On Mon, Feb 12, 2024 at 06:01:54PM +0100, Paolo Bonzini <pbonzini@xxxxxxxxxx> wrote: > On Tue, Jan 23, 2024 at 12:55 AM <isaku.yamahata@xxxxxxxxx> wrote: > > > > From: Isaku Yamahata <isaku.yamahata@xxxxxxxxx> > > > > TDX requires TDX SEAMCALL to operate Secure EPT instead of direct memory > > access and TDX SEAMCALL is heavy operation. Fast page fault on private GPA > > doesn't make sense. Disallow fast page fault on private GPA. > > > > Signed-off-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx> > > Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> > > --- > > arch/x86/kvm/mmu/mmu.c | 12 ++++++++++-- > > 1 file changed, 10 insertions(+), 2 deletions(-) > > > > diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c > > index b2924bd9b668..54d4c8f1ba68 100644 > > --- a/arch/x86/kvm/mmu/mmu.c > > +++ b/arch/x86/kvm/mmu/mmu.c > > @@ -3339,8 +3339,16 @@ static int kvm_handle_noslot_fault(struct kvm_vcpu *vcpu, > > return RET_PF_CONTINUE; > > } > > > > -static bool page_fault_can_be_fast(struct kvm_page_fault *fault) > > +static bool page_fault_can_be_fast(struct kvm *kvm, struct kvm_page_fault *fault) > > { > > + /* > > + * TDX private mapping doesn't support fast page fault because the EPT > > + * entry is read/written with TDX SEAMCALLs instead of direct memory > > + * access. > > + */ > > + if (kvm_is_private_gpa(kvm, fault->addr)) > > + return false; > > I think this does not apply to SNP? If so, it would be better to check > the SPTE against the shared-page mask inside the do...while loop. No, this won't apply to SNP. Let me update the patch corresponding in v19. -- Isaku Yamahata <isaku.yamahata@xxxxxxxxxxxxxxx>