| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20140622190225.GN5714@two.firstfloor.org> Date: Sun, 22 Jun 2014 21:02:25 +0200 From: Andi Kleen <andi@...stfloor.org> To: Avi Kivity <avi.kivity@...il.com> Cc: Andi Kleen <andi@...stfloor.org>, peterz@...radead.org, gleb@...nel.org, pbonzini@...hat.com, eranian@...gle.com, kvm@...r.kernel.org, linux-kernel@...r.kernel.org, Andi Kleen <ak@...ux.intel.com> Subject: Re: [PATCH 4/4] kvm: Implement PEBS virtualization > First, it's not sufficient to pin the debug store area, you also > have to pin the guest page tables that are used to map the debug > store. But even if you do that, as soon as the guest fork()s, it > will create a new pgd which the host will be free to swap out. The > processor can then attempt a PEBS store to an unmapped address which > will fail, even though the guest is configured correctly. That's a good point. You're right of course. The only way I can think around it would be to intercept CR3 writes while PEBS is active and always pin all the table pages leading to the PEBS buffer. That's slow, but should be only needed while PEBS is running. -Andi -- ak@...ux.intel.com -- Speaking for myself only. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists