| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <55F8563D.3050905@siemens.com> Date: Tue, 15 Sep 2015 19:32:45 +0200 From: Jan Kiszka <jan.kiszka@...mens.com> To: Wanpeng Li <wanpeng.li@...mail.com>, Paolo Bonzini <pbonzini@...hat.com> Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] KVM: nVMX: nested VPID emulation On 2015-09-15 12:14, Wanpeng Li wrote: > On 9/14/15 10:54 PM, Jan Kiszka wrote: >> Last but not least: the guest can now easily exhaust the host's pool of >> vpid by simply spawning plenty of VCPUs for L2, no? Is this acceptable >> or should there be some limit? > > I reuse the value of vpid02 while vpid12 changed w/ one invvpid in v2, > and the scenario which you pointed out can be avoid. I cannot yet follow why there is no chance for L1 to consume all vpids that the host manages in that single, global bitmap by simply spawning a lot of nested VCPUs for some L2. What is enforcing L1 to call nested vmclear - apparently the only way, besides destructing nested VCPUs, to release such vpids again? Jan -- Siemens AG, Corporate Technology, CT RTC ITP SES-DE Corporate Competence Center Embedded Linux -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists