From: Sean Christopherson <seanjc@google.com>
To: Mathias Krause <minipli@grsecurity.net>
Cc: stable@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
kvm@vger.kernel.org
Subject: Re: [PATCH 6.3 0/5] KVM CR0.WP series backport
Date: Fri, 12 May 2023 11:24:21 -0700 [thread overview]
Message-ID: <ZF6EVeXU+RNVHIb+@google.com> (raw)
In-Reply-To: <20230512132024.4029-1-minipli@grsecurity.net>
On Fri, May 12, 2023, Mathias Krause wrote:
> This is a backport of the CR0.WP KVM series[1] to Linux v6.3.
>
> As the original series is based on v6.3-rc1, it's mostly a verbatim
> port. Only the last patch needed adaption, as it was a fix based on
> v6.4-rc1. However, as for the v6.2 backport, I simply changed the code
> to make use of the older kvm_is_cr0_bit_set() helper.
>
> I used 'ssdd 10 50000' from rt-tests[2] as a micro-benchmark, running on
> a grsecurity L1 VM. Below table shows the results (runtime in seconds,
> lower is better):
>
> legacy TDP
> Linux v6.3.1 7.60s 8.29s
> + patches 3.39s 3.39s
>
> Linux v6.3.2 7.82s 7.81s
> + patches 3.38s 3.38s
>
> I left out the shadow MMU tests this time, as they're not impacted
> anyways, only take a lot of time to run. I did, however, include
> separate tests for v6.3.{1,2} -- not because I had an outdated
> linux-stable git tree lying around *cough, cough* but because the later
> includes commit 2ec1fe292d6e ("KVM: x86: Preserve TDP MMU roots until
> they are explicitly invalidated"), the commit I wanted to benchmark
> against anyways. Apparently, it has only a minor impact for our use
> case, so this series is still wanted, imho.
>
> Please consider applying.
>
> Thanks,
> Mathias
>
> [1] https://lore.kernel.org/kvm/20230322013731.102955-1-minipli@grsecurity.net/
> [2] https://git.kernel.org/pub/scm/utils/rt-tests/rt-tests.git
>
>
> Mathias Krause (3):
> KVM: x86: Do not unload MMU roots when only toggling CR0.WP with TDP
> enabled
> KVM: x86: Make use of kvm_read_cr*_bits() when testing bits
> KVM: VMX: Make CR0.WP a guest owned bit
>
> Paolo Bonzini (1):
> KVM: x86/mmu: Avoid indirect call for get_cr3
>
> Sean Christopherson (1):
> KVM: x86/mmu: Refresh CR0.WP prior to checking for emulated permission
> faults
Acked-by: Sean Christopherson <seanjc@google.com>
prev parent reply other threads:[~2023-05-12 18:26 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-12 13:20 [PATCH 6.3 0/5] KVM CR0.WP series backport Mathias Krause
2023-05-12 13:20 ` [PATCH 6.3 1/5] KVM: x86/mmu: Avoid indirect call for get_cr3 Mathias Krause
2023-05-12 13:20 ` [PATCH 6.3 2/5] KVM: x86: Do not unload MMU roots when only toggling CR0.WP with TDP enabled Mathias Krause
2023-05-12 13:20 ` [PATCH 6.3 3/5] KVM: x86: Make use of kvm_read_cr*_bits() when testing bits Mathias Krause
2023-05-12 13:20 ` [PATCH 6.3 4/5] KVM: VMX: Make CR0.WP a guest owned bit Mathias Krause
2023-05-12 13:20 ` [PATCH 6.3 5/5] KVM: x86/mmu: Refresh CR0.WP prior to checking for emulated permission faults Mathias Krause
2023-05-12 18:24 ` Sean Christopherson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZF6EVeXU+RNVHIb+@google.com \
--to=seanjc@google.com \
--cc=kvm@vger.kernel.org \
--cc=minipli@grsecurity.net \
--cc=pbonzini@redhat.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.