| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <0b6701ed-8eac-1f52-8fdd-c06d2289ce11@google.com>
Date: Fri, 27 Sep 2019 13:24:37 -0700
From: Junaid Shahid <junaids@...gle.com>
To: Paolo Bonzini <pbonzini@...hat.com>, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org
Cc: Vitaly Kuznetsov <vkuznets@...hat.com>,
Sean Christopherson <sean.j.christopherson@...el.com>
Subject: Re: [PATCH v2 2/3] KVM: x86: fix nested guest live migration with PML
On 9/27/19 4:15 AM, Paolo Bonzini wrote:
> Shadow paging is fundamentally incompatible with the page-modification
> log, because the GPAs in the log come from the wrong memory map.
> In particular, for the EPT page-modification log, the GPAs in the log come
> from L2 rather than L1. (If there was a non-EPT page-modification log,
> we couldn't use it for shadow paging because it would log GVAs rather
> than GPAs).
>
> Therefore, we need to rely on write protection to record dirty pages.
> This has the side effect of bypassing PML, since writes now result in an
> EPT violation vmexit.
>
> This is relatively easy to add to KVM, because pretty much the only place
> that needs changing is spte_clear_dirty. The first access to the page
> already goes through the page fault path and records the correct GPA;
> it's only subsequent accesses that are wrong. Therefore, we can equip
> set_spte (where the first access happens) to record that the SPTE will
> have to be write protected, and then spte_clear_dirty will use this
> information to do the right thing.
>
> Signed-off-by: Paolo Bonzini <pbonzini@...hat.com>
> ---
Reviewed-by: Junaid Shahid <junaids@...gle.com>
Powered by blists - more mailing lists