| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <B0FD5408-E2C1-444C-AFCE-7C622EA75F66@amazon.de>
Date: Wed, 19 Aug 2020 21:46:00 +0000
From: "Graf (AWS), Alexander" <graf@...zon.de>
To: Jim Mattson <jmattson@...gle.com>
CC: Paolo Bonzini <pbonzini@...hat.com>,
Jonathan Corbet <corbet@....net>,
Sean Christopherson <sean.j.christopherson@...el.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Joerg Roedel <joro@...tes.org>,
"Raslan, KarimAllah" <karahmed@...zon.de>,
Aaron Lewis <aaronlewis@...gle.com>,
kvm list <kvm@...r.kernel.org>,
"linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v4 0/3] Allow user space to restrict and augment MSR
emulation
> Am 19.08.2020 um 23:27 schrieb Jim Mattson <jmattson@...gle.com>:
>
>> On Mon, Aug 3, 2020 at 2:14 PM Alexander Graf <graf@...zon.com> wrote:
>>
>> While tying to add support for the MSR_CORE_THREAD_COUNT MSR in KVM,
>> I realized that we were still in a world where user space has no control
>> over what happens with MSR emulation in KVM.
>>
>> That is bad for multiple reasons. In my case, I wanted to emulate the
>> MSR in user space, because it's a CPU specific register that does not
>> exist on older CPUs and that really only contains informational data that
>> is on the package level, so it's a natural fit for user space to provide
>> it.
>>
>> However, it is also bad on a platform compatibility level. Currrently,
>> KVM has no way to expose different MSRs based on the selected target CPU
>> type.
>>
>> This patch set introduces a way for user space to indicate to KVM which
>> MSRs should be handled in kernel space. With that, we can solve part of
>> the platform compatibility story. Or at least we can not handle AMD specific
>> MSRs on an Intel platform and vice versa.
>>
>> In addition, it introduces a way for user space to get into the loop
>> when an MSR access would generate a #GP fault, such as when KVM finds an
>> MSR that is not handled by the in-kernel MSR emulation or when the guest
>> is trying to access reserved registers.
>>
>> In combination with the allow list, the user space trapping allows us
>> to emulate arbitrary MSRs in user space, paving the way for target CPU
>> specific MSR implementations from user space.
>
> This is somewhat misleading. If you don't modify the MSR permission
> bitmaps, as Aaron has done, you cannot emulate *arbitrary* MSRs in
> userspace. You can only emulate MSRs that kvm is going to intercept.
> Moreover, since the set of intercepted MSRs evolves over time, this
> isn't a stable API.
Yeah, I wrote up a patch today to do the passthrough bitmap masking dynamically, partly based on Aaron's patches. I have not verified it yet though and will need to clean up SVM as well. I'll see how far I get with it for the rest of the week.
Special MSRs like EFER also irritate me a bit. We can't really trap on them - most code paths just know they're handled in kernel. Maybe I'll add some sanity checks as well...
Alex
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
Powered by blists - more mailing lists