>From 501f4c799f207a07933279485f76205f91e4537f Mon Sep 17 00:00:00 2001 From: Sean Christopherson Date: Tue, 5 Aug 2025 15:13:27 -0700 Subject: [PATCH 4/5] KVM: VMX: Flush only active EPT roots on pCPU migration Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 2408aae01837..b42747e2293d 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1395,6 +1395,8 @@ static void shrink_ple_window(struct kvm_vcpu *vcpu) } } +static void vmx_flush_ept_on_pcpu_migration(struct kvm_mmu *mmu); + void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int cpu) { struct vcpu_vmx *vmx = to_vmx(vcpu); @@ -1431,7 +1433,12 @@ void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int cpu) * Flush all EPTP/VPID contexts, the new pCPU may have stale * TLB entries from its previous association with the vCPU. */ - kvm_make_request(KVM_REQ_TLB_FLUSH, vcpu); + if (enable_ept) { + vmx_flush_ept_on_pcpu_migration(&vcpu->arch.root_mmu); + vmx_flush_ept_on_pcpu_migration(&vcpu->arch.guest_mmu); + } else { + kvm_make_request(KVM_REQ_TLB_FLUSH, vcpu); + } /* * Linux uses per-cpu TSS and GDT, so set these when switching @@ -3254,6 +3261,24 @@ void vmx_flush_tlb_guest(struct kvm_vcpu *vcpu) vpid_sync_context(vmx_get_current_vpid(vcpu)); } +static void __vmx_flush_ept_on_pcpu_migration(hpa_t root_hpa) +{ + if (!VALID_PAGE(root_hpa)) + return; + + vmx_flush_tlb_ept_root(root_hpa); +} + +static void vmx_flush_ept_on_pcpu_migration(struct kvm_mmu *mmu) +{ + int i; + + __vmx_flush_ept_on_pcpu_migration(mmu->root.hpa); + + for (i = 0; i < KVM_MMU_NUM_PREV_ROOTS; i++) + __vmx_flush_ept_on_pcpu_migration(mmu->prev_roots[i].hpa); +} + void vmx_ept_load_pdptrs(struct kvm_vcpu *vcpu) { struct kvm_mmu *mmu = vcpu->arch.walk_mmu; -- 2.50.1.565.gc32cd1483b-goog