[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 4/4] x86/vmx: Properly flush the TLB when an altp2m is modified

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxx>
From: "Tian, Kevin" <kevin.tian@xxxxxxxxx>
Date: Thu, 28 Feb 2019 05:50:52 +0000
Accept-language: en-US
Cc: Juergen Gross <jgross@xxxxxxxx>, Tamas K Lengyel <tamas@xxxxxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>, "Nakajima, Jun" <jun.nakajima@xxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
Delivery-date: Thu, 28 Feb 2019 05:51:01 +0000
Dlp-product: dlpe-windows
Dlp-reaction: no-action
Dlp-version: 11.0.400.15
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Thread-index: AQHUyKEi/lsDYizMFkO5hZAO+cUY1KX0wSqA
Thread-topic: [PATCH 4/4] x86/vmx: Properly flush the TLB when an altp2m is modified

> From: Andrew Cooper [mailto:andrew.cooper3@xxxxxxxxxx]
> Sent: Wednesday, February 20, 2019 6:19 AM
> 
> Modificaitons to an altp2m mark the p2m as needing flushing, but this was

Modifications

> never wired up in the return-to-guest path.  As a result, stale TLB entries
> can remain after resuming the guest.
> 
> In practice, this manifests as a missing EPT_VIOLATION or #VE exception
> when
> the guest subsequently accesses a page which has had its permissions
> reduced.
> 
> vmx_vmenter_helper() now has 11 p2ms to potentially invalidate, but issuing
> 11
> INVEPT instructions isn't clever.  Instead, count how many contexts need
> invalidating, and use INVEPT_ALL_CONTEXT if two or more are in need of
> flushing.
> 
> This doesn't have an XSA because altp2m is not yet a security-supported
> feature.
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Acked-by: Kevin Tian <kevin.tian@xxxxxxxxx>
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

References:
- [Xen-devel] [PATCH tentitively for-4.12 0/4] x86/altp2m: Fix multiple security issues
  - From: Andrew Cooper
- [Xen-devel] [PATCH 4/4] x86/vmx: Properly flush the TLB when an altp2m is modified
  - From: Andrew Cooper

Prev by Date: Re: [Xen-devel] [PATCH v2 3/4] x86/vmx: Fix security issue when a guest balloons out the #VE info page
Next by Date: Re: [Xen-devel] [PATCH 1/6] x86/vtd: Don't include control register state in the table pointers
Previous by thread: Re: [Xen-devel] [PATCH 4/4] x86/vmx: Properly flush the TLB when an altp2m is modified
Next by thread: Re: [Xen-devel] [PATCH tentitively for-4.12 0/4] x86/altp2m: Fix multiple security issues
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.