lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8cbd81d6-4ab8-9d2a-5162-8782201cd13d@arm.com>
Date:   Thu, 24 Oct 2019 11:58:50 +0100
From:   James Morse <james.morse@....com>
To:     Shannon Zhao <shannon.zhao@...ux.alibaba.com>
Cc:     kvmarm@...ts.cs.columbia.edu, maz@...nel.org,
        suzuki.poulose@....com, christoffer.dall@....com,
        linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH RFC 0/7] Support KVM being compiled as a kernel module on
 arm64

Hi Shannon,

On 24/10/2019 11:27, Shannon Zhao wrote:
> Curently KVM ARM64 doesn't support to compile as a kernel module. It's
> useful to compile KVM as a module.

> For example, it could reload kvm without rebooting host machine.

What problem does this solve?

KVM has some funny requirements that aren't normal for a module. On v8.0 hardware it must
have an idmap. Modules don't usually expect their code to be physically contiguous, but
KVM does. KVM influences they way some of the irqchip stuff is set up during early boot
(EOI mode ... not that I understand it).

(I think KVM-as-a-module on x86 is an artifact of how it was developed)


> This patchset support this feature while there are some limitations
> to be solved. But I just send it out as RFC to get more suggestion and
> comments.

> Curently it only supports for VHE system due to the hyp code section
> address variables like __hyp_text_start.

We still need to support !VHE systems, and we need to do it with a single image.


> Also it can't call
> kvm_update_va_mask when loading kvm module and kernel panic with below
> errors. So I make kern_hyp_va into a nop funtion.

Making this work for the single-Image on v8.0 is going to be a tremendous amount of work.
What is the payoff?


Thanks,

James

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ