| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 24 Aug 2011 17:05:40 -0300 From: Marcelo Tosatti <mtosatti@...hat.com> To: Xiao Guangrong <xiaoguangrong@...fujitsu.com> Cc: Avi Kivity <avi@...hat.com>, LKML <linux-kernel@...r.kernel.org>, KVM <kvm@...r.kernel.org> Subject: Re: [PATCH 11/11] KVM: MMU: improve write flooding detected On Wed, Aug 24, 2011 at 04:16:52AM +0800, Xiao Guangrong wrote: > On 08/24/2011 03:09 AM, Marcelo Tosatti wrote: > > On Wed, Aug 24, 2011 at 12:32:32AM +0800, Xiao Guangrong wrote: > >> On 08/23/2011 08:38 PM, Marcelo Tosatti wrote: > >> > >>>> And, i think there are not problems since: if the spte without accssed bit is > >>>> written frequently, it means the guest page table is accessed infrequently or > >>>> during the writing, the guest page table is not accessed, in this time, zapping > >>>> this shadow page is not bad. > >>> > >>> Think of the following scenario: > >>> > >>> 1) page fault, spte with accessed bit is created from gpte at gfnA+indexA. > >>> 2) write to gfnA+indexA, spte has accessed bit set, write_flooding_count > >>> is not increased. > >>> 3) repeat > >>> > >> > >> I think the result is just we hoped, we do not want to zap the shadow page > >> because the spte is currently used by the guest, it also will be used in the > >> next repetition. So do not increase 'write_flooding_count' is a good choice. > > > > Its not used. Step 2) is write to write protected shadow page at > > gfnA. > > > >> Let's consider what will happen if we increase 'write_flooding_count': > >> 1: after three repetitions, zap the shadow page > >> 2: in step 1, we will alloc a new shadow page for gpte at gfnA+indexA > >> 3: in step 2, the flooding count is creased, so after 3 repetitions, the > >> shadow page can be zapped again, repeat 1 to 3. > > > > The shadow page will not be zapped because the spte created from > > gfnA+indexA has the accessed bit set: > > > > if (spte && !(*spte & shadow_accessed_mask)) > > sp->write_flooding_count++; > > else > > sp->write_flooding_count = 0; > > > > Ah, i see, i thought it was "repeat"ed on the same spte, it was my wrong. > > Yes, in this case, the sp is not zapped, but it is hardly to know the gfn > is not used as gpte just depends on writing, for example, the guest can > change the mapping address or the status bit, and so on...The sp can be > zapped if the guest write it again(on the same address), i think it is > acceptable, anymore, it is just the speculative way to zap the unused > shadow page...your opinion? It could increase the flood count independently of the accessed bit of the spte being updated, zapping after 3 attempts as it is now. But additionally reset the flood count if the gpte appears to be valid (points to an existant gfn if the present bit is set, or if its zeroed). > >> The result is the shadow page for gfnA is alloced and zapped again and again, > >> yes? > > > > The point is you cannot rely on the accessed bit of sptes that have been > > instantiated with the accessed bit set to decide whether or not to zap. > > Because the accessed bit will only be cleared on host memory pressure. > > > > Yes, accessed bit is the cursory way to track gpte accessed, however, > at least, the accessed bit can indicate whether the gfn is accessed > for a period of time in the most case, for example, from it is > speculated to it is written, or from it is zapped to it is written, > i thinks it is not too bad. > > Do you have ideas to improve this? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists