linux-mm.kvack.org archive mirror
 help / color / mirror / Atom feed
From: Alexandre Chartre <alexandre.chartre@oracle.com>
To: lsf-pc@lists.linux-foundation.org
Cc: Linux-MM <linux-mm@kvack.org>,
	Alexandre Chartre <alexandre.chartre@oracle.com>,
	Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
	Mike Rapoport <rppt@linux.ibm.com>,
	junaids@google.com, mgross@linux.intel.com, graf@amazon.de
Subject: [LSF/MM/BPF TOPIC] Multiple Kernel Address Spaces
Date: Fri, 7 Feb 2020 11:17:10 +0100	[thread overview]
Message-ID: <c6e61120-c3a4-15fa-9de7-3d5d44c19083@oracle.com> (raw)


Multiple Kernel Address Spaces

Restricting kernel mappings is used as a mitigation against speculative
attacks like Meltdown with Page Table Isolation (PTI [1]), or L1TF/MDS
with KVM Address Space Isolation (KVM ASI [2]).

KVM ASI was refactored as Kernel Address Space Isolation [3] to provide
a generic kernel framework for ASI, and Thomas Gleixner has indicated
that PTI should be implemented using ASI. This work is mostly done and
will be submitted as ASI RFC v3 later this month.

The on-going work on ASI RFC v3 has highlighted several points I would
like to discuss:

  * Kernel ASI framwork, and refactoring of PTI to use ASI.

  * Generic TLB flushing mechanism to be used for ASI (and so PTI), and
    for possible optimization.

  * Kernel page table management improvement, in particular pagetable creation
    and population. This is an area that Mike Rapoport is also investigating.

ASI RFC v3, which will definitively be available before the MM summit, and
Mike Rapoport work on kernel page table management can be used as a base
for these discussions.

Thanks,

alex.

---

[1] https://www.kernel.org/doc/html/latest/x86/pti.html
[2] ASI RFC v1: https://lore.kernel.org/lkml/1557758315-12667-1-git-send-email-alexandre.chartre@oracle.com/
[3] ASI RFC v2: https://lore.kernel.org/lkml/1562855138-19507-1-git-send-email-alexandre.chartre@oracle.com/


                 reply	other threads:[~2020-02-07 10:17 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=c6e61120-c3a4-15fa-9de7-3d5d44c19083@oracle.com \
    --to=alexandre.chartre@oracle.com \
    --cc=graf@amazon.de \
    --cc=junaids@google.com \
    --cc=konrad.wilk@oracle.com \
    --cc=linux-mm@kvack.org \
    --cc=lsf-pc@lists.linux-foundation.org \
    --cc=mgross@linux.intel.com \
    --cc=rppt@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox