| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aIEmawm9gLflg8zt@google.com>
Date: Wed, 23 Jul 2025 11:14:03 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Zack Rusin <zack.rusin@...adcom.com>
Cc: linux-kernel@...r.kernel.org, Doug Covelli <doug.covelli@...adcom.com>,
Paolo Bonzini <pbonzini@...hat.com>, Jonathan Corbet <corbet@....net>,
Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
"H. Peter Anvin" <hpa@...or.com>, kvm@...r.kernel.org, linux-doc@...r.kernel.org
Subject: Re: [PATCH v2 3/5] KVM: x86: Add support for VMware guest specific hypercalls
On Tue, Apr 22, 2025, Zack Rusin wrote:
> diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig
> index 9e3be87fc82b..f817601924bd 100644
> --- a/arch/x86/kvm/Kconfig
> +++ b/arch/x86/kvm/Kconfig
> @@ -183,11 +183,13 @@ config KVM_VMWARE
> depends on KVM
> default y
> help
> - Provides KVM support for hosting VMware guests. Adds support for
> - VMware legacy backdoor interface: VMware tools and various userspace
> + Provides KVM support for hosting VMware guests. KVM features that can
> + be turned on when this option is enabled include:
> + - VMware legacy backdoor interface: VMware tools and various userspace
> utilities running in VMware guests sometimes utilize specially
> formatted IN, OUT and RDPMC instructions which need to be
> intercepted.
> + - VMware hypercall interface: VMware hypercalls exit to userspace
Eh, I wouldn't bother enumerating the full set of features in the Kconfig. Just
state that it guards VMware emulation, and let the documentation do the heavy
lifting.
> +static inline bool kvm_vmware_hypercall_enabled(struct kvm *kvm)
> +{
> + return false;
> +}
> +
> +static inline int kvm_vmware_hypercall(struct kvm_vcpu *vcpu)
> +{
> + return 0;
> +}
If we do this right, we shouldn't need a stub for kvm_vmware_hypercall(), and
can instead uncondtionally _declare_ kvm_vmware_hypercall(), but only fully
define/implement it CONFIG_KVM_VMWARE=y. The kvm_is_vmware_xxx() stubs will
probably need to be __always_inline, but otherwise things should Just Work.
So long as kvm_is_vmware_hypercall_enabled() can be resolved to a compile-time
constant (of %false), the compiler's dead-code optimization will drop the call
to kvm_vmware_hypercall() before linking. KVM (and the kernel at-large) already
heavily relies on dead-code optimization, e.g. we use this trick for sev.c APIs.
In addition to avoiding a stub, if we screw up, e.g. add an unguarded function
call, the bug will manifest as a link-time error, not a run-time error.
> diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
> index 793d0cf7ae3c..adf1a1449c06 100644
> --- a/include/uapi/linux/kvm.h
> +++ b/include/uapi/linux/kvm.h
> @@ -135,6 +135,27 @@ struct kvm_xen_exit {
> } u;
> };
>
> +struct kvm_vmware_exit {
> +#define KVM_EXIT_VMWARE_HCALL 1
> + __u32 type;
> + __u32 pad1;
> + union {
> + struct {
> + __u32 longmode;
> + __u32 cpl;
> + __u64 rax, rbx, rcx, rdx, rsi, rdi, rbp;
> + __u64 result;
> + struct {
> + __u32 inject;
> + __u32 pad2;
> + __u32 vector;
> + __u32 error_code;
> + __u64 address;
> + } exception;
> + } hcall;
> + };
> +};
Put this in the x86 header, arch/x86/include/uapi/asm/kvm.h. The capability
itself goes in the arch-neutral header so that KVM doesn't have to worry about
collisions between capability numbers, but any arch specific payloads should go
in the arch header(s).
Powered by blists - more mailing lists