lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20220823231402.7839-1-chang.seok.bae@intel.com>
Date:   Tue, 23 Aug 2022 16:14:00 -0700
From:   "Chang S. Bae" <chang.seok.bae@...el.com>
To:     kvm@...r.kernel.org, pbonzini@...hat.com
Cc:     linux-kernel@...r.kernel.org, yang.zhong@...el.com,
        chang.seok.bae@...el.com
Subject: [RFC PATCH 0/2] KVM: x86: Add a new attribute to control dynamic XSTATE components

Hi KVM folks,

While documenting the ARCH_{REQ|GET}_XCOMP_GUEST_PERM options [1], I came
to think of this new attribute as it can provide more consistent way of
enabling dynamic features for QEMU/KVM.

== Background ==

The new x86 arch_prctl() options [2] help to support dynamic AMX state
enabling. As the VCPU permission should be separate, additional options are
added for the userspace VMM like QEMU: ARCH_GET_XCOMP_GUEST_PERM and
ARCH_REQ_XCOMP_GUEST_PERM.

== Problem ==

KVM has already established a set of ioctls to control VM attributes. It
has the attribute to expose the KVM-supported XSTATE components [3].
This interface, however, is not necessarily compatible with those
arch_prctl() options. KVM may choose and expose some of the host-supported
features. Then using the host-provided interface may not comply with this
KVM policy.

== Solution ==

The patchset adds a new attribute to control XSTATE permission:
KVM_X86_XCOMP_GUEST_PERM, and it is available through the
KVM_GET_DEVICE_ATTR/KVM_SET_DEVICE_ATTR APIs. The KVM AMX test is updated
to use this. Then QEMU may switch to keep using the KVM API, which is more
consistent.

[1]: https://lore.kernel.org/lkml/ec95b28f-51a1-a9cf-7d72-a3a865797c7d@intel.com/
[2]: https://docs.kernel.org/x86/xstate.html
[3]: https://gitlab.com/qemu-project/qemu/-/blob/master/linux-headers/asm-x86/kvm.h#L456

Chang S. Bae (2):
  KVM: x86: Add a new system attribute for dynamic XSTATE component
  selftests: kvm: Use the KVM API to enable dynamic XSTATE features

 arch/x86/include/asm/fpu/api.h                |  1 +
 arch/x86/include/uapi/asm/kvm.h               |  1 +
 arch/x86/kernel/fpu/xstate.c                  |  6 ++++
 arch/x86/kvm/x86.c                            | 31 +++++++++++++++++++
 tools/arch/x86/include/uapi/asm/kvm.h         |  1 +
 .../selftests/kvm/lib/x86_64/processor.c      | 22 +++++++++----
 6 files changed, 56 insertions(+), 6 deletions(-)


base-commit: 1c23f9e627a7b412978b4e852793c5e3c3efc555
-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ