| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Mar 2024 17:09:24 -0800 From: Sean Christopherson <seanjc@...gle.com> To: Paolo Bonzini <pbonzini@...hat.com>, Sean Christopherson <seanjc@...gle.com>, Lai Jiangshan <jiangshanlai@...il.com>, "Paul E. McKenney" <paulmck@...nel.org>, Josh Triplett <josh@...htriplett.org> Cc: kvm@...r.kernel.org, rcu@...r.kernel.org, linux-kernel@...r.kernel.org, Kevin Tian <kevin.tian@...el.com>, Yan Zhao <yan.y.zhao@...el.com>, Yiwei Zhang <zzyiwei@...gle.com> Subject: [PATCH 0/5] KVM: VMX: Drop MTRR virtualization, honor guest PAT First, rip out KVM's support for virtualizing guest MTRRs on VMX. The code is costly to main, a drag on guest boot performance, imperfect, and not required for functional correctness with modern guest kernels. Many details in patch 1's changelog. With MTRR virtualization gone, always honor guest PAT on Intel CPUs that support self-snoop, as such CPUs are guaranteed to maintain coherency even if the guest is aliasing memtypes, e.g. if the host is using WB but the guest is using WC. Honoring guest PAT is desirable for use cases where the guest must use WC when accessing memory that is DMA'd from a non-coherent device that does NOT bounce through VFIO, e.g. for mediated virtual GPUs. The SRCU patch adds an API that is effectively documentation for the memory barrier in srcu_read_lock(). Intel CPUs with self-snoop require a memory barrier after VM-Exit to ensure coherency, and KVM always does a srcu_read_lock() before reading guest memory after VM-Exit. Relying on SRCU to provide the barrier allows KVM to avoid emitting a redundant barrier of its own. This series needs a _lot_ more testing; I arguably should have tagged it RFC, but I'm feeling lucky. Sean Christopherson (3): KVM: x86: Remove VMX support for virtualizing guest MTRR memtypes KVM: VMX: Drop support for forcing UC memory when guest CR0.CD=1 KVM: VMX: Always honor guest PAT on CPUs that support self-snoop Yan Zhao (2): srcu: Add an API for a memory barrier after SRCU read lock KVM: x86: Ensure a full memory barrier is emitted in the VM-Exit path Documentation/virt/kvm/api.rst | 6 +- Documentation/virt/kvm/x86/errata.rst | 18 + arch/x86/include/asm/kvm_host.h | 15 +- arch/x86/kvm/mmu.h | 7 +- arch/x86/kvm/mmu/mmu.c | 35 +- arch/x86/kvm/mtrr.c | 644 ++------------------------ arch/x86/kvm/vmx/vmx.c | 40 +- arch/x86/kvm/x86.c | 24 +- arch/x86/kvm/x86.h | 4 - include/linux/srcu.h | 14 + 10 files changed, 105 insertions(+), 702 deletions(-) base-commit: 964d0c614c7f71917305a5afdca9178fe8231434 -- 2.44.0.278.ge034bb2e1d-goog
Powered by blists - more mailing lists