lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <95B06D42-EFDF-4750-AD03-98D6C78378D5@oracle.com>
Date:   Tue, 27 Mar 2018 12:05:25 +0300
From:   Nikita Leshenko <nikita.leshchenko@...cle.com>
To:     Liran Alon <liran.alon@...cle.com>
Cc:     pbonzini@...hat.com, kernellwp@...il.com, rkrcmar@...hat.com,
        andrew.cooper3@...rix.com, linux-kernel@...r.kernel.org,
        kvm@...r.kernel.org
Subject: Re: [PATCH 2/2] KVM: VMX: Add Force Emulation Prefix for "emulate the
 next instruction"

What you are essentially trying to do is create a PV interface to access
the x86 emulator.
Why not use a simple hypercall (VMCALL) to accomplish this instead of
inventing yet another PV method?

Something like “KVM_HC_EMULATE_NEXT_INSTRUCTION” in kvm_emulate_hypercall
should do the trick (however it needs to be placed before the check for
CPL>0 so that user mode code can test the emulator too).

Nikita

> On 27 Mar 2018, at 11:26, Liran Alon <liran.alon@...cle.com> wrote:
> 
> 
> ----- pbonzini@...hat.com wrote:
> 
>> On 27/03/2018 09:52, Liran Alon wrote:
>>> In addition, I think this module parameter should be in kvm module
>>> (not kvm_intel) and you should add similar logic to kvm_amd module
>> (SVM)
>> 
>> If you can move handle_ud to x86.c, then it makes sense to have the
>> module parameter in the kvm module.  I haven't checked.
> 
> I don't see a reason why you couldn't do that.
> 
>> 
>> Otherwise you would have to EXPORT_SYMBOL_GPL the variable; in the
> 
> This is what I did for enable_vmware_backdoor module parameter.
> I think this is what should be done in this case as-well.
> 
>> end
>> it's just a debugging tool, so it'd be simpler to just add it
>> separately
>> to kvm_intel and kvm_amd.
> 
> I agree it's just a debugging tool. But no reason for it to be used differently
> when running tests on Intel CPU vs. AMD CPU.
> I think the effort to fix this is low.
> 
>> 
>> Paolo
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ