lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20171213133515.h6ky65rgrfwutxei@hirez.programming.kicks-ass.net>
Date:   Wed, 13 Dec 2017 14:35:15 +0100
From:   Peter Zijlstra <peterz@...radead.org>
To:     Wanpeng Li <kernellwp@...il.com>
Cc:     linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
        Paolo Bonzini <pbonzini@...hat.com>,
        Radim Krčmář <rkrcmar@...hat.com>,
        Wanpeng Li <wanpeng.li@...mail.com>
Subject: Re: [PATCH v8 3/4] KVM: X86: introduce invalidate_gpa argument to
 tlb flush

On Tue, Dec 12, 2017 at 05:33:03PM -0800, Wanpeng Li wrote:
> From: Wanpeng Li <wanpeng.li@...mail.com>
> 
> Introduce a new bool invalidate_gpa argument to kvm_x86_ops->tlb_flush,
> it will be used by later patches to just flush guest tlb.

As opposed to what? Will it now also flush host TLB? Why would it ever
want to flush host TLBs?

> @@ -4785,7 +4785,7 @@ static int svm_set_tss_addr(struct kvm *kvm, unsigned int addr)
>  	return 0;
>  }
>  
> -static void svm_flush_tlb(struct kvm_vcpu *vcpu)
> +static void svm_flush_tlb(struct kvm_vcpu *vcpu, bool invalidate_gpa)
>  {
>  	struct vcpu_svm *svm = to_svm(vcpu);
>  

So this is a no-op for SVM.

> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index ef7d13e..c179175 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -4140,9 +4140,10 @@ static void exit_lmode(struct kvm_vcpu *vcpu)
>  
>  #endif
>  
> -static inline void __vmx_flush_tlb(struct kvm_vcpu *vcpu, int vpid)
> +static inline void __vmx_flush_tlb(struct kvm_vcpu *vcpu, int vpid,
> +				bool invalidate_gpa)
>  {
> -	if (enable_ept) {
> +	if (enable_ept && (invalidate_gpa || !enable_vpid)) {
>  		if (!VALID_PAGE(vcpu->arch.mmu.root_hpa))
>  			return;
>  		ept_sync_context(construct_eptp(vcpu, vcpu->arch.mmu.root_hpa));

And for EPT you explicitly fall back to INVPVID when !gpa.

Why?

This really needs a better changelog; this is incomprehensible.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ