| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Sep 2020 11:37:27 -0700
From: Sean Christopherson <sean.j.christopherson@...el.com>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: Sean Christopherson <sean.j.christopherson@...el.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Jim Mattson <jmattson@...gle.com>,
Joerg Roedel <joro@...tes.org>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, Junaid Shahid <junaids@...gle.com>
Subject: [PATCH v2 0/8] KVM: x86/mmu: ITLB multi-hit workaround fixes
Patch 1 is a minor fix for a very theoretical bug where KVM could skip
the final "commit zap" when recovering shadow pages for the NX huge
page mitigation.
Patch 2 is cleanup that's made possible by patch 1.
Patches 3-5 are the main course and fix bugs in the NX huge page
accounting where shadow pages are incorrectly added to the list of
disallowed huge pages. KVM doesn't actually check to see if the page
could actually have been a large page when adding to the disallowed list.
This result in what are effectively spurious zaps. The biggest issue is
likely with shadow pages in the upper levels, i.e. levels 3 and 4, as they
are either unlikely to be huge (1gb) or flat out can't be huge (512tb).
And because of the way KVM zaps, the upper levels will be zapped first,
i.e. KVM is likely zapping and rebuilding a decent number of its shadow
pages for zero benefit.
Ideally, patches 3-5 would be a single patch to ease backporting. In the
end, I decided the change is probably not suitable for stable as at worst
it creates an infrequent performance spike (assuming the admin isn't going
crazy with the recovery frequency), and it's far from straightforward or
risk free. Cramming everything into a single patch was a mess.
Patches 6-8 are cleanups in related code. The 'hlevel' name in particular
has been on my todo list for a while.
v2:
- Rebased to kvm/queue, commit e1ba1a15af73 ("KVM: SVM: Enable INVPCID
feature on AMD").
Sean Christopherson (8):
KVM: x86/mmu: Commit zap of remaining invalid pages when recovering
lpages
KVM: x86/mmu: Refactor the zap loop for recovering NX lpages
KVM: x86/mmu: Move "huge page disallowed" calculation into mapping
helpers
KVM: x86/mmu: Capture requested page level before NX huge page
workaround
KVM: x86/mmu: Account NX huge page disallowed iff huge page was
requested
KVM: x86/mmu: Rename 'hlevel' to 'level' in FNAME(fetch)
KVM: x86/mmu: Hoist ITLB multi-hit workaround check up a level
KVM: x86/mmu: Track write/user faults using bools
arch/x86/kvm/mmu/mmu.c | 58 +++++++++++++++++++++-------------
arch/x86/kvm/mmu/paging_tmpl.h | 39 ++++++++++++-----------
2 files changed, 57 insertions(+), 40 deletions(-)
--
2.28.0
Powered by blists - more mailing lists