lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 30 Oct 2018 10:13:21 +0000
From:   "Kang, Luwei" <luwei.kang@...el.com>
To:     Paolo Bonzini <pbonzini@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>
CC:     Jim Mattson <jmattson@...gle.com>, kvm list <kvm@...r.kernel.org>,
        "the arch/x86 maintainers" <x86@...nel.org>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H . Peter Anvin" <hpa@...or.com>,
        Radim Krčmář <rkrcmar@...hat.com>,
        Joerg Roedel <joro@...tes.org>,
        "songliubraving@...com" <songliubraving@...com>,
        "Peter Zijlstra" <peterz@...radead.org>,
        "alexander.shishkin@...ux.intel.com" 
        <alexander.shishkin@...ux.intel.com>,
        "kstewart@...uxfoundation.org" <kstewart@...uxfoundation.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Tom Lendacky <thomas.lendacky@....com>,
        Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
        "mattst88@...il.com" <mattst88@...il.com>,
        Janakarajan Natarajan <Janakarajan.Natarajan@....com>,
        David Woodhouse <dwmw@...zon.co.uk>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Marc Orr <marcorr@...gle.com>, Uros Bizjak <ubizjak@...il.com>,
        "Christopherson, Sean J" <sean.j.christopherson@...el.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Chao Peng <chao.p.peng@...ux.intel.com>
Subject: RE: [PATCH v13 06/12] KVM: x86: Add Intel PT virtualization work
 mode

> >> This part is in the " Intel® Architecture Instruction Set Extensions and Future Features Programming Reference"
> >> https://software.intel.com/sites/default/files/managed/c5/15/architec
> >> ture-instruction-set-extensions-programming-reference.pdf
> >>
> > Yet another PDF which will change it's location sooner than later. Can
> > you please stick that into the kernel.org bugzilla and reference the
> > BZ in the change log, so we have something for posterity?
> 
> Hopefully posterity will be able to read it in the SDM.  But I agree it's a good idea to add it in the commit log.  Let's also wait for Alexander
> to clarify what he thinks needs to be done.

I will create a new bug for this feature in Bugzilla, please help confirm if can like this first (it my first time to create bug in kernel.org :) )

Product: Virtualization
Component: KVM
Severity: normal   (option: high, normal, low, enhancement)
Hardware: i386
Kernel Version:  4.19
Summary: Intel Processor Trace enabling in KVM
Description: 
Intel Processor Trace (Intel PT) is an extension of Intel Architecture that captures information about software execution using dedicated hardware facilities that cause only minimal performance perturbation to the software being traced. Details on the Intel PT infrastructure and trace capabilities can be found in the Intel 64 and IA-32 Architectures Software Developer    ’s Manual, Volume 3C.

The suite of architecture changes serve to simplify the process of virtualizing Intel PT for use by a guest software. There are two primary elements to this new architecture support for VMX support improvements made for Intel PT.
1. Addition of a new guest IA32_RTIT_CTL value field to the VMCS.
  — This serves to speed and simplify the process of disabling trace on VM exit, and restoring it on VM entry.
2. Enabling use of EPT to redirect PT output.
  — This enables the VMM to elect to virtualize the PT output buffer using EPT. In this mode, the CPU will treat PT output addresses as Guest Physical Addresses (GPAs) and translate them using EPT. This means that Intel PT output reads (of the ToPA table) and writes (of trace output) can cause EPT violations, and other output events.

Intel Processor Trace virtualization can be work in one of 2 possible modes by set new option "pt_mode". Default is System-Wide mode.
a. System-Wide mode (default):
   When the host configures Intel PT to collect trace packets of the entire system, it can leave the relevant VMX controls
   clear to allow VMX-specific packets to provide information across VMX transitions.
   KVM guest will not aware this feature in this mode and both host and KVM guest trace will output to host buffer.

b. Host-Guest mode:
   Host can configure trace-packet generation while in VMX non-root operation for guests and root operation
   for native executing normally.
   Intel PT will be exposed to KVM guest in this mode, and the trace output to respective buffer of host and guest.
   In this mode, the status of PT will be saved and disabled before VM-entry and restored after VM-exit if trace a virtual machine.

Attachment: < the PDF file >

Thanks,
Luwei Kang

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ