| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a737d476-05dc-5aea-99ec-8960fcb9fc2f@redhat.com>
Date: Tue, 3 Aug 2021 09:22:39 +0200
From: Paolo Bonzini <pbonzini@...hat.com>
To: Mingwei Zhang <mizhang@...gle.com>
Cc: Sean Christopherson <seanjc@...gle.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Jim Mattson <jmattson@...gle.com>,
Joerg Roedel <joro@...tes.org>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org,
Tom Lendacky <thomas.lendacky@....com>,
Marc Orr <marcorr@...gle.com>,
David Rientjes <rientjes@...gle.com>,
Alper Gun <alpergun@...gle.com>,
Dionna Glaze <dionnaglaze@...gle.com>,
Vipin Sharma <vipinsh@...gle.com>,
Peter Gonda <pgonda@...gle.com>
Subject: Re: [PATCH v2] KVM: SVM: improve the code readability for ASID
management
On 02/08/21 20:09, Mingwei Zhang wrote:
> KVM SEV code uses bitmaps to manage ASID states. ASID 0 was always skipped
> because it is never used by VM. Thus, in existing code, ASID value and its
> bitmap postion always has an 'offset-by-1' relationship.
>
> Both SEV and SEV-ES shares the ASID space, thus KVM uses a dynamic range
> [min_asid, max_asid] to handle SEV and SEV-ES ASIDs separately.
>
> Existing code mixes the usage of ASID value and its bitmap position by
> using the same variable called 'min_asid'.
>
> Fix the min_asid usage: ensure that its usage is consistent with its name;
> allocate extra size for ASID 0 to ensure that each ASID has the same value
> with its bitmap position. Add comments on ASID bitmap allocation to clarify
> the size change.
>
> v1 -> v2:
> - change ASID bitmap size to incorporate ASID 0 [sean]
> - remove the 'fixes' line in commit message. [sean/joerg]
>
> Signed-off-by: Mingwei Zhang <mizhang@...gle.com>
> Cc: Tom Lendacky <thomas.lendacky@....com>
> Cc: Marc Orr <marcorr@...gle.com>
> Cc: David Rientjes <rientjes@...gle.com>
> Cc: Alper Gun <alpergun@...gle.com>
> Cc: Dionna Glaze <dionnaglaze@...gle.com>
> Cc: Sean Christopherson <seanjc@...gle.com>
> Cc: Vipin Sharma <vipinsh@...gle.com>
> Cc: Peter Gonda <pgonda@...gle.com>
> Cc: Joerg Roedel <joro@...tes.org>
> ---
> arch/x86/kvm/svm/sev.c | 36 +++++++++++++++++++++---------------
> 1 file changed, 21 insertions(+), 15 deletions(-)
>
> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index 8d36f0c73071..42d46c30f313 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> @@ -63,6 +63,7 @@ static DEFINE_MUTEX(sev_bitmap_lock);
> unsigned int max_sev_asid;
> static unsigned int min_sev_asid;
> static unsigned long sev_me_mask;
> +static unsigned int nr_asids;
> static unsigned long *sev_asid_bitmap;
> static unsigned long *sev_reclaim_asid_bitmap;
>
> @@ -77,11 +78,11 @@ struct enc_region {
> /* Called with the sev_bitmap_lock held, or on shutdown */
> static int sev_flush_asids(int min_asid, int max_asid)
> {
> - int ret, pos, error = 0;
> + int ret, asid, error = 0;
>
> /* Check if there are any ASIDs to reclaim before performing a flush */
> - pos = find_next_bit(sev_reclaim_asid_bitmap, max_asid, min_asid);
> - if (pos >= max_asid)
> + asid = find_next_bit(sev_reclaim_asid_bitmap, nr_asids, min_asid);
> + if (asid > max_asid)
> return -EBUSY;
>
> /*
> @@ -114,15 +115,15 @@ static bool __sev_recycle_asids(int min_asid, int max_asid)
>
> /* The flush process will flush all reclaimable SEV and SEV-ES ASIDs */
> bitmap_xor(sev_asid_bitmap, sev_asid_bitmap, sev_reclaim_asid_bitmap,
> - max_sev_asid);
> - bitmap_zero(sev_reclaim_asid_bitmap, max_sev_asid);
> + nr_asids);
> + bitmap_zero(sev_reclaim_asid_bitmap, nr_asids);
>
> return true;
> }
>
> static int sev_asid_new(struct kvm_sev_info *sev)
> {
> - int pos, min_asid, max_asid, ret;
> + int asid, min_asid, max_asid, ret;
> bool retry = true;
> enum misc_res_type type;
>
> @@ -142,11 +143,11 @@ static int sev_asid_new(struct kvm_sev_info *sev)
> * SEV-enabled guests must use asid from min_sev_asid to max_sev_asid.
> * SEV-ES-enabled guest can use from 1 to min_sev_asid - 1.
> */
> - min_asid = sev->es_active ? 0 : min_sev_asid - 1;
> + min_asid = sev->es_active ? 1 : min_sev_asid;
> max_asid = sev->es_active ? min_sev_asid - 1 : max_sev_asid;
> again:
> - pos = find_next_zero_bit(sev_asid_bitmap, max_sev_asid, min_asid);
> - if (pos >= max_asid) {
> + asid = find_next_zero_bit(sev_asid_bitmap, max_sev_asid, min_asid);
> + if (asid > max_asid) {
> if (retry && __sev_recycle_asids(min_asid, max_asid)) {
> retry = false;
> goto again;
> @@ -156,11 +157,11 @@ static int sev_asid_new(struct kvm_sev_info *sev)
> goto e_uncharge;
> }
>
> - __set_bit(pos, sev_asid_bitmap);
> + __set_bit(asid, sev_asid_bitmap);
>
> mutex_unlock(&sev_bitmap_lock);
>
> - return pos + 1;
> + return asid;
> e_uncharge:
> misc_cg_uncharge(type, sev->misc_cg, 1);
> put_misc_cg(sev->misc_cg);
> @@ -1854,12 +1855,17 @@ void __init sev_hardware_setup(void)
> min_sev_asid = edx;
> sev_me_mask = 1UL << (ebx & 0x3f);
>
> - /* Initialize SEV ASID bitmaps */
> - sev_asid_bitmap = bitmap_zalloc(max_sev_asid, GFP_KERNEL);
> + /*
> + * Initialize SEV ASID bitmaps. Allocate space for ASID 0 in the bitmap,
> + * even though it's never used, so that the bitmap is indexed by the
> + * actual ASID.
> + */
> + nr_asids = max_sev_asid + 1;
> + sev_asid_bitmap = bitmap_zalloc(nr_asids, GFP_KERNEL);
> if (!sev_asid_bitmap)
> goto out;
>
> - sev_reclaim_asid_bitmap = bitmap_zalloc(max_sev_asid, GFP_KERNEL);
> + sev_reclaim_asid_bitmap = bitmap_zalloc(nr_asids, GFP_KERNEL);
> if (!sev_reclaim_asid_bitmap) {
> bitmap_free(sev_asid_bitmap);
> sev_asid_bitmap = NULL;
> @@ -1904,7 +1910,7 @@ void sev_hardware_teardown(void)
> return;
>
> /* No need to take sev_bitmap_lock, all VMs have been destroyed. */
> - sev_flush_asids(0, max_sev_asid);
> + sev_flush_asids(1, max_sev_asid);
>
> bitmap_free(sev_asid_bitmap);
> bitmap_free(sev_reclaim_asid_bitmap);
>
Queued, thanks.
Paolo
Powered by blists - more mailing lists