lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 7 Oct 2010 19:21:52 +0200
From:	Gleb Natapov <gleb@...hat.com>
To:	Avi Kivity <avi@...hat.com>
Cc:	kvm@...r.kernel.org, linux-mm@...ck.org,
	linux-kernel@...r.kernel.org, mingo@...e.hu,
	a.p.zijlstra@...llo.nl, tglx@...utronix.de, hpa@...or.com,
	riel@...hat.com, cl@...ux-foundation.org, mtosatti@...hat.com
Subject: Re: [PATCH v6 03/12] Retry fault before vmentry

On Thu, Oct 07, 2010 at 02:29:07PM +0200, Avi Kivity wrote:
>  On 10/04/2010 05:56 PM, Gleb Natapov wrote:
> >When page is swapped in it is mapped into guest memory only after guest
> >tries to access it again and generate another fault. To save this fault
> >we can map it immediately since we know that guest is going to access
> >the page. Do it only when tdp is enabled for now. Shadow paging case is
> >more complicated. CR[034] and EFER registers should be switched before
> >doing mapping and then switched back.
> 
> With non-pv apf, I don't think we can do shadow paging.  The guest
Yes, with non-pv this trick will not work without tdp. I haven't even
considered it for that case.

> isn't aware of the apf, so as far as it is concerned it is allowed
> to kill the process and replace it with something else:
> 
>   guest process x: apf
>   kvm: timer intr
>   guest kernel: context switch
>   very fast guest admin: pkill -9 x
>   guest kernel: destroy x's cr3
>   guest kernel: reuse x's cr3 for new process y
>   kvm: retry fault, instantiating x's page in y's page table
> 
> Even with tdp, we have the same case for nnpt (just
> s/kernel/hypervisor/ and s/process/guest/).  What we really need is
> to only instantiate the page for direct maps, which are independent
> of the guest.
> 
> Could be done like this:
> 
> - at apf time, walk shadow mmu
> - if !sp->role.direct, abort
> - take reference to sp
> - on apf completion, instantiate spte in sp
> 
> -- 
> I have a truly marvellous patch that fixes the bug which this
> signature is too narrow to contain.

--
			Gleb.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ