lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <6a839b88-392d-886d-836d-ca04cf700dce@intel.com>
Date:   Fri, 25 Feb 2022 23:12:12 +0800
From:   Xiaoyao Li <xiaoyao.li@...el.com>
To:     Jim Mattson <jmattson@...gle.com>,
        Chenyi Qiang <chenyi.qiang@...el.com>
Cc:     Paolo Bonzini <pbonzini@...hat.com>,
        Sean Christopherson <seanjc@...gle.com>,
        Vitaly Kuznetsov <vkuznets@...hat.com>,
        Wanpeng Li <wanpengli@...cent.com>,
        Joerg Roedel <joro@...tes.org>, kvm@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3] KVM: VMX: Enable Notify VM exit

On 2/25/2022 11:04 PM, Xiaoyao Li wrote:
> On 2/25/2022 10:54 PM, Jim Mattson wrote:
>> On Tue, Feb 22, 2022 at 10:19 PM Chenyi Qiang <chenyi.qiang@...el.com> 
>> wrote:
>>> Nested handling
>>> - Nested notify VM exits are not supported yet. Keep the same notify
>>>    window control in vmcs02 as vmcs01, so that L1 can't escape the
>>>    restriction of notify VM exits through launching L2 VM.
>>> - When L2 VM is context invalid, synthesize a nested
>>>    EXIT_REASON_TRIPLE_FAULT to L1 so that L1 won't be killed due to L2's
>>>    VM_CONTEXT_INVALID happens.
>>
>> I don't like the idea of making things up without notifying userspace
>> that this is fictional. How is my customer running nested VMs supposed
>> to know that L2 didn't actually shutdown, but L0 killed it because the
>> notify window was exceeded? If this information isn't reported to
>> userspace, I have no way of getting the information to the customer.
> 
> Then, maybe a dedicated software define VM exit for it instead of 
> reusing triple fault?
> 

Second thought, we can even just return Notify VM exit to L1 to tell L2 
causes Notify VM exit, even thought Notify VM exit is not exposed to L1.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ