lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <213887af-78b8-03ad-b3f9-c2194cb27b13@redhat.com>
Date:   Fri, 23 Apr 2021 11:50:06 +0200
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     Alexander Graf <graf@...zon.com>,
        Siddharth Chandrasekaran <sidcha@...zon.de>,
        Sean Christopherson <seanjc@...gle.com>,
        Vitaly Kuznetsov <vkuznets@...hat.com>,
        Wanpeng Li <wanpengli@...cent.com>,
        Jim Mattson <jmattson@...gle.com>,
        Joerg Roedel <joro@...tes.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        x86@...nel.org, "H. Peter Anvin" <hpa@...or.com>
Cc:     Evgeny Iakovlev <eyakovl@...zon.de>, Liran Alon <liran@...zon.com>,
        Ioannis Aslanidis <iaslan@...zon.de>, kvm@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] KVM: hyper-v: Add new exit reason HYPERV_OVERLAY

On 23/04/21 11:24, Alexander Graf wrote:
> I can see how that may get interesting for other overlay pages later, 
> but this one in particular is just an MSR write, no? Is there any reason 
> we can't just use the user space MSR handling logic instead?
> 
> What's missing then is a way to pull the hcall page contents from KVM. 
> But even there I'm not convinced that KVM should be the reference point 
> for its contents. Isn't user space in an as good position to assemble it?

In theory userspace doesn't know how KVM wishes to implement the 
hypercall page, especially if Xen hypercalls are enabled as well.

But userspace has two plausible ways to get the page contents:

1) add a ioctl to write the hypercall page contents to an arbitrary 
userspace address

2) after userspace updates the memslots to add the overlay page at the 
right place, use KVM_SET_MSR from userspace (which won't be filtered 
because it's host initiated)

The second has the advantage of not needing any new code at all, but 
it's a bit more ugly.

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ