search for: cpl3

...ing this to seed the RNG, and not something that > the guest kernel would be using continuously. So what's the problem > with letting the guest ring get random numbers from the host? I object to preventing guest kernels from limiting the privileges of their own userspace. Letting guest CPL3 do this is essentially setting guest policy in the hypervisor, which I dislike if we can avoid it. Admittedly, in this case, control of RNG availability in guest userspace may be a lost cause regardless. --Andy

On Fri, Sep 19, 2014 at 03:06:55PM -0700, Andy Lutomirski wrote: > On Fri, Sep 19, 2014 at 3:05 PM, Theodore Ts'o <tytso at mit.edu> wrote: > > On Fri, Sep 19, 2014 at 09:40:42AM -0700, H. Peter Anvin wrote: > >> > >> There is a huge disadvantage to the fact that CPUID is a user space > >> instruction, though. > > > > But if the goal is to

On Fri, Sep 19, 2014 at 03:06:55PM -0700, Andy Lutomirski wrote: > On Fri, Sep 19, 2014 at 3:05 PM, Theodore Ts'o <tytso at mit.edu> wrote: > > On Fri, Sep 19, 2014 at 09:40:42AM -0700, H. Peter Anvin wrote: > >> > >> There is a huge disadvantage to the fact that CPUID is a user space > >> instruction, though. > > > > But if the goal is to

...level, since if entry to paravirtual mode is successful, the kernel + is no longer allowed to run at the highest hardware privilege level. + On the IA-32 architecture, this means the kernel will be running at + CPL 1-2, and with the hypervisor running at CPL0, and user code at + CPL3. The IOPL will be lowered as well to avoid giving the guest + direct access to hardware ports and control of the interrupt flag. + + This change causes certain IA-32 instructions to become "sensitive", + so additional support for clearing and setting the hardware + interr...

...level, since if entry to paravirtual mode is successful, the kernel + is no longer allowed to run at the highest hardware privilege level. + On the IA-32 architecture, this means the kernel will be running at + CPL 1-2, and with the hypervisor running at CPL0, and user code at + CPL3. The IOPL will be lowered as well to avoid giving the guest + direct access to hardware ports and control of the interrupt flag. + + This change causes certain IA-32 instructions to become "sensitive", + so additional support for clearing and setting the hardware + interr...

...Y CSTS C 7170: 45 56 54 20 00 40 0a 44 49 44 4c 20 44 44 4c 32 EVT . at .DIDL DDL2 7180: 20 44 44 4c 33 20 44 44 4c 34 20 44 44 4c 35 20 DDL3 DDL4 DDL5 7190: 44 44 4c 36 20 44 44 4c 37 20 44 44 4c 38 20 43 DDL6 DDL7 DDL8 C 71a0: 50 44 4c 20 43 50 4c 32 20 43 50 4c 33 20 43 50 PDL CPL2 CPL3 CP 71b0: 4c 34 20 43 50 4c 35 20 43 50 4c 36 20 43 50 4c L4 CPL5 CPL6 CPL 71c0: 37 20 43 50 4c 38 20 43 41 44 4c 20 43 41 4c 32 7 CPL8 CADL CAL2 71d0: 20 43 41 4c 33 20 43 41 4c 34 20 43 41 4c 35 20 CAL3 CAL4 CAL5 71e0: 43 41 4c 36 20 43 41 4c 37 20 43 41 4c 38 20 4e CAL6 CAL7 CAL8 N...