| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 20 Aug 2020 12:13:19 +0300
From: Maxim Levitsky <mlevitsk@...hat.com>
To: kvm@...r.kernel.org
Cc: Jim Mattson <jmattson@...gle.com>, Joerg Roedel <joro@...tes.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Borislav Petkov <bp@...en8.de>,
Thomas Gleixner <tglx@...utronix.de>,
"H. Peter Anvin" <hpa@...or.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
linux-kernel@...r.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND
64-BIT)),
x86@...nel.org (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)),
Ingo Molnar <mingo@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Sean Christopherson <sean.j.christopherson@...el.com>,
Maxim Levitsky <mlevitsk@...hat.com>
Subject: [PATCH 0/8] KVM: nSVM: ondemand nested state allocation + nested
guest state caching
Hi!
This patch series implements caching of the whole nested guest vmcb
as opposed to current code that only caches its control area.
This allows us to avoid race in which guest changes the data area
while we are verifying it.
In adddition to that I also implemented on demand nested state area
to compensate a bit for memory usage increase from this caching.
This way at least guests that don't use nesting won't waste memory
on nested state.
Patches 1,2,3 are just refactoring,
Patches 4,5 are for ondemand nested state, while patches 6,7,8 are
for caching of the nested state.
Patch 8 is more of an optimization and can be dropped if you like to.
The series was tested with various nested guests, in one case even with
L3 running, but note that due to unrelated issue, migration with nested
guest running didn't work for me with or without this series.
I am investigating this currently.
Best regards,
Maxim Levitsky
Maxim Levitsky (8):
KVM: SVM: rename a variable in the svm_create_vcpu
KVM: nSVM: rename nested 'vmcb' to vmcb_gpa in few places
KVM: SVM: refactor msr permission bitmap allocation
KVM: x86: allow kvm_x86_ops.set_efer to return a value
KVM: nSVM: implement ondemand allocation of the nested state
SVM: nSVM: cache whole nested vmcb instead of only its control area
KVM: nSVM: implement caching of nested vmcb save area
KVM: nSVM: read only changed fields of the nested guest data area
arch/x86/include/asm/kvm_host.h | 2 +-
arch/x86/kvm/svm/nested.c | 296 +++++++++++++++++++++++---------
arch/x86/kvm/svm/svm.c | 129 +++++++-------
arch/x86/kvm/svm/svm.h | 32 ++--
arch/x86/kvm/vmx/vmx.c | 5 +-
arch/x86/kvm/x86.c | 3 +-
6 files changed, 312 insertions(+), 155 deletions(-)
--
2.26.2
Powered by blists - more mailing lists