| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 16 Dec 2015 16:05:38 +0800
From: Kai Huang <kai.huang@...ux.intel.com>
To: Xiao Guangrong <guangrong.xiao@...ux.intel.com>,
pbonzini@...hat.com
Cc: gleb@...nel.org, mtosatti@...hat.com, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 09/11] KVM: MMU: simplify mmu_need_write_protect
On 12/15/2015 05:25 PM, Xiao Guangrong wrote:
>
>
> On 12/15/2015 04:43 PM, Kai Huang wrote:
>>
>>
>> On 12/01/2015 02:26 AM, Xiao Guangrong wrote:
>>> Now, all non-leaf shadow page are page tracked, if gfn is not tracked
>>> there is no non-leaf shadow page of gfn is existed, we can directly
>>> make the shadow page of gfn to unsync
>>>
>>> Signed-off-by: Xiao Guangrong <guangrong.xiao@...ux.intel.com>
>>> ---
>>> arch/x86/kvm/mmu.c | 26 ++++++++------------------
>>> 1 file changed, 8 insertions(+), 18 deletions(-)
>>>
>>> diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
>>> index 5a2ca73..f89e77f 100644
>>> --- a/arch/x86/kvm/mmu.c
>>> +++ b/arch/x86/kvm/mmu.c
>>> @@ -2461,41 +2461,31 @@ static void __kvm_unsync_page(struct
>>> kvm_vcpu *vcpu, struct kvm_mmu_page *sp)
>>> kvm_mmu_mark_parents_unsync(sp);
>>> }
>>> -static void kvm_unsync_pages(struct kvm_vcpu *vcpu, gfn_t gfn)
>>> +static bool kvm_unsync_pages(struct kvm_vcpu *vcpu, gfn_t gfn,
>>> + bool can_unsync)
>>> {
>>> struct kvm_mmu_page *s;
>>> for_each_gfn_indirect_valid_sp(vcpu->kvm, s, gfn) {
>>> + if (!can_unsync)
>>> + return true;
>> How about moving this right before for_each_gfn_indirect_valid_sp? As
>> can_unsync is passed as
>> parameter, so there's no point checking it several times.
>>
>
> We can not do this. What we are doing here is checking if we have
> shadow page mapping
> for 'gfn':
> a) if no, it can be writable.
I think in this case you should also check whether the GFN is being
write protection tracked. Ex, if the spte never exists when you add the
GFN to write protection tracking, and in this case I think
mmu_need_write_protect should also report true. Right?
> b) if yes, check 'can_unsync' to see if these shadow pages can make to
> be 'unsync'.
>
> Your suggestion can break the point a).
>
>> A further thinking is can we move it to mmu_need_write_protect?
>> Passing can_unsync as parameter to
>> kvm_unsync_pages sounds a little bit odd.
>>
>>> +
>>> if (s->unsync)
>>> continue;
>>> WARN_ON(s->role.level != PT_PAGE_TABLE_LEVEL);
>> How about large page mapping? Such as if guest uses 2M mapping and
>> its shadow is indirect, does
>> above WARN_ON still meet? As you removed the PT level check in
>> mmu_need_write_protect.
>
> The lager mapping are on the non-leaf shadow pages which can be
> figured out by
> kvm_page_track_check_mode() before we call this function.
Actually I am not quite understanding how large page mapping is
implemented. I see in kvm_mmu_get_page, when sp is allocated, it is
large page mapping disabled, but I think we do support large shadow
mapping, right? I mean theoretically if guest uses 2M mapping and
shadow mapping can certainly use 2M mapping as well, and the 2M shadow
mapping can also be 'unsynced' (as a leaf mapping table). But in your
series I see if we write protect some GFN, the shadow large page
mapping is always disabled.
Am I wrong?
Thanks,
-Kai
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists