From: David Hildenbrand <david@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Peter Xu <peterx@redhat.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
Marc Zyngier <maz@kernel.org>,
Oliver Upton <oliver.upton@linux.dev>,
Tianrui Zhao <zhaotianrui@loongson.cn>,
Bibo Mao <maobibo@loongson.cn>,
Thomas Bogendoerfer <tsbogend@alpha.franken.de>,
Nicholas Piggin <npiggin@gmail.com>,
Anup Patel <anup@brainfault.org>,
Atish Patra <atishp@atishpatra.org>,
Sean Christopherson <seanjc@google.com>,
Andrew Morton <akpm@linux-foundation.org>,
linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev,
loongarch@lists.linux.dev, linux-mips@vger.kernel.org,
linuxppc-dev@lists.ozlabs.org, kvm-riscv@lists.infradead.org,
linux-mm@kvack.org, linux-trace-kernel@vger.kernel.org,
linux-perf-users@vger.kernel.org,
Andrea Arcangeli <aarcange@redhat.com>
Subject: Re: [PATCH 1/4] KVM: delete .change_pte MMU notifier callback
Date: Fri, 12 Apr 2024 22:01:03 +0200 [thread overview]
Message-ID: <5ed763c2-7e01-4c31-923c-ba62f0d0e993@redhat.com> (raw)
In-Reply-To: <CABgObfYwwXy9gQap-PJyOrVCcUr-VfK90AKNaRe0VO-G00G8SQ@mail.gmail.com>
On 11.04.24 18:55, Paolo Bonzini wrote:
> On Mon, Apr 8, 2024 at 3:56 PM Peter Xu <peterx@redhat.com> wrote:
>> Paolo,
>>
>> I may miss a bunch of details here (as I still remember some change_pte
>> patches previously on the list..), however not sure whether we considered
>> enable it? Asked because I remember Andrea used to have a custom tree
>> maintaining that part:
>>
>> https://github.com/aagit/aa/commit/c761078df7a77d13ddfaeebe56a0f4bc128b1968
>
> The patch enables it only for KSM, so it would still require a bunch
> of cleanups, for example I also would still use set_pte_at() in all
> the places that are not KSM. This would at least fix the issue with
> the poor documentation of where to use set_pte_at_notify() vs
> set_pte_at().
>
> With regard to the implementation, I like the idea of disabling the
> invalidation on the MMU notifier side, but I would rather have
> MMU_NOTIFIER_CHANGE_PTE as a separate field in the range instead of
> overloading the event field.
>
>> Maybe it can't be enabled for some reason that I overlooked in the current
>> tree, or we just decided to not to?
>
> I have just learnt about the patch, nobody had ever mentioned it even
> though it's almost 2 years old... It's a lot of code though and no one
I assume Andrea used it on his tree where he also has a version of
"randprotect" (even included in that commit subject) to mitigate a KSM
security issue that was reported by some security researchers [1] a
while ago. From what I recall, the industry did not end up caring about
that security issue that much.
IIUC, with "randprotect" we get a lot more R/O protection even when not
de-duplicating a page -- thus the name. Likely, the reporter mentioned
in the commit is a researcher that played with Andreas fix for the
security issue. But I'm just speculating at this point :)
> has ever reported an issue for over 10 years, so I think it's easiest
> to just rip the code out.
Yes. Can always be readded in a possibly cleaner fashion (like you note
above), when deemed necessary and we are willing to support it.
[1] https://gruss.cc/files/remote_dedup.pdf
--
Cheers,
David / dhildenb
next prev parent reply other threads:[~2024-04-12 20:01 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-05 11:58 [PATCH 0/4] KVM, mm: remove the .change_pte() MMU notifier and set_pte_at_notify() Paolo Bonzini
2024-04-05 11:58 ` [PATCH 1/4] KVM: delete .change_pte MMU notifier callback Paolo Bonzini
2024-04-07 4:50 ` Anup Patel
2024-04-08 7:23 ` maobibo
2024-04-08 11:45 ` Michael Ellerman
2024-04-08 13:56 ` Peter Xu
[not found] ` <CABgObfYwwXy9gQap-PJyOrVCcUr-VfK90AKNaRe0VO-G00G8SQ@mail.gmail.com>
2024-04-11 18:47 ` Peter Xu
2024-04-12 20:01 ` David Hildenbrand [this message]
2024-04-12 10:44 ` Will Deacon
2024-04-12 13:15 ` Marc Zyngier
2024-04-12 14:54 ` Sean Christopherson
2024-04-13 9:56 ` Marc Zyngier
2024-04-15 17:03 ` Sean Christopherson
2024-04-18 14:19 ` Will Deacon
2024-04-18 19:53 ` Sean Christopherson
2024-04-19 11:24 ` Will Deacon
2024-04-19 13:58 ` Sean Christopherson
2024-06-12 15:22 ` Sean Christopherson
2024-06-12 17:31 ` Sean Christopherson
2024-04-05 11:58 ` [PATCH 2/4] KVM: remove unused argument of kvm_handle_hva_range() Paolo Bonzini
2024-04-08 6:31 ` Philippe Mathieu-Daudé
2024-04-05 11:58 ` [PATCH 3/4] mmu_notifier: remove the .change_pte() callback Paolo Bonzini
2024-04-08 7:35 ` David Hildenbrand
2024-04-05 11:58 ` [PATCH 4/4] mm: replace set_pte_at_notify() with just set_pte_at() Paolo Bonzini
2024-04-08 6:28 ` Philippe Mathieu-Daudé
2024-04-10 21:30 ` [PATCH 0/4] KVM, mm: remove the .change_pte() MMU notifier and set_pte_at_notify() Andrew Morton
2024-04-11 16:57 ` Paolo Bonzini
2024-04-12 13:07 ` Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5ed763c2-7e01-4c31-923c-ba62f0d0e993@redhat.com \
--to=david@redhat.com \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=anup@brainfault.org \
--cc=atishp@atishpatra.org \
--cc=kvm-riscv@lists.infradead.org \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-perf-users@vger.kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=loongarch@lists.linux.dev \
--cc=maobibo@loongson.cn \
--cc=maz@kernel.org \
--cc=npiggin@gmail.com \
--cc=oliver.upton@linux.dev \
--cc=pbonzini@redhat.com \
--cc=peterx@redhat.com \
--cc=seanjc@google.com \
--cc=tsbogend@alpha.franken.de \
--cc=zhaotianrui@loongson.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox