| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Nov 2017 11:42:17 +0800
From: Xiao Guangrong <guangrong.xiao@...il.com>
To: Xiao Guangrong <xiaoguangrong.eric@...il.com>, kvm@...r.kernel.org,
x86@...nel.org, linux-kernel@...r.kernel.org,
Paolo Bonzini <pbonzini@...hat.com>, rkrcmar@...hat.com,
Dan Williams <dan.j.williams@...el.com>,
ivan.d.cuevas.escareno@...el.com, karthik.kumar@...el.com,
Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
Olif Chapman <olif.chapman@...cle.com>,
Ingo Molnar <mingo@...hat.com>
Subject: Re: [PATCH v4 3/3] KVM: MMU: consider host cache mode in MMIO page
check
On 11/03/2017 05:29 PM, Haozhong Zhang wrote:
> On 11/03/17 17:24 +0800, Xiao Guangrong wrote:
>>
>>
>> On 11/03/2017 05:02 PM, Haozhong Zhang wrote:
>>> On 11/03/17 16:51 +0800, Haozhong Zhang wrote:
>>>> On 11/03/17 14:54 +0800, Xiao Guangrong wrote:
>>>>>
>>>>>
>>>>> On 11/03/2017 01:53 PM, Haozhong Zhang wrote:
>>>>>> Some reserved pages, such as those from NVDIMM DAX devices, are
>>>>>> not for MMIO, and can be mapped with cached memory type for better
>>>>>> performance. However, the above check misconceives those pages as
>>>>>> MMIO. Because KVM maps MMIO pages with UC memory type, the
>>>>>> performance of guest accesses to those pages would be harmed.
>>>>>> Therefore, we check the host memory type by lookup_memtype() in
>>>>>> addition and only treat UC/UC- pages as MMIO.
>>>>>>
>>>>>> Signed-off-by: Haozhong Zhang <haozhong.zhang@...el.com>
>>>>>> Reported-by: Cuevas Escareno, Ivan D <ivan.d.cuevas.escareno@...el.com>
>>>>>> Reported-by: Kumar, Karthik <karthik.kumar@...el.com>
>>>>>> ---
>>>>>> arch/x86/kvm/mmu.c | 19 ++++++++++++++++++-
>>>>>> 1 file changed, 18 insertions(+), 1 deletion(-)
>>>>>>
>>>>>> diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
>>>>>> index 0b481cc9c725..e9ed0e666a83 100644
>>>>>> --- a/arch/x86/kvm/mmu.c
>>>>>> +++ b/arch/x86/kvm/mmu.c
>>>>>> @@ -2708,7 +2708,24 @@ static bool mmu_need_write_protect(struct kvm_vcpu *vcpu, gfn_t gfn,
>>>>>> static bool kvm_is_mmio_pfn(kvm_pfn_t pfn)
>>>>>> {
>>>>>> if (pfn_valid(pfn))
>>>>>> - return !is_zero_pfn(pfn) && PageReserved(pfn_to_page(pfn));
>>>>>> + return !is_zero_pfn(pfn) && PageReserved(pfn_to_page(pfn)) &&
>>>>>> + /*
>>>>>> + * Some reserved pages, such as those from
>>>>>> + * NVDIMM DAX devices, are not for MMIO, and
>>>>>> + * can be mapped with cached memory type for
>>>>>> + * better performance. However, the above
>>>>>> + * check misconceives those pages as MMIO.
>>>>>> + * Because KVM maps MMIO pages with UC memory
>>>>>> + * type, the performance of guest accesses to
>>>>>> + * those pages would be harmed. Therefore, we
>>>>>> + * check the host memory type in addition and
>>>>>> + * only treat UC/UC- pages as MMIO.
>>>>>> + *
>>>>>> + * pat_pfn_is_uc() works only when PAT is enabled,
>>>>>> + * so check pat_enabled() as well.
>>>>>> + */
>>>>>> + (!pat_enabled() ||
>>>>>> + pat_pfn_is_uc(kvm_pfn_t_to_pfn_t(pfn)));
>>>>>
>>>>> Can it be compiled if !CONFIG_PAT?
>>>>
>>>> Yes.
>>>>
>>>> What I check via pat_enabled() is not only whether PAT support is
>>>> compiled, but also whether PAT is enabled at runtime.
>>>>
>>>>>
>>>>> It would be better if we move pat_enabled out of kvm as well,
>>>>
>>>> Surely I can combine them in one function like
>>>>
>>>> bool pat_pfn_is_uc(pfn_t pfn)
>>>> {
>>>> enum page_cache_mode cm;
>>>>
>>>> if (!pat_enabled())
>>>> return false;
>>>>
>>>> cm = lookup_memtype(pfn_t_to_phys(pfn));
>>>>
>>>> return cm == _PAGE_CACHE_MODE_UC || cm == _PAGE_CACHE_MODE_UC_MINUS;
>>>> }
>>>
>>> In addition, I think it's better to split this function into
>>> pat_pfn_is_uc() and pat_pfn_is_uc_minus() to avoid additional
>>> confusion.
>>
>> Why not use pat_pfn_is_uc_or_uc_minus(). :)
>
> Just in case that other places other than KVM do not need both of them.
>
I think we need not care the future case too much, it is not ABI
anyway. i.e, it can be easily adjusted if it is really needed
in the future.
But it is not a big deal...
Powered by blists - more mailing lists