From: Sean Christopherson <seanjc@google.com>
To: Mathias Krause <minipli@grsecurity.net>
Cc: stable@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
kvm@vger.kernel.org
Subject: Re: [PATCH 5.4 0/3] KVM CR0.WP series backport
Date: Thu, 11 May 2023 14:21:32 -0700 [thread overview]
Message-ID: <ZF1cXOfcxiRfVJ5p@google.com> (raw)
In-Reply-To: <20230508154943.30113-1-minipli@grsecurity.net>
On Mon, May 08, 2023, Mathias Krause wrote:
> This is a partial backport of the CR0.WP KVM series[1] to Linux v5.4. It
> limits itself to avoid TDP MMU unloading as making CR0.WP a guest owned
> bit turned out to be too much of an effort and the partial backport
> already being quite effective.
>
> I used 'ssdd 10 50000' from rt-tests[2] as a micro-benchmark, running on
> a grsecurity L1 VM. Below table shows the results (runtime in seconds,
> lower is better):
>
> TDP shadow
> Linux v5.4.240 8.87s 56.8s
> + patches 5.84s 55.4s
>
>
> This kernel version had no module parameter to control the TDP MMU
> setting, it's always enabled when EPT / NPT is. Therefore its meaning is
> likely what became "legacy" in newer kernels.
>
> Please consider applying.
NAK, same problem as 5.10 and 5.15. Sorry :-(
prev parent reply other threads:[~2023-05-11 21:21 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-08 15:49 [PATCH 5.4 0/3] KVM CR0.WP series backport Mathias Krause
2023-05-08 15:49 ` [PATCH 5.4 1/3] KVM: x86/mmu: Avoid indirect call for get_cr3 Mathias Krause
2023-05-08 15:49 ` [PATCH 5.4 2/3] KVM: x86: Do not unload MMU roots when only toggling CR0.WP with TDP enabled Mathias Krause
2023-05-08 15:49 ` [PATCH 5.4 3/3] KVM: x86: Make use of kvm_read_cr*_bits() when testing bits Mathias Krause
2023-05-11 21:21 ` Sean Christopherson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZF1cXOfcxiRfVJ5p@google.com \
--to=seanjc@google.com \
--cc=kvm@vger.kernel.org \
--cc=minipli@grsecurity.net \
--cc=pbonzini@redhat.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.