lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 13 Dec 2017 16:08:41 -0500 (EST)
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
Cc:     linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
        Jim Mattson <jmattson@...gle.com>,
        Wanpeng Li <wanpeng.li@...mail.com>
Subject: Re: [PATCH] KVM: vmx: shadow more fields that are read/written on
 every vmexits



----- Original Message -----
> From: "Konrad Rzeszutek Wilk" <konrad.wilk@...cle.com>
> To: "Paolo Bonzini" <pbonzini@...hat.com>
> Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org, "Jim Mattson" <jmattson@...gle.com>, "Wanpeng Li"
> <wanpeng.li@...mail.com>
> Sent: Wednesday, December 13, 2017 4:59:47 PM
> Subject: Re: [PATCH] KVM: vmx: shadow more fields that are read/written on every vmexits
> 
> On Wed, Dec 13, 2017 at 01:13:56PM +0100, Paolo Bonzini wrote:
> > Compared to when VMCS shadowing was added to KVM, we are reading/writing
> > a few more fields: the PML index, the interrupt status and the preemption
> > timer value.  The first two are because we are exposing more features
> > to nested guests, the preemption timer is simply because we have grown
> > a new optimization.  Adding them to the shadow VMCS field lists reduces
> > the cost of a vmexit by about 1000 clock cycles for each field that exists
> > on bare metal.
> > 
> > On the other hand, the guest BNDCFGS and TSC offset are not written on
> > fast paths, so remove them.
> 
> Which guest types? Linux? What about Windows Hyper-V /VMWare and such?

Only KVM, but I don't see why any other hypervisor would have to
write them more than once per MSR access.  VMWRITEs do have a (small but
visible) cost.

> Does it hurt to have them retained?

It does cost a little, though another patch I posted decreases that cost.

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ