| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZG4kMKXKnQuQOTa7@google.com>
Date: Wed, 24 May 2023 07:50:24 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Yan Zhao <yan.y.zhao@...el.com>
Cc: Chao Gao <chao.gao@...el.com>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, pbonzini@...hat.com
Subject: Re: [PATCH v2 1/6] KVM: x86/mmu: add a new mmu zap helper to indicate
memtype changes
On Wed, May 24, 2023, Yan Zhao wrote:
> On Tue, May 23, 2023 at 03:51:49PM -0700, Sean Christopherson wrote:
> > diff --git a/arch/x86/kvm/mtrr.c b/arch/x86/kvm/mtrr.c
> > index 3eb6e7f47e96..a67c28a56417 100644
> > --- a/arch/x86/kvm/mtrr.c
> > +++ b/arch/x86/kvm/mtrr.c
> > @@ -320,7 +320,7 @@ static void update_mtrr(struct kvm_vcpu *vcpu, u32 msr)
> > struct kvm_mtrr *mtrr_state = &vcpu->arch.mtrr_state;
> > gfn_t start, end;
> >
> > - if (!tdp_enabled || !kvm_arch_has_noncoherent_dma(vcpu->kvm))
> > + if (!kvm_mmu_honors_guest_mtrrs(vcpu->kvm))
> Could we also add another helper kvm_mmu_cap_honors_guest_mtrrs(), which
> does not check kvm_arch_has_noncoherent_dma()?
>
> +static inline bool kvm_mmu_cap_honors_guest_mtrrs(struct kvm *kvm)
> +{
> + return !!shadow_memtype_mask;
> +}
>
> This is because in patch 4 I plan to do the EPT zap when
> noncoherent_dma_count goes from 1 to 0.
Hrm, the 1->0 transition is annoying. Rather than trying to capture the "everything
except non-coherent DMA" aspect, what about this?
mmu.c:
bool __kvm_mmu_honors_guest_mtrrs(struct kvm *kvm, bool vm_has_noncoherent_dma)
{
/*
* If the TDP is enabled, the host MTRRs are ignored by TDP
* (shadow_memtype_mask is non-zero), and the VM has non-coherent DMA
* (DMA doesn't snoop CPU caches), KVM's ABI is to honor the memtype
* from the guest's MTRRs so that guest accesses to memory that is
* DMA'd aren't cached against the guest's wishes.
*
* Note, KVM may still ultimately ignore guest MTRRs for certain PFNs,
* e.g. KVM will force UC memtype for host MMIO.
*/
return vm_has_noncoherent_dma && tdp_enabled && shadow_memtype_mask;
}
mmu.h:
bool __kvm_mmu_honors_guest_mtrrs(struct kvm *kvm, bool vm_has_noncoherent_dma);
static inline bool kvm_mmu_honors_guest_mtrrs(struct kvm *kvm)
{
return __kvm_mmu_honors_guest_mtrrs(kvm, kvm_arch_has_noncoherent_dma(kvm));
}
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 41d7bb51a297..ad0c43d7f532 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -13146,13 +13146,19 @@ EXPORT_SYMBOL_GPL(kvm_arch_has_assigned_device);
>
> void kvm_arch_register_noncoherent_dma(struct kvm *kvm)
> {
> - atomic_inc(&kvm->arch.noncoherent_dma_count);
> + if (atomic_inc_return(&kvm->arch.noncoherent_dma_count) == 1) {
> + if (kvm_mmu_cap_honors_guest_mtrrs(kvm))
> + kvm_zap_gfn_range(kvm, 0, ~0ULL);
No need for multiple if statements. Though rather than have identical code in
both the start/end paths, how about this? That provides a single location for a
comment. Or maybe first/last instead of start/end?
static void kvm_noncoherent_dma_start_or_end(struct kvm *kvm)
{
/* comment goes here. */
if (__kvm_mmu_honors_guest_mtrrs(kvm, true))
kvm_zap_gfn_range(kvm, 0, ~0ULL);
}
void kvm_arch_register_noncoherent_dma(struct kvm *kvm)
{
if (atomic_inc_return(&kvm->arch.noncoherent_dma_count) == 1)
kvm_noncoherent_dma_start_or_end(kvm);
}
EXPORT_SYMBOL_GPL(kvm_arch_register_noncoherent_dma);
void kvm_arch_unregister_noncoherent_dma(struct kvm *kvm)
{
if (!atomic_dec_return(&kvm->arch.noncoherent_dma_count))
kvm_noncoherent_dma_start_or_end(kvm);
}
EXPORT_SYMBOL_GPL(kvm_arch_unregister_noncoherent_dma);
Powered by blists - more mailing lists