On Tue, Aug 20, 2019 at 09:12:14PM +0800, Yang Weijiang wrote: > On Mon, Aug 19, 2019 at 04:46:54PM +0200, Paolo Bonzini wrote: > > On 14/08/19 09:04, Yang Weijiang wrote: > > > + > > > + if (vcpu->kvm->arch.spp_active && level == PT_PAGE_TABLE_LEVEL) > > > + kvm_enable_spp_protection(vcpu->kvm, gfn); > > > + > > > > This would not enable SPP if the guest is backed by huge pages. > > Instead, either the PT_PAGE_TABLE_LEVEL level must be forced for all > > pages covered by SPP ranges, or (better) kvm_enable_spp_protection must > > be able to cover multiple pages at once. > > > > Paolo > OK, I'll figure out how to make it, thanks! Hi, Paolo, Regarding this change, I have some concerns, splitting EPT huge page entries(e.g., 1GB page)will take long time compared with normal EPT page fault processing, especially for multiple vcpus/pages,so the in-flight time increases, but HW walks EPT for translations in the meantime, would it bring any side effect? or there's a way to mitigate it? Thanks!
