lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ded8db53-0e58-654a-fff2-de536bcbc961@amazon.com>
Date:   Fri, 23 Apr 2021 11:58:13 +0200
From:   Alexander Graf <graf@...zon.com>
To:     Paolo Bonzini <pbonzini@...hat.com>,
        Siddharth Chandrasekaran <sidcha@...zon.de>,
        Sean Christopherson <seanjc@...gle.com>,
        Vitaly Kuznetsov <vkuznets@...hat.com>,
        Wanpeng Li <wanpengli@...cent.com>,
        Jim Mattson <jmattson@...gle.com>,
        Joerg Roedel <joro@...tes.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        <x86@...nel.org>, "H. Peter Anvin" <hpa@...or.com>
CC:     Evgeny Iakovlev <eyakovl@...zon.de>, Liran Alon <liran@...zon.com>,
        Ioannis Aslanidis <iaslan@...zon.de>, <kvm@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] KVM: hyper-v: Add new exit reason HYPERV_OVERLAY



On 23.04.21 11:50, Paolo Bonzini wrote:
> CAUTION: This email originated from outside of the organization. Do not 
> click links or open attachments unless you can confirm the sender and 
> know thecontent is safe.
> 
> 
> 
> On 23/04/21 11:24, Alexander Graf wrote:
>> I can see how that may get interesting for other overlay pages later,
>> but this one in particular is just an MSR write, no? Is there any reason
>> we can't just use the user space MSR handling logic instead?
>>
>> What's missing then is a way to pull the hcall page contents from KVM.
>> But even there I'm not convinced that KVM should be the reference point
>> for its contents. Isn't user space in an as good position to assemble it?
> 
> In theory userspace doesn't know how KVM wishes to implement the
> hypercall page, especially if Xen hypercalls are enabled as well.

I'm not sure I agree with that sentiment :). User space is the one that 
sets the xen compat mode. All we need to do is declare the ORing as part 
of the KVM ABI. Which we effectively are doing already, because it's 
part of the ABI to the guest, no?

> 
> But userspace has two plausible ways to get the page contents:
> 
> 1) add a ioctl to write the hypercall page contents to an arbitrary
> userspace address
> 
> 2) after userspace updates the memslots to add the overlay page at the
> right place, use KVM_SET_MSR from userspace (which won't be filtered
> because it's host initiated)
> 
> The second has the advantage of not needing any new code at all, but
> it's a bit more ugly.

The more of all of that hyper-v code we can have live in user space, the 
happier I am :).


Alex



Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ