On 20.10.22 22:37, Sean Christopherson wrote:
On Thu, Oct 20, 2022, Alexander Graf wrote:
On 26.06.20 19:32, Sean Christopherson wrote:
/cast <thread necromancy>
On Tue, Aug 20, 2019 at 01:03:19PM -0700, Sean Christopherson wrote:
[...]
I don't think any of this explains the pass-through GPU issue. But, we
have a few use cases where zapping the entire MMU is undesirable, so I'm
going to retry upstreaming this patch as with per-VM opt-in. I wanted to
set the record straight for posterity before doing so.
Hey Sean,
Did you ever get around to upstream or rework the zap optimization? The way
I read current upstream, a memslot change still always wipes all SPTEs, not
only the ones that were changed.
Nope, I've more or less given up hope on zapping only the deleted/moved memslot.
TDX (and SNP?) will preserve SPTEs for guest private memory, but they're very
much a special case.
Do you have use case and/or issue that doesn't play nice with the "zap all" behavior?
Yeah, we're looking at adding support for the Hyper-V VSM extensions
which Windows uses to implement Credential Guard. With that, the guest
gets access to hypercalls that allow it to set reduced permissions for
arbitrary gfns. To ensure that user space has full visibility into those
for live migration, memory slots to model access would be a great fit.
But it means we'd do ~100k memslot modifications on boot.
Alex
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
