All of lore.kernel.org
 help / color / mirror / Atom feed
From: Marcelo Tosatti <mtosatti@redhat.com>
To: kvm@vger.kernel.org
Cc: avi@redhat.com, Marcelo Tosatti <mtosatti@redhat.com>
Subject: [patch 1/4] KVM: MMU audit: update count_writable_mappings / count_rmaps
Date: Tue, 09 Jun 2009 10:13:04 -0300	[thread overview]
Message-ID: <20090609131405.737484599@localhost.localdomain> (raw)
In-Reply-To: 20090609131303.446673264@localhost.localdomain

[-- Attachment #1: mmu-audit-1 --]
[-- Type: text/plain, Size: 3997 bytes --]

Under testing, count_writable_mappings returns a value that is 2 integers
larger than what count_rmaps returns.

Suspicion is that either of the two functions is counting a duplicate (either
positively or negatively). 

Modifying check_writable_mappings_rmap to check for rmap existance on
all present MMU pages fails to trigger an error, which should keep Avi
happy.

Also introduce mmu_spte_walk to invoke a callback on all present sptes visible
to the current vcpu, might be useful in the future.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

Index: kvm/arch/x86/kvm/mmu.c
===================================================================
--- kvm.orig/arch/x86/kvm/mmu.c
+++ kvm/arch/x86/kvm/mmu.c
@@ -3020,6 +3020,55 @@ static gva_t canonicalize(gva_t gva)
 	return gva;
 }
 
+
+typedef void (*inspect_spte_fn) (struct kvm *kvm, struct kvm_mmu_page *sp,
+				 u64 *sptep);
+
+static void __mmu_spte_walk(struct kvm *kvm, struct kvm_mmu_page *sp,
+			    inspect_spte_fn fn)
+{
+	int i;
+
+	for (i = 0; i < PT64_ENT_PER_PAGE; ++i) {
+		u64 ent = sp->spt[i];
+
+		if (is_shadow_present_pte(ent)) {
+			if (sp->role.level > 1 && !is_large_pte(ent)) {
+				struct kvm_mmu_page *child;
+				child = page_header(ent & PT64_BASE_ADDR_MASK);
+				__mmu_spte_walk(kvm, child, fn);
+			}
+			if (sp->role.level == 1)
+				fn(kvm, sp, &sp->spt[i]);
+		}
+	}
+}
+
+static void mmu_spte_walk(struct kvm_vcpu *vcpu, inspect_spte_fn fn)
+{
+	int i;
+	struct kvm_mmu_page *sp;
+
+	if (!VALID_PAGE(vcpu->arch.mmu.root_hpa))
+		return;
+	if (vcpu->arch.mmu.shadow_root_level == PT64_ROOT_LEVEL) {
+		hpa_t root = vcpu->arch.mmu.root_hpa;
+		sp = page_header(root);
+		__mmu_spte_walk(vcpu->kvm, sp, fn);
+		return;
+	}
+	for (i = 0; i < 4; ++i) {
+		hpa_t root = vcpu->arch.mmu.pae_root[i];
+
+		if (root && VALID_PAGE(root)) {
+			root &= PT64_BASE_ADDR_MASK;
+			sp = page_header(root);
+			__mmu_spte_walk(vcpu->kvm, sp, fn);
+		}
+	}
+	return;
+}
+
 static void audit_mappings_page(struct kvm_vcpu *vcpu, u64 page_pte,
 				gva_t va, int level)
 {
@@ -3112,9 +3161,43 @@ static int count_rmaps(struct kvm_vcpu *
 	return nmaps;
 }
 
-static int count_writable_mappings(struct kvm_vcpu *vcpu)
+void inspect_spte_has_rmap(struct kvm *kvm, struct kvm_mmu_page *sp, u64 *sptep)
+{
+	unsigned long *rmapp;
+	struct kvm_mmu_page *rev_sp;
+	gfn_t gfn;
+
+	if (*sptep & PT_WRITABLE_MASK) {
+		rev_sp = page_header(__pa(sptep));
+		gfn = rev_sp->gfns[sptep - rev_sp->spt];
+
+		if (!gfn_to_memslot(kvm, gfn)) {
+			printk(KERN_ERR "%s: no memslot for gfn %ld\n",
+					 audit_msg, gfn);
+			printk(KERN_ERR "%s: index %ld of sp (gfn=%lx)\n",
+					audit_msg, sptep - rev_sp->spt,
+					rev_sp->gfn);
+			dump_stack();
+			return;
+		}
+
+		rmapp = gfn_to_rmap(kvm, rev_sp->gfns[sptep - rev_sp->spt], 0);
+		if (!*rmapp) {
+			printk(KERN_ERR "%s: no rmap for writable spte %llx\n",
+					 audit_msg, *sptep);
+			dump_stack();
+		}
+	}
+
+}
+
+void audit_writable_sptes_have_rmaps(struct kvm_vcpu *vcpu)
+{
+	mmu_spte_walk(vcpu, inspect_spte_has_rmap);
+}
+
+static void check_writable_mappings_rmap(struct kvm_vcpu *vcpu)
 {
-	int nmaps = 0;
 	struct kvm_mmu_page *sp;
 	int i;
 
@@ -3131,20 +3214,16 @@ static int count_writable_mappings(struc
 				continue;
 			if (!(ent & PT_WRITABLE_MASK))
 				continue;
-			++nmaps;
+			inspect_spte_has_rmap(vcpu->kvm, sp, &pt[i]);
 		}
 	}
-	return nmaps;
+	return;
 }
 
 static void audit_rmap(struct kvm_vcpu *vcpu)
 {
-	int n_rmap = count_rmaps(vcpu);
-	int n_actual = count_writable_mappings(vcpu);
-
-	if (n_rmap != n_actual)
-		printk(KERN_ERR "%s: (%s) rmap %d actual %d\n",
-		       __func__, audit_msg, n_rmap, n_actual);
+	check_writable_mappings_rmap(vcpu);
+	count_rmaps(vcpu);
 }
 
 static void audit_write_protection(struct kvm_vcpu *vcpu)
@@ -3178,6 +3257,7 @@ static void kvm_mmu_audit(struct kvm_vcp
 	audit_rmap(vcpu);
 	audit_write_protection(vcpu);
 	audit_mappings(vcpu);
+	audit_writable_sptes_have_rmaps(vcpu);
 	dbg = olddbg;
 }
 

-- 


  reply	other threads:[~2009-06-09 13:15 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-06-02 21:36 [patch 0/4] mmu audit update Marcelo Tosatti
2009-06-02 21:36 ` [patch 1/4] KVM: MMU audit: update count_writable_mappings / count_rmaps Marcelo Tosatti
2009-06-08  9:24   ` Avi Kivity
2009-06-09 12:33     ` Marcelo Tosatti
2009-06-09 12:40       ` Avi Kivity
2009-06-02 21:36 ` [patch 2/4] KVM: MMU audit: update audit_write_protection Marcelo Tosatti
2009-06-02 21:36 ` [patch 3/4] KVM: MMU audit: nontrapping ptes in nonleaf level Marcelo Tosatti
2009-06-02 21:36 ` [patch 4/4] KVM: MMU audit: audit_mappings tweaks Marcelo Tosatti
2009-06-08  9:29   ` Avi Kivity
2009-06-07  7:14 ` [patch 0/4] mmu audit update Avi Kivity
2009-06-10 15:27   ` [patch 0/6] mmu audit update v4 Marcelo Tosatti
2009-06-10 15:27     ` [patch 1/6] KVM: MMU: introduce is_last_spte helper Marcelo Tosatti
2009-06-10 15:27     ` [patch 2/6] KVM: MMU audit: update count_writable_mappings / count_rmaps Marcelo Tosatti
2009-06-10 15:27     ` [patch 3/6] KVM: MMU audit: update audit_write_protection Marcelo Tosatti
2009-06-10 15:27     ` [patch 4/6] KVM: MMU audit: nontrapping ptes in nonleaf level Marcelo Tosatti
2009-06-10 15:27     ` [patch 5/6] KVM: MMU audit: audit_mappings tweaks Marcelo Tosatti
2009-06-10 15:27     ` [patch 6/6] KVM: MMU audit: largepage handling Marcelo Tosatti
2009-06-11 14:24     ` [patch 0/6] mmu audit update v4 Avi Kivity
2009-06-09 13:13 ` [patch 0/4] mmu audit update v2 Marcelo Tosatti
2009-06-09 13:13   ` Marcelo Tosatti [this message]
2009-06-09 13:13   ` [patch 2/4] KVM: MMU audit: update audit_write_protection Marcelo Tosatti
2009-06-09 13:13   ` [patch 3/4] KVM: MMU audit: nontrapping ptes in nonleaf level Marcelo Tosatti
2009-06-09 13:13   ` [patch 4/4] KVM: MMU audit: audit_mappings tweaks Marcelo Tosatti

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20090609131405.737484599@localhost.localdomain \
    --to=mtosatti@redhat.com \
    --cc=avi@redhat.com \
    --cc=kvm@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.