lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 17 Nov 2021 15:04:11 -0800
From:   Sathyanarayanan Kuppuswamy 
        <sathyanarayanan.kuppuswamy@...ux.intel.com>
To:     Borislav Petkov <bp@...en8.de>
Cc:     Dave Hansen <dave.hansen@...el.com>,
        "Kirill A. Shutemov" <kirill@...temov.name>,
        Peter Zijlstra <peterz@...radead.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>,
        Andi Kleen <ak@...ux.intel.com>, x86@...nel.org,
        linux-kernel@...r.kernel.org,
        "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
        Juergen Gross <jgross@...e.com>, Deep Shah <sdeep@...are.com>,
        "VMware, Inc." <pv-drivers@...are.com>
Subject: Re: [PATCH] x86/paravirt: Fix build PARAVIRT_XXL=y without XEN_PV



On 11/17/21 1:09 PM, Borislav Petkov wrote:
> On Wed, Nov 17, 2021 at 12:54:56PM -0800, Sathyanarayanan Kuppuswamy wrote:
>> It is not only for idle case. We also need to support emulation of
>> normal halt case (which is used in cases like reboot or
>> early_fixup_exception(), etc.).
> 
> This is more of that piecemeal feeding of people asking why. Please sit
> down and explain exactly and in detail why you need this. "We need to
> support emulation" is not nearly good enough.
> 
> I don't think any of the people who replied on this thread *actually*
> know *why* PV support is needed.
> 

We need PV support to handle halt() and safe_halt() cases.

HLT instruction is generally used in cases like reboot, idle and
exception fixup handlers. For the idle case, interrupts will be enabled
(using STI) before the HLT instruction (this is also called
safe_halt()).

In TDX guest, to support HLT instruction, it has to be emulated using
a hypercall (aka TDVMCALL).

We have the following three ways to emulate the HLT instruction:

1. Directly substitute TDVMCALLs in places where we require emulation.
2. Use #VE exception handler to emulate it (In TDX guest, executing HLT
    will lead to #VE exception).
3. Emulate it using pv_ops

Since option#1 is not a scalable approach, it can be ignored. Option #2
is also not preferred because, we cannot differentiate between safe
halt and normal halt use cases in the exception handler. This
differentiation is needed to add STI before the hypercall for safe halt 
use case. That leaves us with using pv_ops, which provides separate
methods to emulate safe and normal halt cases.

-- 
Sathyanarayanan Kuppuswamy
Linux Kernel Developer

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ