[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v1 2/9] KVM: x86/mmu: Add support for prewrite page tracking

To: Sean Christopherson <seanjc@xxxxxxxxxx>, Mickaël Salaün <mic@xxxxxxxxxxx>
From: "Madhavan T. Venkataraman" <madvenka@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 24 May 2023 15:53:18 -0500
Cc: Borislav Petkov <bp@xxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>, "H . Peter Anvin" <hpa@xxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Vitaly Kuznetsov <vkuznets@xxxxxxxxxx>, Wanpeng Li <wanpengli@xxxxxxxxxxx>, Alexander Graf <graf@xxxxxxxxxx>, Forrest Yuan Yu <yuanyu@xxxxxxxxxx>, James Morris <jamorris@xxxxxxxxxxxxxxxxxxx>, John Andersen <john.s.andersen@xxxxxxxxx>, Liran Alon <liran.alon@xxxxxxxxxx>, Marian Rotariu <marian.c.rotariu@xxxxxxxxx>, Mihai Donțu <mdontu@xxxxxxxxxxxxxxx>, Nicușor Cîțu <nicu.citu@xxxxxxxxxx>, Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx>, Thara Gopinath <tgopinath@xxxxxxxxxxxxx>, Will Deacon <will@xxxxxxxxxx>, Zahra Tarkhani <ztarkhani@xxxxxxxxxxxxx>, Ștefan Șicleru <ssicleru@xxxxxxxxxxxxxxx>, dev@xxxxxxxxxxxxxxxxxxxxxxxxx, kvm@xxxxxxxxxxxxxxx, linux-hardening@xxxxxxxxxxxxxxx, linux-hyperv@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, qemu-devel@xxxxxxxxxx, virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx, x86@xxxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 24 May 2023 20:53:38 +0000
Dkim-filter: OpenDKIM Filter v2.11.0 linux.microsoft.com E7B6E20FBA6D
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>


On 5/5/23 12:31, Sean Christopherson wrote:
> On Fri, May 05, 2023, Mickaï¿½l Salaï¿½n wrote:
>>
>> On 05/05/2023 18:28, Sean Christopherson wrote:
>>> I have no doubt that we'll need to solve performance and scaling issues 
>>> with the
>>> memory attributes implementation, e.g. to utilize xarray multi-range support
>>> instead of storing information on a per-4KiB-page basis, but AFAICT, the 
>>> core
>>> idea is sound.  And a very big positive from a maintenance perspective is 
>>> that
>>> any optimizations, fixes, etc. for one use case (CoCo vs. hardening) should 
>>> also
>>> benefit the other use case.
>>>
>>> [1] https://lore.kernel.org/all/20230311002258.852397-22-seanjc@xxxxxxxxxx
>>> [2] https://lore.kernel.org/all/Y2WB48kD0J4VGynX@xxxxxxxxxx
>>> [3] https://lore.kernel.org/all/Y1a1i9vbJ%2FpVmV9r@xxxxxxxxxx
>>
>> I agree, I used this mechanism because it was easier at first to rely on a
>> previous work, but while I was working on the MBEC support, I realized that
>> it's not the optimal way to do it.
>>
>> I was thinking about using a new special EPT bit similar to
>> EPT_SPTE_HOST_WRITABLE, but it may not be portable though. What do you
>> think?
> 
> On x86, SPTEs are even more ephemeral than memslots.  E.g. for historical 
> reasons,
> KVM zaps all SPTEs if _any_ memslot is deleted, which is problematic if the 
> guest
> is moving around BARs, using option ROMs, etc.
> 
> ARM's pKVM tracks metadata in its stage-2 PTEs, i.e. doesn't need an xarray to
> otrack attributes, but that works only because pKVM is more privileged than 
> the
> host kernel, and the shared vs. private memory attribute that pKVM cares about
> is very, very restricted in how it can be used and changed.
> 
> I tried shoehorning private vs. shared metadata into x86's SPTEs in the past, 
> and
> it ended up being a constant battle with the kernel, e.g. page migration, and 
> with
> KVM itself, e.g. the above memslot mess.

Sorry for the delay in responding to this. I wanted to study the KVM code and 
fully
understand your comment before responding.

Yes, I quite agree with you. I will make an attempt to address this in the next 
version.
I am working on it right now.

Thanks.

Madhavan

References:
- [RFC PATCH v1 0/9] Hypervisor-Enforced Kernel Integrity
  - From: Mickaël Salaün
- [PATCH v1 2/9] KVM: x86/mmu: Add support for prewrite page tracking
  - From: Mickaël Salaün
- Re: [PATCH v1 2/9] KVM: x86/mmu: Add support for prewrite page tracking
  - From: Sean Christopherson
- Re: [PATCH v1 2/9] KVM: x86/mmu: Add support for prewrite page tracking
  - From: Mickaël Salaün
- Re: [PATCH v1 2/9] KVM: x86/mmu: Add support for prewrite page tracking
  - From: Sean Christopherson

Prev by Date: Re: [patch v3 31/36] x86/apic: Provide cpu_primary_thread mask
Next by Date: Re: [RFC PATCH v1 0/9] Hypervisor-Enforced Kernel Integrity
Previous by thread: Re: [PATCH v1 2/9] KVM: x86/mmu: Add support for prewrite page tracking
Next by thread: [PATCH v1 3/9] virt: Implement Heki common code
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.