Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp1427126ybl; Fri, 31 Jan 2020 21:55:46 -0800 (PST) X-Google-Smtp-Source: APXvYqzEDDEpUQSYZYUsyMvGkluyG0ENqjVgT2QmIfDGoqmtEKRsqpye7FCCoWwSt51Jxwt1lTVy X-Received: by 2002:a05:6808:4cc:: with SMTP id a12mr8852286oie.115.1580536545991; Fri, 31 Jan 2020 21:55:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1580536545; cv=none; d=google.com; s=arc-20160816; b=LS33cMy+nOP/x4QmQ3ThqFIhX60Wr94nGOgUtZ6kP7XnIoXcm/4oe+JRImSaGq+3uO gdzXXEnmyxOOaM65vX2WEaQ/I/NgVMKToXvWUvihX788mRdndlbjjMdzF3eLehVlrwV2 0fsQSBMPSiltPkkpoc2+n1H8LErVV9XCpa+ZjCnYBtK8DtacvxSdlsCazL4QhOVyMOwD NPg5HTtyDihezCLj0JR8C/zghTrah2rpvtL6v5CbzHINTbLDJq36CZ/Ibu43ZQPt42yZ klcgBI5ldfVDb/VgTdkUKQD0dhy1+4/gzxj3fmI96FbL2bhQoqVpV4SuDBNiAPYi6jEA ozSw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=nn6Z1K4Ig+lUl4xv40lMeq9rx7gNTQqV1fkouNx1AkE=; b=ZcG8NwHFqCjS7qt9KgMkuTTprDUoLO/6m2Ow8QkNgSr8bIfyrs0c8d2pVd8X8pP6fI klSBmr5g4rnu5nDKhYilIaTfN9bCaGqLyygNeFRV0mSp9ebaa6wDIoBj2I/giDeSDgrP S56MmwFeZpL8MfGmZCw3iJEZiJcTzYrgi0RTsni9OrgV5Ne7gdHv0sQoihmHA6lMWRrD PNxkUguq++SKJ8hWp9ogJaMu32foYoh5z+jVCMC79vMHZOYp+DEcFNfABilxuLEOwpPe hkpq3Cap8ggDBFaInCj9s/ScKrFUuEM8J8poVr/s+tfhxV7QfwvOJCtihbPOMYS/1d1y zGRQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=qMfELv6g; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w4si6177327otl.214.2020.01.31.21.55.34; Fri, 31 Jan 2020 21:55:45 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=qMfELv6g; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726365AbgBAFxn (ORCPT + 99 others); Sat, 1 Feb 2020 00:53:43 -0500 Received: from mail-oi1-f194.google.com ([209.85.167.194]:35678 "EHLO mail-oi1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726133AbgBAFxn (ORCPT ); Sat, 1 Feb 2020 00:53:43 -0500 Received: by mail-oi1-f194.google.com with SMTP id b18so9614212oie.2; Fri, 31 Jan 2020 21:53:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=nn6Z1K4Ig+lUl4xv40lMeq9rx7gNTQqV1fkouNx1AkE=; b=qMfELv6gCVDzyWoHrI8dxesUDXE3M1cw7AJY/HgtTJBDZi6hj8nL+jyu8fNQ7ic8H0 QCzkCGzeYtjWkO52gQOjFg2trtO7759pyuei63RbVGekUibOimrDGpULjZhUg4Z9qxrl /Xno4xQb5ARDonX9l9GFqB2cqd6Y4VD2xRLytPuwlvP8/qJsIvZJCZDsqGViAgNzOpIt orUKRghnQw3ykbGoHXbNg2NefxIUp6p3+oVGzhn57X30H83e0VHsaJy5+aCROgTHBO45 L+EQQ9UNdaLzStCxTM0bgDq5CBZ6BAztuiUcS60FmtjeF6JF/HeyKuYBD589Th9foDja WKoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=nn6Z1K4Ig+lUl4xv40lMeq9rx7gNTQqV1fkouNx1AkE=; b=P6YzzvdG9pm7G54CaJHZOOcP5+M6mCQ50Ksr/ACOtORfjSo6TX0fEWvFLdPaDJNq8Y VsUZfhpe918N+nvNC8CgAxuBxUpxNgvGRTBXn258aloknc/1W/vG9ewrmMycpuUq5a6V mS3BuolSOqfGO5EpHw/0IiyZ2E3H0t6ngd0F7DA8VXdUJEHP0KII+tsFGPqYs7iGtT3H YSkj/Fuq4B+ToE3wVix3HiRXw5IhaAkXRLcKVBY5tyZ5hpMn5xaINaboB2fw0eby7oYp jDPMM16Uvipu1E7RHb6CAKtdWuCshKnhSBJCN3NqX7Dd+XXEk0ocIMJ63dYxY03TjOzH TbhQ== X-Gm-Message-State: APjAAAUmaWiDS8vveUjR+5M++nbtQlISOiTR3WOhEZWBW5GtN73Da8Sm zM7GRdGzPigBB4IQHupqFQ3T9gBMAbPI/aziA7R1RwNg X-Received: by 2002:aca:8d5:: with SMTP id 204mr8370686oii.141.1580536422319; Fri, 31 Jan 2020 21:53:42 -0800 (PST) MIME-Version: 1.0 References: <1580407316-11391-1-git-send-email-pbonzini@redhat.com> In-Reply-To: <1580407316-11391-1-git-send-email-pbonzini@redhat.com> From: Wanpeng Li Date: Sat, 1 Feb 2020 13:53:31 +0800 Message-ID: Subject: Re: [FYI PATCH 0/5] Missing TLB flushes To: Paolo Bonzini Cc: LKML , kvm , Boris Ostrovsky Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 31 Jan 2020 at 02:02, Paolo Bonzini wrote: > > From: Boris Ostrovsky > > The KVM hypervisor may provide a guest with ability to defer remote TLB > flush when the remote VCPU is not running. When this feature is used, > the TLB flush will happen only when the remote VPCU is scheduled to run > again. This will avoid unnecessary (and expensive) IPIs. > > Under certain circumstances, when a guest initiates such deferred action, > the hypervisor may miss the request. It is also possible that the guest > may mistakenly assume that it has already marked remote VCPU as needing > a flush when in fact that request had already been processed by the > hypervisor. In both cases this will result in an invalid translation > being present in a vCPU, potentially allowing accesses to memory locations > in that guest's address space that should not be accessible. > > Note that only intra-guest memory is vulnerable. > > The attached patches address both of these problems: > 1. The first patch makes sure the hypervisor doesn't accidentally clear > guest's remote flush request > 2. The rest of the patches prevent the race between hypervisor > acknowledging a remote flush request and guest issuing a new one. Looks good, thanks for the patchset. Wanpeng