| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 9 Aug 2022 14:49:23 +0200
From: Paolo Bonzini <pbonzini@...hat.com>
To: Yan Zhao <yan.y.zhao@...el.com>,
Sean Christopherson <seanjc@...gle.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
David Matlack <dmatlack@...gle.com>,
Mingwei Zhang <mizhang@...gle.com>,
Ben Gardon <bgardon@...gle.com>
Subject: Re: [PATCH v3 5/8] KVM: x86/mmu: Set disallowed_nx_huge_page in TDP
MMU before setting SPTE
On 8/9/22 05:26, Yan Zhao wrote:
> hi Sean,
>
> I understand this smp_rmb() is intended to prevent the reading of
> p->nx_huge_page_disallowed from happening before it's set to true in
> kvm_tdp_mmu_map(). Is this understanding right?
>
> If it's true, then do we also need the smp_rmb() for read of sp->gfn in
> handle_removed_pt()? (or maybe for other fields in sp in other places?)
No, in that case the barrier is provided by rcu_dereference(). In fact,
I am not sure the barriers are needed in this patch either (but the
comments are :)):
- the write barrier is certainly not needed because it is implicit in
tdp_mmu_set_spte_atomic's cmpxchg64
- the read barrier _should_ also be provided by rcu_dereference(pt), but
I'm not 100% sure about that. The reasoning is that you have
(1) iter->old spte = READ_ONCE(*rcu_dereference(iter->sptep));
...
(2) tdp_ptep_t pt = spte_to_child_pt(old_spte, level);
(3) struct kvm_mmu_page *sp = sptep_to_sp(rcu_dereference(pt));
...
(4) if (sp->nx_huge_page_disallowed) {
and (4) is definitely ordered after (1) thanks to the READ_ONCE hidden
within (3) and the data dependency from old_spte to sp.
Paolo
Powered by blists - more mailing lists