Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp1023648ybi; Fri, 12 Jul 2019 08:24:51 -0700 (PDT) X-Google-Smtp-Source: APXvYqz5kByI/wmmoVPS4EWzLoEjLwd6uzcZiLG7+ysR2tHtXx/X4DR2sorGHmtxl2bjCxK6uMO6 X-Received: by 2002:a17:90a:b312:: with SMTP id d18mr12088252pjr.35.1562945090940; Fri, 12 Jul 2019 08:24:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562945090; cv=none; d=google.com; s=arc-20160816; b=NghHVRhqgpGH77fcsooK6gsDyE+DkdVGZlO3CChIRV7126Pudu40nzvHz2ob3y6ieI LZePw/UODjLV2XdE8+dd8pRjJqctJFFDEbTFNhGM8Z10wCvB8KCETA1d42BHoagcgAf/ 2AQghfFTq9HEHdbDf2bZSU9Fi09lEXFDaw2OjbGaMAiG2JdUtHxPIRXcnv/27jwuaVY0 a+QtDLhwECdPvd3JeRn11HZ4zHGWK6GwJH8+vMlsp5RWhdTyZnA2J9PO3jr4c7MWcDRZ 7lRYZd2G+mSBnKi370DhKDvK5PRYAbMABYGd49Y96oJuvrBsXhNoqNHLnnYZSvuW7lXa CG3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=aYZ5mzJK5gc4DUj302MHZQktRUNxigxb7h1wcySusn4=; b=yKff8UqgtxkCtA2Q5QcuqwHrxIri1DN82Z39DYvmbn/ZyBabJTA8p53Miqr0B2nf9u hJLYG32oxcnCDHa59MEun2j0h7ZllGsCMJz+86PgLSprlaRj6uvO6oo1m7XgbDk/gvxh py4ZKMxT3o+mcj6oQWedmw8Nq9uJDLOiTd5G1RTto3Mirn8FVrBieUzUdNGHaDoSUxgG vLMWggkO56shOJakXHORbYPGxD+2gZqTGeJEfDhSRujrA9UWwMaIes21Qq9CoVlxCROg dLH+11qJ6uh0adnmaUYf/zxy4utPD17XSsAfO87zi8bKpG6zedOd49js7W7cFxpNDZ/N w6FA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v8si7751678plp.179.2019.07.12.08.24.35; Fri, 12 Jul 2019 08:24:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727035AbfGLPXz (ORCPT + 99 others); Fri, 12 Jul 2019 11:23:55 -0400 Received: from Galois.linutronix.de ([193.142.43.55]:44219 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726318AbfGLPXz (ORCPT ); Fri, 12 Jul 2019 11:23:55 -0400 Received: from [5.158.153.52] (helo=nanos.tec.linutronix.de) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1hlxOi-0003SX-Ud; Fri, 12 Jul 2019 17:23:45 +0200 Date: Fri, 12 Jul 2019 17:23:44 +0200 (CEST) From: Thomas Gleixner To: Alexandre Chartre cc: Dave Hansen , pbonzini@redhat.com, rkrcmar@redhat.com, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, dave.hansen@linux.intel.com, luto@kernel.org, peterz@infradead.org, kvm@vger.kernel.org, x86@kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, konrad.wilk@oracle.com, jan.setjeeilers@oracle.com, liran.alon@oracle.com, jwadams@google.com, graf@amazon.de, rppt@linux.vnet.ibm.com Subject: Re: [RFC v2 00/27] Kernel Address Space Isolation In-Reply-To: Message-ID: References: <1562855138-19507-1-git-send-email-alexandre.chartre@oracle.com> <5cab2a0e-1034-8748-fcbe-a17cf4fa2cd4@intel.com> <2791712a-9f7b-18bc-e686-653181461428@oracle.com> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 12 Jul 2019, Alexandre Chartre wrote: > On 7/12/19 3:51 PM, Dave Hansen wrote: > > BTW, the PTI CR3 writes are not *strictly* about the interrupt coming > > from user vs. kernel. It's tricky because there's a window both in the > > entry and exit code where you are in the kernel but have a userspace CR3 > > value. You end up needing a CR3 write when you have a userspace CR3 > > value when the interrupt occurred, not only when you interrupt userspace > > itself. > > > > Right. ASI is simpler because it comes from the kernel and return to the > kernel. There's just a small window (on entry) where we have the ASI CR3 > but we quickly switch to the full kernel CR3. That's wrong in several aspects. 1) You are looking at it purely from the VMM perspective, which is bogus as you already said, that this can/should be used to be extended to other scenarios (including kvm ioctl or such). So no, it's not just coming from kernel space and returning to it. If that'd be true then the entry code could just stay as is because you can handle _ALL_ of that very trivial in the atomic VMM enter/exit code. 2) It does not matter how small that window is. If there is a window then this needs to be covered, no matter what. Thanks, tglx