lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20200820091327.197807-1-mlevitsk@redhat.com>
Date:   Thu, 20 Aug 2020 12:13:19 +0300
From:   Maxim Levitsky <mlevitsk@...hat.com>
To:     kvm@...r.kernel.org
Cc:     Jim Mattson <jmattson@...gle.com>, Joerg Roedel <joro@...tes.org>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Borislav Petkov <bp@...en8.de>,
        Thomas Gleixner <tglx@...utronix.de>,
        "H. Peter Anvin" <hpa@...or.com>,
        Vitaly Kuznetsov <vkuznets@...hat.com>,
        linux-kernel@...r.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND
        64-BIT)),
        x86@...nel.org (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)),
        Ingo Molnar <mingo@...hat.com>,
        Wanpeng Li <wanpengli@...cent.com>,
        Sean Christopherson <sean.j.christopherson@...el.com>,
        Maxim Levitsky <mlevitsk@...hat.com>
Subject: [PATCH 0/8] KVM: nSVM: ondemand nested state allocation + nested
 guest state caching

Hi!

This patch series implements caching of the whole nested guest vmcb
as opposed to current code that only caches its control area.
This allows us to avoid race in which guest changes the data area
while we are verifying it.

In adddition to that I also implemented on demand nested state area
to compensate a bit for memory usage increase from this caching.
This way at least guests that don't use nesting won't waste memory
on nested state.

Patches 1,2,3 are just refactoring,

Patches 4,5 are for ondemand nested state, while patches 6,7,8 are
for caching of the nested state.

Patch 8 is more of an optimization and can be dropped if you like to.

The series was tested with various nested guests, in one case even with
L3 running, but note that due to unrelated issue, migration with nested
guest running didn't work for me with or without this series.
I am investigating this currently.

Best regards,
	Maxim Levitsky

Maxim Levitsky (8):
  KVM: SVM: rename a variable in the svm_create_vcpu
  KVM: nSVM: rename nested 'vmcb' to vmcb_gpa in few places
  KVM: SVM: refactor msr permission bitmap allocation
  KVM: x86: allow kvm_x86_ops.set_efer to return a value
  KVM: nSVM: implement ondemand allocation of the nested state
  SVM: nSVM: cache whole nested vmcb instead of only its control area
  KVM: nSVM: implement caching of nested vmcb save area
  KVM: nSVM: read only changed fields of the nested guest data area

 arch/x86/include/asm/kvm_host.h |   2 +-
 arch/x86/kvm/svm/nested.c       | 296 +++++++++++++++++++++++---------
 arch/x86/kvm/svm/svm.c          | 129 +++++++-------
 arch/x86/kvm/svm/svm.h          |  32 ++--
 arch/x86/kvm/vmx/vmx.c          |   5 +-
 arch/x86/kvm/x86.c              |   3 +-
 6 files changed, 312 insertions(+), 155 deletions(-)

-- 
2.26.2


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ