lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 06 Mar 2024 10:23:03 +0000
From: Marc Zyngier <maz@...nel.org>
To: Ganapatrao Kulkarni <gankulkarni@...amperecomputing.com>
Cc: kvmarm@...ts.linux.dev,
	kvm@...r.kernel.org,
	linux-arm-kernel@...ts.infradead.org,
	linux-kernel@...r.kernel.org,
	oliver.upton@...ux.dev,
	darren@...amperecomputing.com,
	d.scott.phillips@...erecomputing.com
Subject: Re: [RFC PATCH] kvm: nv: Optimize the unmapping of shadow S2-MMU tables.

On Tue, 05 Mar 2024 18:33:27 +0000,
Ganapatrao Kulkarni <gankulkarni@...amperecomputing.com> wrote:
> 
> >>>> index 61bdd8798f83..3948681426a0 100644
> >>>> --- a/arch/arm64/kvm/mmu.c
> >>>> +++ b/arch/arm64/kvm/mmu.c
> >>>> @@ -1695,6 +1695,13 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa,
> >>>>    					     memcache,
> >>>>    					     KVM_PGTABLE_WALK_HANDLE_FAULT |
> >>>>    					     KVM_PGTABLE_WALK_SHARED);
> >>>> +		if ((nested || kvm_is_l1_using_shadow_s2(vcpu)) && !ret) {
> >>> 
> >>> I don't understand this condition. If nested is non-NULL, it's because
> >>> we're using a shadow S2. So why the additional condition?
> >> 
> >> No, nested is set only for L2, for L1 it is not.
> >> To handle L1 shadow S2 case, I have added this condition.
> > 
> > But there is *no shadow* for L1 at all. The only way to get a shadow
> > is to be outside of the EL2(&0) translation regime. El2(&0) itself is
> > always backed by the canonical S2. By definition, L1 does not run with
> > a S2 it is in control of. No S2, no shadow.
> 
> Shadow, I mean nested_mmus[0] which is used(first consumer of the
> S2-MMU array) while L1 booting till it switches to NV2.

Please fix your terminology:

- if someone is using *any* of the nested_mmus[], then it is an L2. It
  may come from the same guest binary, but it doesn't change that it
  has changed translation regime to EL1&0. So by definition, it is an
  L2. Yes, booting a Linux guest at EL2 involve both an L1 (the EL2
  part) *and* an L2 (the EL1 part).

- I don't understand 'till it switches to NV2'. Do you mean EL2?

> As per my tracing, the nested_mmus[0] is used for L1 after first ERET
> trap while L1 is booting and switches back to canonical S2, when it is
> moved to NV2.
> 
> In this window, if the pages are unmapped, we need to unmap from the
> nested_mmus[0] table.

Well, we need to unmap things from all shadow PTs that target the same
PA. Index 0 isn't special.

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ