| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 25 Aug 2011 15:57:22 +0800 From: Xiao Guangrong <xiaoguangrong@...fujitsu.com> To: Marcelo Tosatti <mtosatti@...hat.com> CC: Avi Kivity <avi@...hat.com>, LKML <linux-kernel@...r.kernel.org>, KVM <kvm@...r.kernel.org> Subject: Re: [PATCH 11/11] KVM: MMU: improve write flooding detected On 08/24/2011 03:09 AM, Marcelo Tosatti wrote: > On Wed, Aug 24, 2011 at 12:32:32AM +0800, Xiao Guangrong wrote: >> On 08/23/2011 08:38 PM, Marcelo Tosatti wrote: >> >>>> And, i think there are not problems since: if the spte without accssed bit is >>>> written frequently, it means the guest page table is accessed infrequently or >>>> during the writing, the guest page table is not accessed, in this time, zapping >>>> this shadow page is not bad. >>> >>> Think of the following scenario: >>> >>> 1) page fault, spte with accessed bit is created from gpte at gfnA+indexA. >>> 2) write to gfnA+indexA, spte has accessed bit set, write_flooding_count >>> is not increased. >>> 3) repeat >>> >> >> I think the result is just we hoped, we do not want to zap the shadow page >> because the spte is currently used by the guest, it also will be used in the >> next repetition. So do not increase 'write_flooding_count' is a good choice. > > Its not used. Step 2) is write to write protected shadow page at > gfnA. > >> Let's consider what will happen if we increase 'write_flooding_count': >> 1: after three repetitions, zap the shadow page >> 2: in step 1, we will alloc a new shadow page for gpte at gfnA+indexA >> 3: in step 2, the flooding count is creased, so after 3 repetitions, the >> shadow page can be zapped again, repeat 1 to 3. > > The shadow page will not be zapped because the spte created from > gfnA+indexA has the accessed bit set: > > if (spte && !(*spte & shadow_accessed_mask)) > sp->write_flooding_count++; > else > sp->write_flooding_count = 0; > Marcelo, i am still confused with your example, in step 3), what is repeated? it repeats step 2) or it repeats step 1) and 2)? Only step 2) is repeated i guess, right? if it is yes, it works well: when the guest writes gpte, the spte of corresponding shadow page is zapped (level > 1) or it is speculatively fetched(level == 1), the accessed bit is cleared in both case. the later write can detect that the accessed bit is not set, and write_flooding_count is increased. finally, the shadow page is zapped, the gpte is written directly. >> The result is the shadow page for gfnA is alloced and zapped again and again, >> yes? > > The point is you cannot rely on the accessed bit of sptes that have been > instantiated with the accessed bit set to decide whether or not to zap. > Because the accessed bit will only be cleared on host memory pressure. > But the accessed bit is also cleared after spte is written. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists