lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 28 Feb 2018 22:39:34 +0100
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     Maran Wilson <maran.wilson@...cle.com>, jgross@...e.com,
        boris.ostrovsky@...cle.com, roger.pau@...rix.com,
        andrew.cooper3@...rix.com, hch@...radead.org, JBeulich@...e.com,
        x86@...nel.org, xen-devel@...ts.xenproject.org,
        linux-kernel@...r.kernel.org, kvm@...r.kernel.org
Cc:     tglx@...utronix.de, mingo@...hat.com, hpa@...or.com,
        rkrcmar@...hat.com, jpoimboe@...hat.com, bp@...e.de,
        kirill.shutemov@...ux.intel.com, thomas.lendacky@....com,
        luto@...nel.org, dave.hansen@...ux.intel.com, davem@...emloft.net,
        gregkh@...uxfoundation.org, mchehab@...nel.org,
        linus.walleij@...aro.org, rdunlap@...radead.org
Subject: Re: [RFC PATCH v4 0/7] KVM: x86: Allow Qemu/KVM to use PVH entry
 point

On 28/02/2018 19:27, Maran Wilson wrote:
> Sorry for the delay between this version and the last -- it was mostly
> due to holidays and everyone being focused on security bug mitigation
> issues. Here are the links to the previous email threads in case it is
> helpful:
> 
> V3: https://lkml.org/lkml/2017/12/12/1230
> V2: https://lkml.org/lkml/2017/12/7/1624
> V1: https://lkml.org/lkml/2017/11/28/1280
> 
> Changes from v3:
> 
>  * Implemented Juergen's suggestion for refactoring and moving the PVH
>    code so that CONFIG_XEN is no longer required for booting KVM guests
>    via the PVH entry point.
>    Functionally, nothing has changed from V3 really, but the patches
>    look completely different now because of all the code movement and
>    refactoring. Some of these patches can be combined, but I've left
>    them very small in some cases to make the refactoring and code
>    movement easier to review.
>    My approach for refactoring has been to create a PVH entry layer that
>    still has understanding and knowledge about Xen vs non-Xen guest types
>    so that it can make run time decisions to handle either case, as
>    opposed to going all the way and re-writing it to be a completely
>    hypervisor agnostic and architecturally pure layer that is separate
>    from guest type details. The latter seemed a bit overkill in this
>    situation. And I've handled the complexity of having to support
>    Qemu/KVM boot of kernels compiled with or without CONFIG_XEN via a
>    pair of xen specific __weak routines that can be overridden in kernels
>    that support Xen guests. Importantly, the __weak routines are for
>    xen specific code only (not generic "guest type" specific code) so
>    there is no clashing between xen version of the strong routine and,
>    say, a KVM version of the same routine. But I'm sure there are many
>    ways to skin this cat, so I'm open to alternate suggestions if there
>    is a compelling reason for not using __weak in this situation.

As you say there are many ways to achieve this and I think your choice
is fully reasonable (the other alternative that comes to mind is a "Xen
detect" function that returns a struct of function pointers).

Apart from the placement of the files, it looks great.  Thanks!

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ