Re: [PATCH 4/4] x86,module: Detect CRn and DRn manipulation

From: Nadav Amit
Date: Thu Apr 09 2020 - 06:13:37 EST

Next message: Sudeep Holla: "Re: [PATCH 03/12] arch_topology: Make it avilable for MIPS"
Previous message: Lad, Prabhakar: "Re: [PATCH v7 4/8] PCI: endpoint: Add support to handle multiple base for mapping outbound memory"
In reply to: Peter Zijlstra: "Re: [PATCH 4/4] x86,module: Detect CRn and DRn manipulation"
Next in thread: Thomas Gleixner: "Re: [PATCH 4/4] x86,module: Detect CRn and DRn manipulation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Apr 9, 2020, at 1:56 AM, Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
>
> On Wed, Apr 08, 2020 at 06:15:48PM +0200, Paolo Bonzini wrote:
>> On 08/04/20 17:46, Christoph Hellwig wrote:
>
>>> Scanning all modules seems safer. While we're at it - can be move the
>>> kvm bits using VMX to be always in the core kernel and just forbid
>>> modules from using those instructions entirely?
>>
>> I suppose we could use PVOPS-style patching for the more
>> performance-critical cases, but VMREAD/VMWRITE does not seem like a
>> particularly bad thing to allow modules and VMLAUNCH/VMRESUME have very
>> peculiar calling conventions around them.
>>
>> However, I wouldn't mind it if VMCLEAR/VMPTRLD and the associated kdump
>> cleanup code were moved to core kernel code.
>
> Speaking with my virt ignorance hat on, how impossible is it to provide
> generic/useful VMLAUNCH/VMRESUME wrappers?
>
> Because a lot of what happens around VMEXIT/VMENTER is very much like
> the userspace entry crud, as per that series from Thomas that fixes all
> that. And surely we don't need various broken copies of that in all the
> out-of-tree hypervisors.
>
> Also, I suppose if you have this, we no longer need to excempt CR2.

It depends on what you mean by âVMLAUNCH/VMRESUMEâ. If you only consider the
instructions themselves, as Sean did in vmx_vmenter() and vmx_vmexit(),
there is no problem. Even if you consider saving the general purpose
registers as done in __vmx_vcpu_run() - thatâs relatively easy.

I think that anything that is greater than that, for instance
vmx_vcpu_run(), would require more thought and effort. KVM data-structures,
specifically kvm_vcpu and friends, would need to be broken into general and
KVM specific structures. I am really not sure that the end result would be
much better than using KVM user-space interfaces.

I can ask someone from the VMware hypervisor developers to provide VMware
point-of-view, but it would help to know when do you plan to make such a
change take, and whether there would be some transition stage. Adapting a
hypervisor to use different low-level interfaces would require quite some
development & testing effort.

Next message: Sudeep Holla: "Re: [PATCH 03/12] arch_topology: Make it avilable for MIPS"
Previous message: Lad, Prabhakar: "Re: [PATCH v7 4/8] PCI: endpoint: Add support to handle multiple base for mapping outbound memory"
In reply to: Peter Zijlstra: "Re: [PATCH 4/4] x86,module: Detect CRn and DRn manipulation"
Next in thread: Thomas Gleixner: "Re: [PATCH 4/4] x86,module: Detect CRn and DRn manipulation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]