Re: Redoing eXclusive Page Frame Ownership (XPFO) with isolated CPUs in mind (for KVM to isolate its guests per CPU)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Tycho Andersen <tycho@xxxxxxxx>, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: Redoing eXclusive Page Frame Ownership (XPFO) with isolated CPUs in mind (for KVM to isolate its guests per CPU)
From: Dave Hansen <dave.hansen@xxxxxxxxx>
Date: Mon, 20 Aug 2018 15:59:54 -0700
Cc: David Woodhouse <dwmw@xxxxxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, juerg.haefliger@xxxxxxx, deepa.srinivasan@xxxxxxxxxx, Jim Mattson <jmattson@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Linux Kernel Mailing List <linux-kernel@xxxxxxxxxxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>, linux-mm <linux-mm@xxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, joao.m.martins@xxxxxxxxxx, pradeep.vincent@xxxxxxxxxx, Andi Kleen <ak@xxxxxxxxxxxxxxx>, Khalid Aziz <khalid.aziz@xxxxxxxxxx>, kanth.ghatraju@xxxxxxxxxx, Liran Alon <liran.alon@xxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxx>, jsteckli@xxxxxxxxxxxxxxxxxxxx, Kernel Hardening <kernel-hardening@xxxxxxxxxxxxxxxxxx>, chris.hyser@xxxxxxxxxx, Tyler Hicks <tyhicks@xxxxxxxxxxxxx>, John Haxby <john.haxby@xxxxxxxxxx>, Jon Masters <jcm@xxxxxxxxxx>
In-reply-to: <20180820223557.GC16961@cisco.cisco.com>
Openpgp: preference=signencrypt
References: <20180820212556.GC2230@char.us.oracle.com> <CA+55aFxZCyVZc4ZpRyZ3uDyakRSOG_=2XvnwMo4oejpsieF9=A@mail.gmail.com> <1534801939.10027.24.camel@amazon.co.uk> <CA+55aFxyUdhYjnQdnmWAt8tTwn4HQ1xz3SAMZJiawkLpMiJ_+w@mail.gmail.com> <20180820223557.GC16961@cisco.cisco.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1

On 08/20/2018 03:35 PM, Tycho Andersen wrote:
> Since meltdown hit, I haven't worked seriously on understand and
> implementing his suggestions, in part because it wasn't clear to me
> what pieces of the infrastructure we might be able to re-use. Someone
> who knows more about mm/ might be able to suggest an approach, though

Unfortunately, I'm not sure there's much of KPTI we can reuse.  KPTI
still has a very static kernel map (well, two static kernel maps) and
XPFO really needs a much more dynamic map.

We do have a bit of infrastructure now to do TLB flushes near the kernel
exit point, but it's entirely for the user address space, which isn't
affected by XPFO.

Follow-Ups:
- Re: Redoing eXclusive Page Frame Ownership (XPFO) with isolated CPUs in mind (for KVM to isolate its guests per CPU)
  - From: David Woodhouse

References:
- Redoing eXclusive Page Frame Ownership (XPFO) with isolated CPUs in mind (for KVM to isolate its guests per CPU)
  - From: Konrad Rzeszutek Wilk
- Re: Redoing eXclusive Page Frame Ownership (XPFO) with isolated CPUs in mind (for KVM to isolate its guests per CPU)
  - From: Linus Torvalds
- Re: Redoing eXclusive Page Frame Ownership (XPFO) with isolated CPUs in mind (for KVM to isolate its guests per CPU)
  - From: Woodhouse, David
- Re: Redoing eXclusive Page Frame Ownership (XPFO) with isolated CPUs in mind (for KVM to isolate its guests per CPU)
  - From: Linus Torvalds
- Re: Redoing eXclusive Page Frame Ownership (XPFO) with isolated CPUs in mind (for KVM to isolate its guests per CPU)
  - From: Tycho Andersen

Prev by Date: Re: Redoing eXclusive Page Frame Ownership (XPFO) with isolated CPUs in mind (for KVM to isolate its guests per CPU)
Next by Date: Re: Redoing eXclusive Page Frame Ownership (XPFO) with isolated CPUs in mind (for KVM to isolate its guests per CPU)
Previous by thread: Re: Redoing eXclusive Page Frame Ownership (XPFO) with isolated CPUs in mind (for KVM to isolate its guests per CPU)
Next by thread: Re: Redoing eXclusive Page Frame Ownership (XPFO) with isolated CPUs in mind (for KVM to isolate its guests per CPU)
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Bugtraq] [Linux OMAP] [Linux MIPS] [eCos] [Asterisk Internet PBX] [Linux API]