lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4916C822.4080609@redhat.com>
Date:	Sun, 09 Nov 2008 13:23:14 +0200
From:	Avi Kivity <avi@...hat.com>
To:	Eduardo Habkost <ehabkost@...hat.com>
CC:	"Eric W. Biederman" <ebiederm@...ssion.com>,
	Ingo Molnar <mingo@...e.hu>, Simon Horman <horms@...ge.net.au>,
	Andrew Morton <akpm@...l.org>, Vivek Goyal <vgoyal@...hat.com>,
	Haren Myneni <hbabu@...ibm.com>,
	Andrey Borzenkov <arvidjaar@...l.ru>, mingo@...hat.com,
	"Rafael J. Wysocki" <rjw@...k.pl>, kexec@...ts.infradead.org,
	kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 08/16] x86: Emergency virtualization disable function

Eduardo Habkost wrote:
> On Thu, Nov 06, 2008 at 12:30:51PM +0200, Avi Kivity wrote:
>   
>> Eric W. Biederman wrote:
>>     
>>>> If you want to be extra simple and safe, remove kvm from the equation.  Make the
>>>> disabling code part of kdump/emergency_restart and only rely on the convention
>>>> that cr3.vmxe == vmxon.
>>>>     
>>>>         
>>> Convention?
>>>   
>>>       
>> There is a de-facto convention supported by at least vmware and kvm.  If  
>> cr4.vmxe is 1, then we are in vmx operation.  If cr4.vmxe is 0, then we  
>> are not in vmx operation.  This allows us to determine whether we need  
>> to execute vmxoff without any APIs.
>>     
>
> I am just worried about the probing needed to make sure CR4 is available
> (and that the CR4.VMXE bit means what we expect it to mean),

That's cpu_has_kvm_support() in vmx.c.  Should compile to three 
instructions.

>  before we
> try to read it and check VMXE. The same for SVM and the MSRs we need to
> touch to disable SVM.
>   

That's has_svm() in svm.c; slightly longer but not any more dangerous.

> I prefer to reuse code that already exists on KVM and is working than
> adding new probing code that I won't be able to test on all hardware
> configurations.
>   

We could move the code to a header file, and so compile it both for kvm 
and for emergency_restart/kdump.

-- 
error compiling committee.c: too many arguments to function

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ