lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4eb50ee5-fd5e-4dc1-bee1-629da687bdb5@amazon.com>
Date:   Wed, 8 Nov 2023 18:11:34 +0100
From:   Alexander Graf <graf@...zon.com>
To:     Sean Christopherson <seanjc@...gle.com>
CC:     Nicolas Saenz Julienne <nsaenz@...zon.com>, <kvm@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>, <linux-hyperv@...r.kernel.org>,
        <pbonzini@...hat.com>, <vkuznets@...hat.com>, <anelkz@...zon.com>,
        <dwmw@...zon.co.uk>, <jgowans@...zon.com>, <corbert@....net>,
        <kys@...rosoft.com>, <haiyangz@...rosoft.com>,
        <decui@...rosoft.com>, <x86@...nel.org>,
        <linux-doc@...r.kernel.org>
Subject: Re: [RFC 29/33] KVM: VMX: Save instruction length on EPT violation


On 08.11.23 17:15, Sean Christopherson wrote:
>
> On Wed, Nov 08, 2023, Alexander Graf wrote:
>> On 08.11.23 12:18, Nicolas Saenz Julienne wrote:
>>> Save the length of the instruction that triggered an EPT violation in
>>> struct kvm_vcpu_arch. This will be used to populate Hyper-V VSM memory
>>> intercept messages.
>>>
>>> Signed-off-by: Nicolas Saenz Julienne <nsaenz@...zon.com>
>>
>> In v1, please do this for SVM as well :)
> Why?  KVM caches values on VMX because VMREAD is measurable slower than memory
> accesses, especially when running nested.  SVM has no such problems.  I wouldn't
> be surprised if adding a "cache" is actually less performant due to increased
> pressure and misses on the hardware cache.


My understanding was that this patch wasn't about caching it, it was 
about storing it somewhere generically so we can use it for the fault 
injection code path in the following patch. And if we don't set this 
variable for SVM, it just means Credential Guard fault injection would 
be broken there.


Alex




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ