| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Aug 2021 16:43:48 +0000
From: Sean Christopherson <seanjc@...gle.com>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Jim Mattson <jmattson@...gle.com>,
Joerg Roedel <joro@...tes.org>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, Ben Gardon <bgardon@...gle.com>
Subject: Re: [PATCH 1/2] KVM: x86/mmu: Don't skip non-leaf SPTEs when zapping
all SPTEs
On Thu, Aug 12, 2021, Paolo Bonzini wrote:
> On 12/08/21 07:07, Sean Christopherson wrote:
> > @@ -739,8 +749,16 @@ static bool zap_gfn_range(struct kvm *kvm, struct kvm_mmu_page *root,
> > gfn_t start, gfn_t end, bool can_yield, bool flush,
> > bool shared)
> > {
> > + bool zap_all = (end == ZAP_ALL_END);
> > struct tdp_iter iter;
> > + /*
> > + * Bound the walk at host.MAXPHYADDR, guest accesses beyond that will
> > + * hit a #PF(RSVD) and never get to an EPT Violation/Misconfig / #NPF,
> > + * and so KVM will never install a SPTE for such addresses.
> > + */
> > + end = min(end, 1ULL << (shadow_phys_bits - PAGE_SHIFT));
>
> Then zap_all need not have any magic value. You can use 0/-1ull, it's
> readable enough. ZAP_ALL_END is also unnecessary here if you do:
>
> gfn_t max_gfn_host = 1ULL << (shadow_phys_bits - PAGE_SHIFT);
> bool zap_all = (start == 0 && end >= max_gfn_host);
Aha! Nice. I was both too clever and yet not clever enough.
> end = min(end, max_gfn_host);
>
> And as a small commit message nit, I would say "don't leak" instead of
> "don't skip", since that's really the effect.
Hrm, yeah, I can see how "skip" doesn't raise alarm bells like it should.
Powered by blists - more mailing lists