From: Gleb Natapov <gleb@redhat.com>
To: Abel Gordon <abelg@il.ibm.com>
Cc: kvm@vger.kernel.org, owasserm@redhat.com, nadav@harel.org.il,
jun.nakajima@intel.com, dongxiao.xu@intel.com
Subject: Re: [PATCH 05/10] KVM: nVMX: Allocate shadow vmcs
Date: Thu, 18 Apr 2013 09:38:43 +0300 [thread overview]
Message-ID: <20130418063843.GG8997@redhat.com> (raw)
In-Reply-To: <20130417170740.3C8D87B802A@moren.haifa.ibm.com>
On Wed, Apr 17, 2013 at 08:07:40PM +0300, Abel Gordon wrote:
> Allocate a shadow vmcs used by the processor to shadow part of the fields
> stored in the software defined VMCS12 (let L1 access fields without causing
> exits). Note we keep a shadow vmcs only for the current vmcs12. Once a vmcs12
> becomes non-current, its shadow vmcs is released.
>
>
> Signed-off-by: Abel Gordon <abelg@il.ibm.com>
> ---
> arch/x86/kvm/vmx.c | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> --- .before/arch/x86/kvm/vmx.c 2013-04-17 19:58:32.000000000 +0300
> +++ .after/arch/x86/kvm/vmx.c 2013-04-17 19:58:32.000000000 +0300
> @@ -355,6 +355,7 @@ struct nested_vmx {
> /* The host-usable pointer to the above */
> struct page *current_vmcs12_page;
> struct vmcs12 *current_vmcs12;
> + struct vmcs *current_shadow_vmcs;
>
> /* vmcs02_list cache of VMCSs recently used to run L2 guests */
> struct list_head vmcs02_pool;
> @@ -5517,6 +5518,7 @@ static int handle_vmon(struct kvm_vcpu *
> {
> struct kvm_segment cs;
> struct vcpu_vmx *vmx = to_vmx(vcpu);
> + struct vmcs *shadow_vmcs;
>
> /* The Intel VMX Instruction Reference lists a bunch of bits that
> * are prerequisite to running VMXON, most notably cr4.VMXE must be
> @@ -5540,6 +5542,16 @@ static int handle_vmon(struct kvm_vcpu *
> kvm_inject_gp(vcpu, 0);
> return 1;
> }
> + if (enable_shadow_vmcs) {
> + shadow_vmcs = alloc_vmcs();
> + if (!shadow_vmcs)
> + return -ENOMEM;
> + /* mark vmcs as shadow */
> + shadow_vmcs->revision_id |= (1u << 31);
> + /* init shadow vmcs */
> + vmcs_clear(shadow_vmcs);
> + vmx->nested.current_shadow_vmcs = shadow_vmcs;
> + }
>
Guest can ddos host by calling vmxon repeatedly causing host to leak
memory. This point to a bug in vmxon implementation. vmxon should call
nested_vmx_failInvalid() if (vmx->nested.vmxon).
> INIT_LIST_HEAD(&(vmx->nested.vmcs02_pool));
> vmx->nested.vmcs02_num = 0;
>
> --
> To unsubscribe from this list: send the line "unsubscribe kvm" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Gleb.
next prev parent reply other threads:[~2013-04-18 6:38 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-17 17:05 [PATCH 0/10] KVM: nVMX: shadow VMCS support, v3 Abel Gordon
2013-04-17 17:05 ` [PATCH 01/10] KVM: nVMX: Shadow-vmcs control fields/bits Abel Gordon
2013-04-17 17:06 ` [PATCH 02/10] KVM: nVMX: Detect shadow-vmcs capability Abel Gordon
2013-04-17 17:06 ` [PATCH 03/10] KVM: nVMX: Introduce vmread and vmwrite bitmaps Abel Gordon
2013-04-17 17:07 ` [PATCH 04/10] KVM: nVMX: Refactor handle_vmwrite Abel Gordon
2013-04-17 17:07 ` [PATCH 05/10] KVM: nVMX: Allocate shadow vmcs Abel Gordon
2013-04-18 6:38 ` Gleb Natapov [this message]
2013-04-18 7:07 ` Abel Gordon
2013-04-18 7:11 ` Gleb Natapov
2013-04-18 7:15 ` Abel Gordon
2013-04-17 17:08 ` [PATCH 06/10] KVM: nVMX: Release " Abel Gordon
2013-04-17 17:08 ` [PATCH 07/10] KVM: nVMX: Copy processor-specific shadow-vmcs to VMCS12 Abel Gordon
2013-04-17 17:09 ` [PATCH 08/10] KVM: nVMX: Copy VMCS12 to processor-specific shadow vmcs Abel Gordon
2013-04-17 17:09 ` [PATCH 09/10] KVM: nVMX: Synchronize VMCS12 content with the " Abel Gordon
2013-04-18 6:41 ` Gleb Natapov
2013-04-18 7:07 ` Abel Gordon
2013-04-18 7:10 ` Gleb Natapov
2013-04-17 17:10 ` [PATCH 10/10] KVM: nVMX: Enable and disable shadow vmcs functionality Abel Gordon
-- strict thread matches above, loose matches on Subject: below --
2013-04-17 11:50 [PATCH 0/10] KVM: nVMX: shadow VMCS support, v2 Abel Gordon
2013-04-17 11:53 ` [PATCH 05/10] KVM: nVMX: Allocate shadow vmcs Abel Gordon
2013-04-17 14:10 ` Gleb Natapov
2013-04-17 14:41 ` Abel Gordon
2013-04-17 14:44 ` Gleb Natapov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130418063843.GG8997@redhat.com \
--to=gleb@redhat.com \
--cc=abelg@il.ibm.com \
--cc=dongxiao.xu@intel.com \
--cc=jun.nakajima@intel.com \
--cc=kvm@vger.kernel.org \
--cc=nadav@harel.org.il \
--cc=owasserm@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox