| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 01 Oct 2008 11:43:15 -0700 From: "H. Peter Anvin" <hpa@...or.com> To: Jeremy Fitzhardinge <jeremy@...p.org> CC: akataria@...are.com, "avi@...hat.com" <avi@...hat.com>, Rusty Russell <rusty@...tcorp.com.au>, Gerd Hoffmann <kraxel@...hat.com>, Ingo Molnar <mingo@...e.hu>, the arch/x86 maintainers <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org>, "Nakajima, Jun" <jun.nakajima@...el.com>, Dan Hecht <dhecht@...are.com>, Zachary Amsden <zach@...are.com>, virtualization@...ts.linux-foundation.org, kvm@...r.kernel.org Subject: Re: [RFC] CPUID usage for interaction between Hypervisors and Linux. Jeremy Fitzhardinge wrote: > H. Peter Anvin wrote: >> With a sufficiently large block, we could use fixed points, e.g. by >> having each vendor create interfaces in the 0x40SSSSXX range, where >> SSSS is the PCI ID they use for PCI devices. > > Sure, you could do that, but you'd still want to have a signature in > 0x40SSSS00 to positively identify the chunk. And what if you wanted > more than 256 leaves? What you'd want, at least, is a standard CPUID identification and range leaf at the top. 256 leaves is a *lot*, though; I'm not saying one couldn't run out, but it'd be hard. Keep in mind that for large objects there are "counting" CPUID levels, as much as I personally dislike them, and one could easily argue that if you're doing something that would require anywhere near 256 leaves you probably are storing bulk data that belongs elsewhere. Of course, if we had some kind of central authority assigning 8-bit IDs that would be even better, especially since there are tools in the field which already scan on 64K boundaries. I don't know, though, how likely it is that we'll have to deal with 256 hypervisors. >> Note that I said "create interfaces". It's important that all about >> this is who specified the interface -- for "what hypervisor is this" >> just use 0x40000000 and disambiguate based on that. > > "What hypervisor is this?" isn't a very interesting question; if you're > even asking it then it suggests that something has gone wrong. Its much > more useful to ask "what interfaces does this hypervisor support?", and > enumerating a smallish range of well-known leaves looking for signatures > is the simplest way to do that. (We could use signatures derived from > the PCI vendor IDs which would help with managing that namespace.) > I agree completely, of course (except that "what hypervisor is this" still has limited usage, especially when it comes to dealing with bug workarounds. Similar to the way we use CPU vendor IDs and stepping numbers for physical CPUs.) -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists