From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (193.142.43.55:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 13 Oct 2019 22:11:20 -0000 Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]) by Galois.linutronix.de with esmtps (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.80) (envelope-from ) id 1iJm56-0005Ep-03 for speck@linutronix.de; Mon, 14 Oct 2019 00:11:17 +0200 Received: from [192.168.4.242] (helo=deadeye) by shadbolt.decadent.org.uk with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1iJm54-0005TM-1x for speck@linutronix.de; Sun, 13 Oct 2019 23:11:14 +0100 Received: from ben by deadeye with local (Exim 4.92.2) (envelope-from ) id 1iJm53-0000bE-UT for speck@linutronix.de; Sun, 13 Oct 2019 23:11:13 +0100 Message-ID: Subject: [MODERATED] Re: [PATCH v5 6/8] NX 6 From: Ben Hutchings Date: Sun, 13 Oct 2019 23:11:05 +0100 In-Reply-To: <4d3beab5-4021-832d-5c40-a0f657d55631@redhat.com> References: <1561989149-17323-1-git-send-email-pbonzini@redhat.com> <1561989149-17323-7-git-send-email-pbonzini@redhat.com> <973c85efc96c05cba9ddfc2f5bf53c9482801924.camel@decadent.org.uk> <4d3beab5-4021-832d-5c40-a0f657d55631@redhat.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-AhB/bMYCxaqfvS7Cn4uT" To: speck@linutronix.de List-ID: --=-AhB/bMYCxaqfvS7Cn4uT Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, 2019-10-10 at 01:08 +0200, speck for Paolo Bonzini wrote: > On 10/10/19 00:42, speck for Ben Hutchings wrote: > > I've started trying to backport the NX patches to stable branches, and > > I think I can take them back as far as 4.9. > >=20 > > However, kvm_mmu_zap_all() is a relatively new addition and looks hard > > to backport. I intend to make the nx_huge_pages parameter read-only > > (0444 permissions) and delete this "if (new_val !=3D old_val)" block.= =20 > > Does that seem reasonable? >=20 > Just replace it with kvm_mmu_invalidate_zap_all_pages (which will be in= =20 > v6, because we have since brought it back from the dead). >=20 > You also have to backport commit 833b45de69a6 ("kvm: x86, powerpc: do=20 > not allow clearing largepages debugfs entry", 2019-09-30) and make the= =20 > new statistic 0444 as well. This is the only other change in v6 for now. >=20 > This is the list of prerequisites I had prepared, it should go back to 4.= 3 or so: Wow, thanks for this. I still don't think it's worthwile to backport this mitigation to stable branches older than 4.9 - they never got KVM mitigations for L1TF so they're already unsuitable for hosting untrusted guests. After excluding commits older than 4.9, the list is then: [...] > e08d26f0712532c79b5ba6200862eaf2036f8df6 kvm: x86: simplify ept_misconfig > 9b8ebbdb74b5ad76b9dfd8b101af17839174b126 kvm: x86: extend usage of RET_MM= IO_PF_* constants > 42522d08cdba6d8be4247e4f0770f39f4708b71f KVM: MMU: drop vcpu param in gpt= e_access > 0d9ce162cf46c99628cc5da9510b959c7976735b kvm: Convert kvm_lock to a mutex [...] > 43fdcda96e2550c6d1c46fb8a78801aa2f7276ed kvm: mmu: Do not release the pag= e inside mmu_set_spte()=20 > 9de2b2120668d2874570b14105e49235097b70c2 KVM: x86: make FNAME(fetch) and = __direct_map more similar Commit hash should be 3fcf2d1bdeb6a513523cb2c77012a6b047aa859c? > d679b32611c0102ce33b9e1a4e4b94854ed1812a KVM: x86: remove now unneeded hu= gepage gfn adjustment=20 > 1e823556fd3af3635e174f570d0b85b4e72b2b1c KVM: x86: change kvm_mmu_page_ge= t_gfn BUG_ON to WARN_ON Commit hash should be e9f2a760b158551bfbef6db31d2cae45ab8072e5? > bf9af89c4146978000eba9b0a1eb43540d893223 KVM: x86: add tracepoints around= __direct_map and FNAME(fetch) Commit hash should be 335e192a3fa415e1202c8b9ecdaaecd643f823cc? > 833b45de69a6016c4b0cebe6765d526a31a81580 kvm: x86, powerpc: do not allow = clearing largepages debugfs entry >=20 > None of the backports should be particularly tricky. In my previous attempt I found it helpful to pick these two that you didn't mention: 3ff519f29d98 KVM: x86: adjust kvm_mmu_page member to save 8 bytes 00ae831dfe44 x86/cpu: Add Atom Tremont (Jacobsville) Ben. --=20 Ben Hutchings The obvious mathematical breakthrough [to break modern encryption] would be development of an easy way to factor large prime numbers. - Bill Gates --=-AhB/bMYCxaqfvS7Cn4uT Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAl2joPkACgkQ57/I7JWG EQkHHBAA1bIW38GyIyi+3R3XagSPg+HwbIDvatAFJDgIMui36+R0TCq+Jp5sGS6E iiEYyf9hH6mv3NkHJalFwu2UPwpd/EwoKNXTsGHb5R1gAcMni2bagk6CJUHG9MKc MLtywwWnJPn9QcertpnSYvF5t4SjJxwdR2DY/iLsPrN2wbkJaM2ldfSvC8+EzWKR QloHoYo2ffWaMDg1wWv/PT8GKWOjt6yNg9rx7Yrnrzy9lUXaEd3nTnig/IW8Gyml O9R39jvfu3Z/1Uo5ZNuKwfj0hqTjZP26KLXbGFRB2ksXixJaWOXpeAWF4LE1XiG1 SUxHywRap2Z4L9/G0qeSEOC9pK2zahcSBSf74mIlwB6sn4kq/6hO619cW4wUySZO 7lNULJlIE6zDYJacq1HK4yM6YJqJuqDVbR/al/CfxIwE3BFpnpzISqDNjbGxkLBU gNwfLhqyqlB95L4Wb+PXK1+TRS8ztseNhr6rpPnR1UQOMhZuhYsq4sKeUrQ0oKH+ 0W+U+BE09qmo3RMKxQvDu3oDFwAJqPKCSx81Eo7f5+7t9/d7J0RDvjmPbzJsxLSQ TmzZ/nPpwUmiCXHprvAfPbKOl6hWkij/ivpsxjwnIsNKCuwsAq2Zo3IxnXO0Xysz kcdW7JQ4ndkrFGN8VMCDJDWYRMGEq6rC2TdmtTUQAxWweS/D3Ag= =ebAZ -----END PGP SIGNATURE----- --=-AhB/bMYCxaqfvS7Cn4uT--