lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 24 Sep 2014 15:57:50 +0800
From:	Tang Chen <tangchen@...fujitsu.com>
To:	<gleb@...nel.org>, <mtosatti@...hat.com>, <nadav.amit@...il.com>,
	<jan.kiszka@....de>, <pbonzini@...hat.com>
CC:	<kvm@...r.kernel.org>, <laijs@...fujitsu.com>,
	<isimatu.yasuaki@...fujitsu.com>, <guz.fnst@...fujitsu.com>,
	<linux-kernel@...r.kernel.org>, <tangchen@...fujitsu.com>
Subject: [PATCH v8 0/8] kvm, mem-hotplug: Do not pin ept identity pagetable and apic access page.

ept identity pagetable and apic access page in kvm are pinned in memory.
As a result, they cannot be migrated/hot-removed.

But actually they don't need to be pinned in memory.

[For ept identity page]
Just do not pin it. When it is migrated, guest will be able to find the
new page in the next ept violation.

[For apic access page]
The hpa of apic access page is stored in VMCS APIC_ACCESS_ADDR pointer.
When apic access page is migrated, we update VMCS APIC_ACCESS_ADDR pointer
for each vcpu in addition.

This patch-set is based on Linux 3.17.0-rc5.

NOTE: Tested with -cpu xxx,-x2apic option.
      But since nested vm pins some other pages in memory, if user uses nested
      vm, memory hot-remove will not work.

Change log v7->v8:
1. Patch 1/9~3/9 were applied to kvm/queue by Paolo Bonzini <pbonzini@...hat.com>.
   Just resend them, no changes.
2. Removed previous patch 4/9, which added unnecessary hook has_secondary_apic_access().
3. Set kvm_x86_ops->set_apic_access_page_addr to NULL when hardware had no flexpriority
   functionality which actually exists only on x86. 
4. Moved declaration of kvm_arch_mmu_notifier_invalidate_page() to arch/*/include/asm/kvm_host.h.
5. Removed useless set_apic_access_page_addr() hook for svm.

Tang Chen (8):
  kvm: Use APIC_DEFAULT_PHYS_BASE macro as the apic access page address.
  kvm: Remove ept_identity_pagetable from struct kvm_arch.
  kvm: Make init_rmode_identity_map() return 0 on success.
  kvm, mem-hotplug: Reload L1's apic access page in vcpu_enter_guest().
  kvm: Rename make_all_cpus_request() to kvm_make_all_cpus_request() and
    make it non-static.
  kvm, mem-hotplug: Reload L1's apic access page on migration when L2 is
    running.
  kvm, mem-hotplug: Add arch specific mmu notifier to handle apic access
    migration.
  kvm, mem-hotplug: Unpin and remove kvm_arch->apic_access_page.

 arch/arm/include/asm/kvm_host.h     |   5 ++
 arch/arm64/include/asm/kvm_host.h   |   5 ++
 arch/ia64/include/asm/kvm_host.h    |   7 ++
 arch/mips/include/asm/kvm_host.h    |   6 ++
 arch/powerpc/include/asm/kvm_host.h |   5 ++
 arch/s390/include/asm/kvm_host.h    |   8 +++
 arch/x86/include/asm/kvm_host.h     |   7 +-
 arch/x86/kvm/svm.c                  |   3 +-
 arch/x86/kvm/vmx.c                  | 130 ++++++++++++++++++++++++------------
 arch/x86/kvm/x86.c                  |  45 +++++++++++--
 include/linux/kvm_host.h            |   2 +
 virt/kvm/kvm_main.c                 |  13 ++--
 12 files changed, 180 insertions(+), 56 deletions(-)

-- 
1.8.3.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists