lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 17 Nov 2021 22:25:45 +0000
From:   Sean Christopherson <seanjc@...gle.com>
To:     Paolo Bonzini <pbonzini@...hat.com>
Cc:     Maxim Levitsky <mlevitsk@...hat.com>, linux-kernel@...r.kernel.org,
        kvm@...r.kernel.org
Subject: Re: [PATCH] KVM: MMU: update comment on the number of page role
 combinations

On Tue, Nov 16, 2021, Paolo Bonzini wrote:
> On 11/16/21 12:07, Maxim Levitsky wrote:
> > > - * But, even though there are 18 bits in the mask below, not all
> > > combinations
> > > + * But, even though there are 20 bits in the mask
> > > below, not all combinations
> > I to be honest counted 19 bits there (which includes the 'smm' bit),
> > but I might have made a mistake. I do wonder maybe it is better to
> > just remove that comment with explicit number?
> 
> Yes, they are 19.  But the explicit number is there to guide in

No, there are 18 from a gfn_track perspective.  "smm" isn't counted because it's
in a separate memslot address space.  The "mask below" is definitely vague on that
point though.

> understanding how 19 goes down to 14 combinations.
> 
> Here is a better writeup:
> 
>  *   - invalid shadow pages are not accounted, so the bits are effectively 18
>  *   - quadrant will only be used if gpte_is_8_bytes is zero (non-PAE paging);
>  *     execonly and ad_disabled are only used for nested EPT which has
>  *     gpte_is_8_bytes=1.  Therefore, 2 bits are always unused.
>  *   - the 4 bits of level are effectively limited to the values 2/3/4/5,
>  *     as 4k SPs are not tracked (allowed to go unsync).  In addition non-PAE
>  *     paging has exactly one upper level, making level effectively redundant
>  *     when gpte_is_8_bytes=0.
>  *   - on top of this, smep_andnot_wp and smap_andnot_wp are only set if cr0_wp=0,
>  *     therefore these three bits only give rise to 5 possibilities.
> 
> FWIW, the full count becomes 6400 unless I screwed up the math.

Which is "in the neighborhood of 2^13" :-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ