From: Avi Kivity <avi@redhat.com>
To: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>, kvm@vger.kernel.org
Subject: Re: [PATCH 4/5] KVM: MMU: Optimize pte permission checks
Date: Thu, 13 Sep 2012 16:35:21 +0300 [thread overview]
Message-ID: <5051E119.2030308@redhat.com> (raw)
In-Reply-To: <5051D47D.1070809@linux.vnet.ibm.com>
On 09/13/2012 03:41 PM, Xiao Guangrong wrote:
> On 09/12/2012 10:29 PM, Avi Kivity wrote:
>
>> + pte_access = pt_access & gpte_access(vcpu, pte);
>> + eperm |= (mmu->permissions[access >> 1] >> pte_access) & 1;
>>
>> last_gpte = FNAME(is_last_gpte)(walker, vcpu, mmu, pte);
>> - if (last_gpte) {
>> - pte_access = pt_access & gpte_access(vcpu, pte);
>> - /* check if the kernel is fetching from user page */
>> - if (unlikely(pte_access & PT_USER_MASK) &&
>> - kvm_read_cr4_bits(vcpu, X86_CR4_SMEP))
>> - if (fetch_fault && !user_fault)
>> - eperm = true;
>> - }
>
> I see this in the SDM:
>
> If CR4.SMEP = 1, instructions may be fetched from any linear
> address with a valid translation for which the U/S flag (bit 2) is 0 in at
> least one of the paging-structure entries controlling the translation.
Another good catch.
>
> This patch checks smep on every levels, breaks this rule.
> (current code checks smep on the last level).
>
We can just move the permission check to the end of the loop. We used
to terminate the loop on a permission error, but now we do the whole
thing anyway.
It does mean that we'll need to set accessed bits after the loop is
complete.
--
error compiling committee.c: too many arguments to function
next prev parent reply other threads:[~2012-09-13 13:35 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-12 14:29 [PATCH 0/5] Optimize page table walk Avi Kivity
2012-09-12 14:29 ` [PATCH 1/5] KVM: MMU: Push clean gpte write protection out of gpte_access() Avi Kivity
2012-09-13 11:29 ` Xiao Guangrong
2012-09-12 14:29 ` [PATCH 2/5] KVM: MMU: Optimize gpte_access() slightly Avi Kivity
2012-09-13 11:36 ` Xiao Guangrong
2012-09-12 14:29 ` [PATCH 3/5] KVM: MMU: Move gpte_access() out of paging_tmpl.h Avi Kivity
2012-09-13 11:48 ` Xiao Guangrong
2012-09-13 11:50 ` Avi Kivity
2012-09-12 14:29 ` [PATCH 4/5] KVM: MMU: Optimize pte permission checks Avi Kivity
2012-09-13 12:09 ` Xiao Guangrong
2012-09-13 12:15 ` Avi Kivity
2012-09-13 12:41 ` Xiao Guangrong
2012-09-13 13:35 ` Avi Kivity [this message]
2012-09-12 14:29 ` [PATCH 5/5] KVM: MMU: Simplify walk_addr_generic() loop Avi Kivity
2012-09-12 17:49 ` [PATCH 6/5] KVM: MMU: Optimize is_last_gpte() Avi Kivity
2012-09-12 18:03 ` Avi Kivity
2012-09-13 9:47 ` Avi Kivity
2012-09-13 13:39 ` Xiao Guangrong
2012-09-16 11:53 ` Avi Kivity
2012-09-12 22:20 ` [PATCH 0/5] Optimize page table walk Marcelo Tosatti
2012-09-13 8:25 ` Avi Kivity
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5051E119.2030308@redhat.com \
--to=avi@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=mtosatti@redhat.com \
--cc=xiaoguangrong@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.