From: Avi Kivity <avi@redhat.com>
To: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
kvm@vger.kernel.org
Subject: Re: [PATCH 7/7] KVM: MMU: Validate all gptes during fetch, not just those used for new pages
Date: Mon, 12 Jul 2010 11:58:55 +0300 [thread overview]
Message-ID: <4C3AD94F.8030809@redhat.com> (raw)
In-Reply-To: <1278862955-6890-8-git-send-email-avi@redhat.com>
On 07/11/2010 06:42 PM, Avi Kivity wrote:
> Currently, when we fetch an spte, we only verify that gptes match those that
> the walker saw if we build new shadow pages for them.
>
> However, this misses the following race:
>
> vcpu1 vcpu2
>
> walk
> change gpte
> walk
> instantiate sp
>
> fetch existing sp
>
> Fix by validating every gpte, regardless of whether it is used for building
> a new sp or not.
>
> Signed-off-by: Avi Kivity<avi@redhat.com>
> ---
> arch/x86/kvm/paging_tmpl.h | 18 ++++++++++--------
> 1 files changed, 10 insertions(+), 8 deletions(-)
>
> diff --git a/arch/x86/kvm/paging_tmpl.h b/arch/x86/kvm/paging_tmpl.h
> index a7f8295..4bbd0c7 100644
> --- a/arch/x86/kvm/paging_tmpl.h
> +++ b/arch/x86/kvm/paging_tmpl.h
> @@ -325,7 +325,7 @@ static u64 *FNAME(fetch)(struct kvm_vcpu *vcpu, gva_t addr,
> int *ptwrite, pfn_t pfn)
> {
> unsigned access = gw->pt_access;
> - struct kvm_mmu_page *sp;
> + struct kvm_mmu_page *uninitialized_var(sp);
> u64 *sptep = NULL;
> int uninitialized_var(level);
> bool dirty = is_dirty_gpte(gw->ptes[gw->level - 1]);
> @@ -343,18 +343,19 @@ static u64 *FNAME(fetch)(struct kvm_vcpu *vcpu, gva_t addr,
> shadow_walk_okay(&iterator)&& iterator.level> gw->level;
> shadow_walk_next(&iterator)) {
> gfn_t table_gfn;
> + bool new_page = false;
>
> level = iterator.level;
> sptep = iterator.sptep;
>
> drop_spte_if_large(vcpu, sptep);
>
> - if (is_shadow_present_pte(*sptep))
> - continue;
>
See, this gets dropped.
> -
> - table_gfn = gw->table_gfn[level - 2];
> - sp = kvm_mmu_get_page(vcpu, table_gfn, addr, level-1,
> - false, access, sptep);
> + if (!is_shadow_present_pte(*sptep)) {
> + table_gfn = gw->table_gfn[level - 2];
> + sp = kvm_mmu_get_page(vcpu, table_gfn, addr, level-1,
> + false, access, sptep);
> + new_page = true;
> + }
>
> if (!FNAME(validate_indirect_spte)(vcpu, sptep, sp,
> gw, level)) {
>
Now we need to change validate_indirect_spte() to account for all levels.
--
error compiling committee.c: too many arguments to function
prev parent reply other threads:[~2010-07-12 8:58 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-07-11 15:42 [PATCH 0/7] Simplify and fix fetch() Avi Kivity
2010-07-11 15:42 ` [PATCH 1/7] KVM: MMU: Add link_shadow_page() helper Avi Kivity
2010-07-12 4:58 ` Xiao Guangrong
2010-07-11 15:42 ` [PATCH 2/7] KVM: MMU: Use __set_spte to link shadow pages Avi Kivity
2010-07-12 4:58 ` Xiao Guangrong
2010-07-11 15:42 ` [PATCH 3/7] KVM: MMU: Add drop_spte_if_large() helper Avi Kivity
2010-07-12 4:59 ` Xiao Guangrong
2010-07-11 15:42 ` [PATCH 4/7] KVM: MMU: Add validate_direct_spte() helper Avi Kivity
2010-07-12 5:00 ` Xiao Guangrong
2010-07-11 15:42 ` [PATCH 5/7] KVM: MMU: Add validate_indirect_spte() helper Avi Kivity
2010-07-12 5:01 ` Xiao Guangrong
2010-07-12 5:12 ` Xiao Guangrong
2010-07-12 8:50 ` Avi Kivity
2010-07-11 15:42 ` [PATCH 6/7] KVM: MMU: Simplify spte fetch() function Avi Kivity
2010-07-11 16:08 ` Avi Kivity
2010-07-12 5:10 ` Xiao Guangrong
2010-07-12 8:52 ` Avi Kivity
2010-07-12 5:08 ` Xiao Guangrong
2010-07-12 8:53 ` Avi Kivity
2010-07-11 15:42 ` [PATCH 7/7] KVM: MMU: Validate all gptes during fetch, not just those used for new pages Avi Kivity
2010-07-12 5:10 ` Xiao Guangrong
2010-07-12 8:58 ` Avi Kivity [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4C3AD94F.8030809@redhat.com \
--to=avi@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=mtosatti@redhat.com \
--cc=xiaoguangrong@cn.fujitsu.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.