On Fri, Feb 07, 2020 at 10:29:16AM +0100, Vitaly Kuznetsov wrote: > Sean Christopherson <sean.j.christopherson@xxxxxxxxx> writes: > > > Wrap calls to ->page_fault() with a small shim to directly invoke the > > TDP fault handler when the kernel is using retpolines and TDP is being > > used. Denote the TDP fault handler by nullifying mmu->page_fault, and > > annotate the TDP path as likely to coerce the compiler into preferring > > the TDP path. > > > > Rename tdp_page_fault() to kvm_tdp_page_fault() as it's exposed outside > > of mmu.c to allow inlining the shim. > > > > Signed-off-by: Sean Christopherson <sean.j.christopherson@xxxxxxxxx> > > --- > > Out of pure curiosity, if we do something like > > if (vcpu->arch.mmu->page_fault == tdp_page_fault) > tdp_page_fault(...) > else if (vcpu->arch.mmu->page_fault == nonpaging_page_fault) > nonpaging_page_fault(...) > ... > > we also defeat the retpoline, right? Yep. > Should we use this technique ... everywhere? :-) It becomes a matter of weighing the maintenance cost and robustness against the performance benefits. For the TDP case, amost no one (that cares about performance) uses shadow paging, the change is very explicit, tiny and isolated, and TDP page fault are a hot path, e.g. when booting the VM. I.e. low maintenance overhead, still robust, and IMO worth the shenanigans. The changes to VMX's VM-Exit handlers follow similar thinking: snipe off the exit handlers that are performance critical, but use a low maintenance implementation for the majority of handlers. There have been multiple attempts to add infrastructure to solve the maintenance and robustness problems[*], but AFAIK none of them have made their way upstream. [*] https://lwn.net/Articles/774743/