On Thu, 2021-11-11 at 14:23 +0100, Paolo Bonzini wrote:
> Queued with these changes.
Thanks. I note...
[I didn't entirely agree with David's assessment of the
usefulness of the gfn_to_pfn cache, and integrated the outcome
of the discussion in the above commit message. - Paolo]
... the key change being the 'Until' in:
Until the gfn_to_pfn cache handles the remapping automatically by
integrating with the MMU notifiers, we might as well not get a
kernel mapping of it...
I do not recall that we'd actually reached a conclusion that we *will*
make the gfn_to_pfn cache generally usable in that fashion. The latest
I knew of that discussion was my message at
https://lore.kernel.org/kvm/55a5d4e3fbd29dd55e276b97eeaefd0411b3290b.camel@xxxxxxxxxxxxx/
in which I said I'd be a whole lot happier with that if we could do it
with RCU instead of an rwlock — but I don't think we can because we'd
need to call synchronize_srcu() in the MMU notifier callback that might
not be permitted to sleep?
I'm also slightly less comfortable with having the MMU notifier work
through an arbitrary *list* of gfn_to_pfn caches that it potentially
needs to invalidate, but that is very much a minor concern compared
with the first.
I started looking through the nested code which is the big user of this
facility. The important part of the gfn_to_pfn mapping as I've used it
for Xen event channel delivery is the fast path in the common case,
falling back to a slow path that needs to sleep, to revalidate the
mapping. That fast vs. slow path (with a workqueue) already existed for
irqfd delivery and I just needed to hook into it in the right places.
I didn't see anything in nested code that would benefit from that same
setup, and AFAICT it should all be running with current->mm == kvm->mm
so surely it ought to be able to just access things using the userspace
HVA and sleep if necessary?
(There's an *entirely* gratuitous one in nested_cache_shadow_vmcs12()
which does a map/memcpy/unmap that really ought to be kvm_read_guest().
I'll send a patch for that shortly)
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
