| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200930180438.GH32672@linux.intel.com>
Date: Wed, 30 Sep 2020 11:04:42 -0700
From: Sean Christopherson <sean.j.christopherson@...el.com>
To: Ben Gardon <bgardon@...gle.com>
Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
Cannon Matthews <cannonmatthews@...gle.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Peter Xu <peterx@...hat.com>, Peter Shier <pshier@...gle.com>,
Peter Feiner <pfeiner@...gle.com>,
Junaid Shahid <junaids@...gle.com>,
Jim Mattson <jmattson@...gle.com>,
Yulei Zhang <yulei.kernel@...il.com>,
Wanpeng Li <kernellwp@...il.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Xiao Guangrong <xiaoguangrong.eric@...il.com>
Subject: Re: [PATCH 17/22] kvm: mmu: Support dirty logging for the TDP MMU
On Fri, Sep 25, 2020 at 02:22:57PM -0700, Ben Gardon wrote:
> +/*
> + * Remove write access from all the SPTEs mapping GFNs in the memslot. If
> + * skip_4k is set, SPTEs that map 4k pages, will not be write-protected.
> + * Returns true if an SPTE has been changed and the TLBs need to be flushed.
> + */
> +bool kvm_tdp_mmu_wrprot_slot(struct kvm *kvm, struct kvm_memory_slot *slot,
> + bool skip_4k)
> +{
> + struct kvm_mmu_page *root;
> + int root_as_id;
> + bool spte_set = false;
> +
> + for_each_tdp_mmu_root(kvm, root) {
> + root_as_id = kvm_mmu_page_as_id(root);
> + if (root_as_id != slot->as_id)
> + continue;
This pattern pops up quite a few times, probably worth adding
#define for_each_tdp_mmu_root_using_memslot(...) \
for_each_tdp_mmu_root(...) \
if (kvm_mmu_page_as_id(root) != slot->as_id) {
} else
> +
> + /*
> + * Take a reference on the root so that it cannot be freed if
> + * this thread releases the MMU lock and yields in this loop.
> + */
> + get_tdp_mmu_root(kvm, root);
> +
> + spte_set = wrprot_gfn_range(kvm, root, slot->base_gfn,
> + slot->base_gfn + slot->npages, skip_4k) ||
> + spte_set;
> +
> + put_tdp_mmu_root(kvm, root);
> + }
> +
> + return spte_set;
> +}
> +
> +/*
> + * Clear the dirty status of all the SPTEs mapping GFNs in the memslot. If
> + * AD bits are enabled, this will involve clearing the dirty bit on each SPTE.
> + * If AD bits are not enabled, this will require clearing the writable bit on
> + * each SPTE. Returns true if an SPTE has been changed and the TLBs need to
> + * be flushed.
> + */
> +static bool clear_dirty_gfn_range(struct kvm *kvm, struct kvm_mmu_page *root,
> + gfn_t start, gfn_t end)
> +{
> + struct tdp_iter iter;
> + u64 new_spte;
> + bool spte_set = false;
> + int as_id = kvm_mmu_page_as_id(root);
> +
> + for_each_tdp_pte_root(iter, root, start, end) {
> + if (!is_shadow_present_pte(iter.old_spte) ||
> + !is_last_spte(iter.old_spte, iter.level))
> + continue;
Same thing here, extra wrappers would probably be helpful. At least add one
for the present case, e.g.
#define for_each_present_tdp_pte_using_root()
and maybe even
#define for_each_leaf_tdp_pte_using_root()
since the "!present || !last" pops up 4 or 5 times.
> +
> + if (spte_ad_need_write_protect(iter.old_spte)) {
> + if (is_writable_pte(iter.old_spte))
> + new_spte = iter.old_spte & ~PT_WRITABLE_MASK;
> + else
> + continue;
Powered by blists - more mailing lists