source: AGHT+IFCOYwtizzYjOTae6Mj32F46dgD0uJVDssen2HZ7KTZkiFj54SwRB8bSELTYoqvR+qs9H39zDVz/wg= X-Received: from pjbsl8.prod.google.com ([2002:a17:90b:2e08:b0:301:1bf5:2f07]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90a:fc4f:b0:2ff:4f04:4266 with SMTP id 98e67ed59e1d1-30e83216290mr31617531a91.23.1747963088080; Thu, 22 May 2025 18:18:08 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 22 May 2025 18:17:56 -0700 In-Reply-To: <20250523011756.3243624-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250523011756.3243624-1-seanjc@google.com> X-Mailer: git-send-email 2.49.0.1151.ga128411c76-goog Message-ID: <20250523011756.3243624-6-seanjc@google.com> Subject: [PATCH 5/5] VFIO: KVM: x86: Drop kvm_arch_{start,end}_assignment() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Pawan Gupta , Borislav Petkov , Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Drop kvm_arch_{start,end}_assignment() and all associated code now that KVM x86 no longer consumes assigned_device_count. Tracking whether or not a VFIO-assigned device is formally associated with a VM is fundamentally flawed, as such an association is optional for general usage, i.e. is prone to false negatives. E.g. prior to commit 2edd9cb79fb3 ("kvm: detect assigned device via irqbypass manager"), device passthrough via VFIO would fail to enable IRQ bypass if userspace omitted the formal VFIO<=3D>KVM binding. And device drivers that *need* the VFIO<=3D>KVM connection, e.g. KVM-GT, shouldn't be relying on generic x86 tracking infrastructure. Cc: Jim Mattson Signed-off-by: Sean Christopherson Tested-by: Pawan Gupta --- arch/x86/include/asm/kvm_host.h | 2 -- arch/x86/kvm/x86.c | 18 ------------------ include/linux/kvm_host.h | 18 ------------------ virt/kvm/vfio.c | 3 --- 4 files changed, 41 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 043be00ec5b8..3cb57f6ef730 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1380,8 +1380,6 @@ struct kvm_arch { =20 #define __KVM_HAVE_ARCH_NONCOHERENT_DMA atomic_t noncoherent_dma_count; -#define __KVM_HAVE_ARCH_ASSIGNED_DEVICE - atomic_t assigned_device_count; unsigned long nr_possible_bypass_irqs; =20 #ifdef CONFIG_KVM_IOAPIC diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 3969e439a6bb..2a1563f2ee97 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -13561,24 +13561,6 @@ bool kvm_arch_can_dequeue_async_page_present(struc= t kvm_vcpu *vcpu) return kvm_lapic_enabled(vcpu) && apf_pageready_slot_free(vcpu); } =20 -void kvm_arch_start_assignment(struct kvm *kvm) -{ - atomic_inc(&kvm->arch.assigned_device_count); -} -EXPORT_SYMBOL_GPL(kvm_arch_start_assignment); - -void kvm_arch_end_assignment(struct kvm *kvm) -{ - atomic_dec(&kvm->arch.assigned_device_count); -} -EXPORT_SYMBOL_GPL(kvm_arch_end_assignment); - -bool noinstr kvm_arch_has_assigned_device(struct kvm *kvm) -{ - return raw_atomic_read(&kvm->arch.assigned_device_count); -} -EXPORT_SYMBOL_GPL(kvm_arch_has_assigned_device); - static void kvm_noncoherent_dma_assignment_start_or_stop(struct kvm *kvm) { /* diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 706f2402ae8e..31f183c32f9a 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -1686,24 +1686,6 @@ static inline bool kvm_arch_has_noncoherent_dma(stru= ct kvm *kvm) return false; } #endif -#ifdef __KVM_HAVE_ARCH_ASSIGNED_DEVICE -void kvm_arch_start_assignment(struct kvm *kvm); -void kvm_arch_end_assignment(struct kvm *kvm); -bool kvm_arch_has_assigned_device(struct kvm *kvm); -#else -static inline void kvm_arch_start_assignment(struct kvm *kvm) -{ -} - -static inline void kvm_arch_end_assignment(struct kvm *kvm) -{ -} - -static __always_inline bool kvm_arch_has_assigned_device(struct kvm *kvm) -{ - return false; -} -#endif =20 static inline struct rcuwait *kvm_arch_vcpu_get_wait(struct kvm_vcpu *vcpu) { diff --git a/virt/kvm/vfio.c b/virt/kvm/vfio.c index 196a102e34fb..be50514bbd11 100644 --- a/virt/kvm/vfio.c +++ b/virt/kvm/vfio.c @@ -175,7 +175,6 @@ static int kvm_vfio_file_add(struct kvm_device *dev, un= signed int fd) kvf->file =3D get_file(filp); list_add_tail(&kvf->node, &kv->file_list); =20 - kvm_arch_start_assignment(dev->kvm); kvm_vfio_file_set_kvm(kvf->file, dev->kvm); kvm_vfio_update_coherency(dev); =20 @@ -205,7 +204,6 @@ static int kvm_vfio_file_del(struct kvm_device *dev, un= signed int fd) continue; =20 list_del(&kvf->node); - kvm_arch_end_assignment(dev->kvm); #ifdef CONFIG_SPAPR_TCE_IOMMU kvm_spapr_tce_release_vfio_group(dev->kvm, kvf); #endif @@ -336,7 +334,6 @@ static void kvm_vfio_release(struct kvm_device *dev) fput(kvf->file); list_del(&kvf->node); kfree(kvf); - kvm_arch_end_assignment(dev->kvm); } =20 kvm_vfio_update_coherency(dev); --=20 2.49.0.1151.ga128411c76-goog