On Thu, Oct 20, 2022 at 11:32:28AM +0300, Oliver Upton wrote: > On Wed, Oct 19, 2022 at 11:17:43PM +0000, Sean Christopherson wrote: > > On Fri, Oct 07, 2022, Oliver Upton wrote: [...] > > > diff --git a/arch/arm64/kvm/hyp/pgtable.c b/arch/arm64/kvm/hyp/pgtable.c > > > index 02c33fccb178..6b6e1ed7ee2f 100644 > > > --- a/arch/arm64/kvm/hyp/pgtable.c > > > +++ b/arch/arm64/kvm/hyp/pgtable.c > > > @@ -175,13 +175,14 @@ static int kvm_pgtable_visitor_cb(struct kvm_pgtable_walk_data *data, > > > } > > > > > > static int __kvm_pgtable_walk(struct kvm_pgtable_walk_data *data, > > > - struct kvm_pgtable_mm_ops *mm_ops, kvm_pte_t *pgtable, u32 level); > > > + struct kvm_pgtable_mm_ops *mm_ops, kvm_pteref_t pgtable, u32 level); > > > > > > static inline int __kvm_pgtable_visit(struct kvm_pgtable_walk_data *data, > > > struct kvm_pgtable_mm_ops *mm_ops, > > > - kvm_pte_t *ptep, u32 level) > > > + kvm_pteref_t pteref, u32 level) > > > { > > > enum kvm_pgtable_walk_flags flags = data->walker->flags; > > > + kvm_pte_t *ptep = kvm_dereference_pteref(pteref, false); > > > struct kvm_pgtable_visit_ctx ctx = { > > > .ptep = ptep, > > > .old = READ_ONCE(*ptep), > > > > This is where you want the protection to kick in, e.g. > > > > typedef kvm_pte_t __rcu *kvm_ptep_t; > > > > static inline kvm_pte_t kvm_read_pte(kvm_ptep_t ptep) > > { > > return READ_ONCE(*rcu_dereference(ptep)); > > } > > > > .old = kvm_read_pte(ptep), > > > > In other words, the pointer itself isn't that's protected, it's PTE that the > > pointer points at that's protected. > > Right, but practically speaking it is the boundary at which we assert > that protection. > > Anyhow, I'll look at abstracting the actual memory accesses in the > visitors without too much mess. Took this in a slightly different direction after playing with it for a while. Abstracting all PTE accesses adds a lot of churn to the series. Adding in an assertion before invoking a visitor callback (i.e. when the raw pointer is about to be used) provides a similar degree of assurance that we are indeed RCU-safe. -- Thanks, Oliver