| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 08 Apr 2021 13:18:41 +0200
From: Vitaly Kuznetsov <vkuznets@...hat.com>
To: Vineeth Pillai <viremana@...ux.microsoft.com>,
Lan Tianyu <Tianyu.Lan@...rosoft.com>,
Michael Kelley <mikelley@...rosoft.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Sean Christopherson <seanjc@...gle.com>,
Wanpeng Li <wanpengli@...cent.com>,
Jim Mattson <jmattson@...gle.com>,
Joerg Roedel <joro@...tes.org>, Wei Liu <wei.liu@...nel.org>,
Stephen Hemminger <sthemmin@...rosoft.com>,
Haiyang Zhang <haiyangz@...rosoft.com>
Cc: Vineeth Pillai <viremana@...ux.microsoft.com>,
"H. Peter Anvin" <hpa@...or.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
"K. Y. Srinivasan" <kys@...rosoft.com>, x86@...nel.org,
kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-hyperv@...r.kernel.org
Subject: Re: [PATCH 5/7] KVM: SVM: hyper-v: Remote TLB flush for SVM
Vineeth Pillai <viremana@...ux.microsoft.com> writes:
> Enable remote TLB flush for SVM.
>
> Signed-off-by: Vineeth Pillai <viremana@...ux.microsoft.com>
> ---
> arch/x86/kvm/svm/svm.c | 35 +++++++++++++++++++++++++++++++++++
> 1 file changed, 35 insertions(+)
>
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index baee91c1e936..6287cab61f15 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -36,6 +36,7 @@
> #include <asm/spec-ctrl.h>
> #include <asm/cpu_device_id.h>
> #include <asm/traps.h>
> +#include <asm/mshyperv.h>
>
> #include <asm/virtext.h>
> #include "trace.h"
> @@ -43,6 +44,8 @@
> #include "svm.h"
> #include "svm_ops.h"
>
> +#include "hyperv.h"
> +
> #define __ex(x) __kvm_handle_fault_on_reboot(x)
>
> MODULE_AUTHOR("Qumranet");
> @@ -928,6 +931,8 @@ static __init void svm_set_cpu_caps(void)
> kvm_cpu_cap_set(X86_FEATURE_VIRT_SSBD);
> }
>
> +static struct kvm_x86_ops svm_x86_ops;
> +
> static __init int svm_hardware_setup(void)
> {
> int cpu;
> @@ -997,6 +1002,16 @@ static __init int svm_hardware_setup(void)
> kvm_configure_mmu(npt_enabled, get_max_npt_level(), PG_LEVEL_1G);
> pr_info("kvm: Nested Paging %sabled\n", npt_enabled ? "en" : "dis");
>
> +#if IS_ENABLED(CONFIG_HYPERV)
> + if (ms_hyperv.nested_features & HV_X64_NESTED_ENLIGHTENED_TLB
> + && npt_enabled) {
> + pr_info("kvm: Hyper-V enlightened NPT TLB flush enabled\n");
> + svm_x86_ops.tlb_remote_flush = kvm_hv_remote_flush_tlb;
> + svm_x86_ops.tlb_remote_flush_with_range =
> + kvm_hv_remote_flush_tlb_with_range;
> + }
> +#endif
> +
> if (nrips) {
> if (!boot_cpu_has(X86_FEATURE_NRIPS))
> nrips = false;
> @@ -1112,6 +1127,21 @@ static void svm_check_invpcid(struct vcpu_svm *svm)
> }
> }
>
> +#if IS_ENABLED(CONFIG_HYPERV)
> +static void hv_init_vmcb(struct vmcb *vmcb)
> +{
> + struct hv_enlightenments *hve = &vmcb->hv_enlightenments;
> +
> + if (npt_enabled &&
> + ms_hyperv.nested_features & HV_X64_NESTED_ENLIGHTENED_TLB)
> + hve->hv_enlightenments_control.enlightened_npt_tlb = 1;
> +}
> +#else
> +static inline void hv_init_vmcb(struct vmcb *vmcb)
> +{
> +}
> +#endif
> +
> static void init_vmcb(struct vcpu_svm *svm)
> {
> struct vmcb_control_area *control = &svm->vmcb->control;
> @@ -1274,6 +1304,8 @@ static void init_vmcb(struct vcpu_svm *svm)
> }
> }
>
> + hv_init_vmcb(svm->vmcb);
> +
> vmcb_mark_all_dirty(svm->vmcb);
>
> enable_gif(svm);
> @@ -3967,6 +3999,9 @@ static void svm_load_mmu_pgd(struct kvm_vcpu *vcpu, unsigned long root,
> svm->vmcb->control.nested_cr3 = cr3;
> vmcb_mark_dirty(svm->vmcb, VMCB_NPT);
>
> + if (kvm_x86_ops.tlb_remote_flush)
> + kvm_update_arch_tdp_pointer(vcpu->kvm, vcpu, cr3);
> +
VMX has "#if IS_ENABLED(CONFIG_HYPERV)" around this, should we add it
here too?
> /* Loading L2's CR3 is handled by enter_svm_guest_mode. */
> if (!test_bit(VCPU_EXREG_CR3, (ulong *)&vcpu->arch.regs_avail))
> return;
--
Vitaly
Powered by blists - more mailing lists