lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 25 Jul 2018 17:19:26 +0200
From:   Vitaly Kuznetsov <vkuznets@...hat.com>
To:     Paolo Bonzini <pbonzini@...hat.com>
Cc:     kvm@...r.kernel.org,
        Radim Krčmář <rkrcmar@...hat.com>,
        Roman Kagan <rkagan@...tuozzo.com>,
        "K. Y. Srinivasan" <kys@...rosoft.com>,
        Haiyang Zhang <haiyangz@...rosoft.com>,
        Stephen Hemminger <sthemmin@...rosoft.com>,
        "Michael Kelley \(EOSG\)" <Michael.H.Kelley@...rosoft.com>,
        Mohammed Gamal <mmorsy@...hat.com>,
        Cathy Avery <cavery@...hat.com>, linux-kernel@...r.kernel.org,
        Jim Mattson <jmattson@...gle.com>,
        Liran Alon <liran.alon@...cle.com>
Subject: Re: [PATCH v2 6/6] KVM: nVMX: optimize prepare_vmcs02{,_full} for Enlightened VMCS case

Paolo Bonzini <pbonzini@...hat.com> writes:

> On 25/07/2018 16:13, Vitaly Kuznetsov wrote:
>> Paolo Bonzini <pbonzini@...hat.com> writes:
>> 
>>> On 25/07/2018 15:26, Vitaly Kuznetsov wrote:
>>>
>>>> The other place where we set dirty_vmcs12 is the newly introduced
>>>> vmx_set_nested_state() but I think I'm going to add support for eVMCS
>>>> there later and just return something like -ENOTSUPP for now. Too many
>>>> people work on nested simultaneously :-)
>>>
>>> Hmm, I think that means you have to put the clean fields in the
>>> vmx_nested struct.  Then it's really easy in vmx_set_nested_state to
>>> clear all the clean bits.  Touching memory in vmx_set_nested_state is...
>>> *puts on sunglasses* a touchy subject (see comment in kvm/queue's
>>> enter_vmx_non_root_mode).
>>>
>> 
>> Not only clean fields, in case we can't touch memory in
>> vmx_set_nested_state I guess we'll need to cache the whole eVMCS, just
>> like we save cached_shadow_vmcs12. Anyway, let's eat the elephant one
>> bite at a time :-)
>
> You're right, but do we actually need to save the vmcs12 if eVMCS is
> active?  The format would be different, but the size wouldn't.

I think we don't: vmcs12 can always be re-constructed from eVMCS and
vice versa. The size is not exactly the same as we have some stuff
which is missing in eVMCS but we know that eVMCS will always fit into
vmcs12 area.

-- 
  Vitaly

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ