lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 17 Apr 2020 01:49:57 +0000
From:   "Kang, Luwei" <luwei.kang@...el.com>
To:     Paolo Bonzini <pbonzini@...hat.com>,
        "Christopherson, Sean J" <sean.j.christopherson@...el.com>
CC:     "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "vkuznets@...hat.com" <vkuznets@...hat.com>,
        "wanpengli@...cent.com" <wanpengli@...cent.com>,
        "jmattson@...gle.com" <jmattson@...gle.com>,
        "joro@...tes.org" <joro@...tes.org>
Subject: RE: [PATCH] KVM: VMX: Disable Intel PT before VM-entry

> >> Ah, right.  What about enhancing intel_pt_handle_vmx() and 'struct
> >> pt' to replace vmx_on with a field that incorporates the KVM mode?
> >
> > Some history is the host perf didn't fully agree with introducing
> > HOST_GUEST mode for PT in KVM.
> 
> I don't think this is accurate.  IIRC the maintainers wanted packets in the host-
> side trace to signal where the trace was interrupted.  In the end we solved the
> issue by 1) dropping host-only mode since it can be achieved in userspace 2)
> making host-guest an opt in feature.
> 
> I think it would make sense to rename vmx_on into vmx_state and make it an
> 
> enum pt_vmx_state {
> 	PT_VMX_OFF,
> 	PT_VMX_ON_DISABLED,
> 	PT_VMX_ON_SYSTEM,
> 	PT_VMX_ON_HOST_GUEST
> };
> 
> KVM would pass the enum to intel_pt_handle_vmx (one of PT_VMX_OFF,
> PT_VMX_ON_SYSTEM, PT_VMX_ON_HOST_GUEST).  Inside
> intel_pt_handle_vmx you can do
> 
> 	if (pt_pmu.vmx) {
> 		WRITE_ONCE(pt->vmx_state, state);
> 		return;
> 	}
> 
> 	local_irq_save(flags);
> 	WRITE_ONCE(pt->vmx_state,
> 		   state == PT_VMX_OFF ? PT_VMX_OFF :
> PT_VMX_ON_DISABLED);
> 	...
> 
> and in pt_config_start:
> 
> 	...
> 	vmx = READ_ONCE(pt->vmx_start);
> 	if (vmx == PT_VMX_ON_DISABLED)
>                 perf_aux_output_flag(&pt->handle, PERF_AUX_FLAG_PARTIAL);
>         else if (vmx == PT_VMX_ON_SYSTEM ||
> 		 !(current->flags & PF_VCPU))
>                 wrmsrl(MSR_IA32_RTIT_CTL, ctl);
> 	...

I will try this. Thanks.

Luwei Kang

> 
> Thanks,
> 
> Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ