lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 29 Nov 2017 09:14:11 -0800
From:   Maran Wilson <maran.wilson@...cle.com>
To:     Paolo Bonzini <pbonzini@...hat.com>, boris.ostrovsky@...cle.com,
        jgross@...e.com, tglx@...utronix.de, mingo@...hat.com,
        hpa@...or.com, x86@...nel.org, xen-devel@...ts.xenproject.org,
        linux-kernel@...r.kernel.org, roger.pau@...rix.com,
        rkrcmar@...hat.com, JBeulich@...e.com, andrew.cooper3@...rix.com,
        kvm@...r.kernel.org
Subject: Re: [RFC PATCH] KVM: x86: Allow Qemu/KVM to use PVH entry point

On 11/29/2017 12:59 AM, Paolo Bonzini wrote:
> On 28/11/2017 20:34, Maran Wilson wrote:
>> For certain applications it is desirable to rapidly boot a KVM virtual
>> machine. In cases where legacy hardware and software support within the
>> guest is not needed, Qemu should be able to boot directly into the
>> uncompressed Linux kernel binary without the need to run firmware.
>>
>> There already exists an ABI to allow this for Xen PVH guests and the ABI is
>> supported by Linux and FreeBSD:
>>
>>     https://xenbits.xen.org/docs/unstable/misc/hvmlite.html
>>
>> This PoC patch enables Qemu to use that same entry point for booting KVM
>> guests.
> Nice!  So QEMU would parse the ELF file just like for multiboot, find
> the ELF note, and then prepare an hvmlite boot info struct instead of
> the multiboot one?

Yes, exactly.

> There would then be a new option ROM, very similar
> to multiboot.S.

That is one option. I guess this gets into a discussion about the QEMU 
side of the upcoming patches that would follow ...

I'm currently just initializing the CPU state in QEMU for testing since 
there is such minimal (non Linux specific) setup that is required by the 
ABI.  And (borrowing from the Intel clear container patches) that VM 
setup is only performed when user selects the "nofw" option with the q35 
model. But yeah, if folks think it important to move all such machine 
state initialization out of QEMU and into an option ROM, I can look into 
coding it up that way for the QEMU patches.

Thanks,
-Maran

> Thanks,
>
> Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ