From: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
To: Avi Kivity <avi@redhat.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>,
LKML <linux-kernel@vger.kernel.org>, KVM <kvm@vger.kernel.org>
Subject: [PATCH 2/4] KVM: MMU: improve active sp audit
Date: Sat, 28 Aug 2010 20:01:30 +0800 [thread overview]
Message-ID: <4C78FA9A.5040805@cn.fujitsu.com> (raw)
In-Reply-To: <4C78FA00.8090606@cn.fujitsu.com>
Both audit_rmap() and audit_write_protection() need to walk all active sp, so we can do
these checking in a sp walking
Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
---
arch/x86/kvm/mmu_debug.c | 80 +++++++++++++++++++++++----------------------
1 files changed, 41 insertions(+), 39 deletions(-)
diff --git a/arch/x86/kvm/mmu_debug.c b/arch/x86/kvm/mmu_debug.c
index d2c0048..812d6dc 100644
--- a/arch/x86/kvm/mmu_debug.c
+++ b/arch/x86/kvm/mmu_debug.c
@@ -70,6 +70,16 @@ static void mmu_spte_walk(struct kvm_vcpu *vcpu, inspect_spte_fn fn)
return;
}
+typedef void (*sp_handler) (struct kvm *kvm, struct kvm_mmu_page *sp);
+
+static void walk_all_active_sps(struct kvm *kvm, sp_handler fn)
+{
+ struct kvm_mmu_page *sp;
+
+ list_for_each_entry(sp, &kvm->arch.active_mmu_pages, link)
+ fn(kvm, sp);
+}
+
static void audit_mappings_page(struct kvm_vcpu *vcpu, u64 page_pte,
gva_t va, int level)
{
@@ -180,67 +190,59 @@ void audit_sptes_have_rmaps(struct kvm_vcpu *vcpu)
mmu_spte_walk(vcpu, inspect_spte_has_rmap);
}
-static void check_mappings_rmap(struct kvm_vcpu *vcpu)
+static void check_mappings_rmap(struct kvm *kvm, struct kvm_mmu_page *sp)
{
- struct kvm_mmu_page *sp;
int i;
- list_for_each_entry(sp, &vcpu->kvm->arch.active_mmu_pages, link) {
- u64 *pt = sp->spt;
-
- if (sp->role.level != PT_PAGE_TABLE_LEVEL)
- continue;
+ if (sp->role.level != PT_PAGE_TABLE_LEVEL)
+ return;
- for (i = 0; i < PT64_ENT_PER_PAGE; ++i) {
- if (!is_rmap_spte(pt[i]))
- continue;
+ for (i = 0; i < PT64_ENT_PER_PAGE; ++i) {
+ if (!is_rmap_spte(sp->spt[i]))
+ return;
- inspect_spte_has_rmap(vcpu->kvm, &pt[i]);
- }
+ inspect_spte_has_rmap(kvm, sp->spt + i);
}
- return;
}
-static void audit_rmap(struct kvm_vcpu *vcpu)
+static void audit_write_protection(struct kvm *kvm, struct kvm_mmu_page *sp)
{
- check_mappings_rmap(vcpu);
-}
-
-static void audit_write_protection(struct kvm_vcpu *vcpu)
-{
- struct kvm_mmu_page *sp;
struct kvm_memory_slot *slot;
unsigned long *rmapp;
u64 *spte;
- list_for_each_entry(sp, &vcpu->kvm->arch.active_mmu_pages, link) {
- if (sp->role.direct)
- continue;
- if (sp->unsync)
- continue;
- if (sp->role.invalid)
- continue;
-
- slot = gfn_to_memslot(vcpu->kvm, sp->gfn);
- rmapp = &slot->rmap[sp->gfn - slot->base_gfn];
-
- spte = rmap_next(vcpu->kvm, rmapp, NULL);
- while (spte) {
- if (is_writable_pte(*spte))
- printk(KERN_ERR "%s: (%s) shadow page has "
+ if (sp->role.direct || sp->unsync || sp->role.invalid)
+ return;
+
+ slot = gfn_to_memslot(kvm, sp->gfn);
+ rmapp = &slot->rmap[sp->gfn - slot->base_gfn];
+
+ spte = rmap_next(kvm, rmapp, NULL);
+ while (spte) {
+ if (is_writable_pte(*spte))
+ printk(KERN_ERR "%s: (%s) shadow page has "
"writable mappings: gfn %llx role %x\n",
__func__, audit_msg, sp->gfn,
sp->role.word);
- spte = rmap_next(vcpu->kvm, rmapp, spte);
- }
+ spte = rmap_next(kvm, rmapp, spte);
}
}
+static void audit_sp(struct kvm *kvm, struct kvm_mmu_page *sp)
+{
+ check_mappings_rmap(kvm, sp);
+ audit_write_protection(kvm, sp);
+}
+
+static void audit_all_active_sps(struct kvm *kvm)
+{
+ walk_all_active_sps(kvm, audit_sp);
+}
+
static void kvm_mmu_audit(void *ignore, struct kvm_vcpu *vcpu, const char *msg)
{
audit_msg = msg;
- audit_rmap(vcpu);
- audit_write_protection(vcpu);
+ audit_all_active_sps(vcpu->kvm);
if (strcmp("pre pte write", audit_msg) != 0)
audit_mappings(vcpu);
audit_sptes_have_rmaps(vcpu);
--
1.7.0.4
next prev parent reply other threads:[~2010-08-28 11:57 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-08-28 11:58 [PATCH 0/4] KVM: MMU: mmu audit code improved Xiao Guangrong
2010-08-28 12:00 ` [PATCH 1/4] KVM: MMU: support disable/enable mmu audit dynamicly Xiao Guangrong
2010-08-29 9:16 ` Avi Kivity
2010-08-30 1:58 ` Xiao Guangrong
2010-08-28 12:01 ` Xiao Guangrong [this message]
2010-08-28 12:02 ` [PATCH 3/4] KVM: MMU: improve spte audit Xiao Guangrong
2010-08-28 12:03 ` [PATCH 4/4] KVM: MMU: lower the aduit frequency Xiao Guangrong
2010-08-29 9:19 ` Avi Kivity
2010-08-30 2:16 ` Xiao Guangrong
2010-08-30 6:59 ` Avi Kivity
2010-08-30 10:22 ` [PATCH v2 1/5] KVM: MMU: support disable/enable mmu audit dynamicly Xiao Guangrong
2010-08-30 10:24 ` [PATCH v2 2/5] KVM: MMU: move audit to a separate file Xiao Guangrong
2010-08-30 10:25 ` [PATCH v2 3/5] KVM: MMU: improve active sp audit Xiao Guangrong
2010-08-30 10:25 ` [PATCH v2 4/5] KVM: MMU: improve spte audit Xiao Guangrong
2010-08-30 10:26 ` [PATCH v2 5/5] KVM: MMU: lower the aduit frequency Xiao Guangrong
2010-08-30 15:47 ` Marcelo Tosatti
2010-08-31 2:27 ` Xiao Guangrong
2010-09-01 9:06 ` Avi Kivity
2010-09-01 16:27 ` Marcelo Tosatti
2010-09-02 8:30 ` Avi Kivity
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4C78FA9A.5040805@cn.fujitsu.com \
--to=xiaoguangrong@cn.fujitsu.com \
--cc=avi@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mtosatti@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.