| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <59bcf102-d6e7-361d-abc9-7fe046d246c8@linux.microsoft.com>
Date: Sun, 25 Apr 2021 09:30:39 -0400
From: Vineeth Pillai <viremana@...ux.microsoft.com>
To: Tom Lendacky <thomas.lendacky@....com>,
Lan Tianyu <Tianyu.Lan@...rosoft.com>,
Michael Kelley <mikelley@...rosoft.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Sean Christopherson <seanjc@...gle.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Jim Mattson <jmattson@...gle.com>,
Joerg Roedel <joro@...tes.org>, Wei Liu <wei.liu@...nel.org>,
Stephen Hemminger <sthemmin@...rosoft.com>,
Haiyang Zhang <haiyangz@...rosoft.com>,
viremana@...ux.microsoft.com
Cc: "H. Peter Anvin" <hpa@...or.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
"K. Y. Srinivasan" <kys@...rosoft.com>, x86@...nel.org,
kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-hyperv@...r.kernel.org
Subject: Re: [PATCH v3 4/7] KVM: SVM: hyper-v: Nested enlightenments in VMCB
Hi Tom,
>>
>> +
>> +#if IS_ENABLED(CONFIG_HYPERV)
>> +struct __packed hv_enlightenments {
>> + struct __packed hv_enlightenments_control {
>> + u32 nested_flush_hypercall:1;
>> + u32 msr_bitmap:1;
>> + u32 enlightened_npt_tlb: 1;
>> + u32 reserved:29;
>> + } hv_enlightenments_control;
>> + u32 hv_vp_id;
>> + u64 hv_vm_id;
>> + u64 partition_assist_page;
>> + u64 reserved;
>> +};
>> +#define VMCB_CONTROL_END 992 // 32 bytes for Hyper-V
>> +#else
>> +#define VMCB_CONTROL_END 1024
>> +#endif
>> +
>> struct vmcb {
>> struct vmcb_control_area control;
>> - u8 reserved_control[1024 - sizeof(struct vmcb_control_area)];
>> + u8 reserved_control[VMCB_CONTROL_END - sizeof(struct vmcb_control_area)];
>> +#if IS_ENABLED(CONFIG_HYPERV)
>> + struct hv_enlightenments hv_enlightenments;
>> +#endif
> I believe the 32 bytes at the end of the VMCB control area will be for use
> by any software/hypervisor. The APM update that documents this change,
> along with clean bit 31, isn't public, yet, but should be in a month or so
> (from what I was told).
>
> So these fields should be added generically and then your code should make
> use of the generic field mapped with your structure.
>
> To my knowledge (until the APM is public and documents everything), I
> believe the following will be in place:
>
> VMCB offset 0x3e0 - 0x3ff is reserved for software
> Clean bit 31 is reserved for software
> SVM intercept exit code 0xf0000000 is reserved for software
Thanks for the details. I shall modify the code to accommodate this.
>
> +#if IS_ENABLED(CONFIG_HYPERV)
> + if (hypervisor_is_type(X86_HYPER_MS_HYPERV))
> + vmcb_all_clean_mask |= BIT(VMCB_HV_NESTED_ENLIGHTENMENTS);
> +#endif
> +
> Is there any way to hide all the #if's in this and the other patches so
> that the .c files are littered with the #if IS_ENABLED() lines. Put them
> in svm.h or a new svm-hv.h file?
Will do.
>
>> */
>> VMCB_DIRTY_MAX,
>> +#if IS_ENABLED(CONFIG_HYPERV)
>> + VMCB_HV_NESTED_ENLIGHTENMENTS = 31,
>> +#endif
> Again, this should be generic.
Will do.
Thanks,
Vineeth
Powered by blists - more mailing lists