similar to: New CPUID/MSR driver; virtualization hooks

On Fri, Sep 19, 2014 at 09:40:07AM -0700, H. Peter Anvin wrote: > On 09/19/2014 09:37 AM, Gleb Natapov wrote: > > > > Linux detects what hypervior it runs on very early > > Not anywhere close to early enough. We're talking for uses like kASLR. > Still to early to do: h = cpuid(HYPERVIOR_SIGNATURE) if (h == KVMKVMKVM) { if (cpuid(kvm_features) &

On Fri, Sep 19, 2014 at 09:40:07AM -0700, H. Peter Anvin wrote: > On 09/19/2014 09:37 AM, Gleb Natapov wrote: > > > > Linux detects what hypervior it runs on very early > > Not anywhere close to early enough. We're talking for uses like kASLR. > Still to early to do: h = cpuid(HYPERVIOR_SIGNATURE) if (h == KVMKVMKVM) { if (cpuid(kvm_features) &

On Fri, Sep 19, 2014 at 10:18:37AM -0700, H. Peter Anvin wrote: > On 09/19/2014 10:15 AM, Gleb Natapov wrote: > > On Fri, Sep 19, 2014 at 10:08:20AM -0700, H. Peter Anvin wrote: > >> On 09/19/2014 09:53 AM, Gleb Natapov wrote: > >>> On Fri, Sep 19, 2014 at 09:40:07AM -0700, H. Peter Anvin wrote: > >>>> On 09/19/2014 09:37 AM, Gleb Natapov wrote: >

On Fri, Sep 19, 2014 at 10:18:37AM -0700, H. Peter Anvin wrote: > On 09/19/2014 10:15 AM, Gleb Natapov wrote: > > On Fri, Sep 19, 2014 at 10:08:20AM -0700, H. Peter Anvin wrote: > >> On 09/19/2014 09:53 AM, Gleb Natapov wrote: > >>> On Fri, Sep 19, 2014 at 09:40:07AM -0700, H. Peter Anvin wrote: > >>>> On 09/19/2014 09:37 AM, Gleb Natapov wrote: >

On Fri, Sep 19, 2014 at 10:08:20AM -0700, H. Peter Anvin wrote: > On 09/19/2014 09:53 AM, Gleb Natapov wrote: > > On Fri, Sep 19, 2014 at 09:40:07AM -0700, H. Peter Anvin wrote: > >> On 09/19/2014 09:37 AM, Gleb Natapov wrote: > >>> > >>> Linux detects what hypervior it runs on very early > >> > >> Not anywhere close to early enough.

On Fri, Sep 19, 2014 at 10:08:20AM -0700, H. Peter Anvin wrote: > On 09/19/2014 09:53 AM, Gleb Natapov wrote: > > On Fri, Sep 19, 2014 at 09:40:07AM -0700, H. Peter Anvin wrote: > >> On 09/19/2014 09:37 AM, Gleb Natapov wrote: > >>> > >>> Linux detects what hypervior it runs on very early > >> > >> Not anywhere close to early enough.

On Fri, Sep 19, 2014 at 11:02:38AM -0700, Andy Lutomirski wrote: > On Fri, Sep 19, 2014 at 10:49 AM, Gleb Natapov <gleb at kernel.org> wrote: > > On Fri, Sep 19, 2014 at 10:18:37AM -0700, H. Peter Anvin wrote: > >> On 09/19/2014 10:15 AM, Gleb Natapov wrote: > >> > On Fri, Sep 19, 2014 at 10:08:20AM -0700, H. Peter Anvin wrote: > >> >> On

On Fri, Sep 19, 2014 at 11:02:38AM -0700, Andy Lutomirski wrote: > On Fri, Sep 19, 2014 at 10:49 AM, Gleb Natapov <gleb at kernel.org> wrote: > > On Fri, Sep 19, 2014 at 10:18:37AM -0700, H. Peter Anvin wrote: > >> On 09/19/2014 10:15 AM, Gleb Natapov wrote: > >> > On Fri, Sep 19, 2014 at 10:08:20AM -0700, H. Peter Anvin wrote: > >> >> On

Hi all- I would like to standardize on a very simple protocol by which a guest OS can obtain an RNG seed early in boot. The main design requirements are: - The interface should be very easy to use. Linux, at least, will want to use it extremely early in boot as part of kernel ASLR. This means that PCI and ACPI will not work. - It should be synchronous. We don't want to delay boot

Hi all- I would like to standardize on a very simple protocol by which a guest OS can obtain an RNG seed early in boot. The main design requirements are: - The interface should be very easy to use. Linux, at least, will want to use it extremely early in boot as part of kernel ASLR. This means that PCI and ACPI will not work. - It should be synchronous. We don't want to delay boot

When CONFIG_PARAVIRT is enabled, the kernel is ignoring exceptions on the {rd,wr}msr instructions. This makes serious issues (either on the guest kernel, or on the host) be silently ignored, and is different from the native MSR code (which does not ignore the exceptions). As paravirt.h already includes linux/bug.h, I don't see what was the original issue preventing BUG_ON from being used.

When CONFIG_PARAVIRT is enabled, the kernel is ignoring exceptions on the {rd,wr}msr instructions. This makes serious issues (either on the guest kernel, or on the host) be silently ignored, and is different from the native MSR code (which does not ignore the exceptions). As paravirt.h already includes linux/bug.h, I don't see what was the original issue preventing BUG_ON from being used.

Defining a standard way of transferring random numbers between the host and the guest is an excellent idea. As the person who writes the RNG code in Windows, I have a few comments: DETECTION: It should be possible to detect this feature through CPUID or similar mechanism. That allows the code that uses this feature to be written without needing the ability to catch CPU exceptions. I could be

Defining a standard way of transferring random numbers between the host and the guest is an excellent idea. As the person who writes the RNG code in Windows, I have a few comments: DETECTION: It should be possible to detect this feature through CPUID or similar mechanism. That allows the code that uses this feature to be written without needing the ability to catch CPU exceptions. I could be

On Thu, Sep 18, 2014 at 03:00:05PM -0700, Andy Lutomirski wrote: > On Thu, Sep 18, 2014 at 2:46 PM, David Hepkin <davidhep at microsoft.com> wrote: > > I suggest we come to consensus on a specific CPUID leaf where an OS needs to look to determine if a hypervisor supports this capability. We could define a new CPUID leaf range at a well-defined location, or we could just use one of

On Thu, Sep 18, 2014 at 03:00:05PM -0700, Andy Lutomirski wrote: > On Thu, Sep 18, 2014 at 2:46 PM, David Hepkin <davidhep at microsoft.com> wrote: > > I suggest we come to consensus on a specific CPUID leaf where an OS needs to look to determine if a hypervisor supports this capability. We could define a new CPUID leaf range at a well-defined location, or we could just use one of

On Fri, Sep 19, 2014 at 1:21 PM, Nadav Amit <nadav.amit at gmail.com> wrote: > > On Sep 19, 2014, at 9:42 PM, Andy Lutomirski <luto at amacapital.net> wrote: > >> On Fri, Sep 19, 2014 at 11:30 AM, Christopher Covington >> <cov at codeaurora.org> wrote: >>> On 09/17/2014 10:50 PM, Andy Lutomirski wrote: >>>> Hi all- >>>>

On Fri, Sep 19, 2014 at 1:21 PM, Nadav Amit <nadav.amit at gmail.com> wrote: > > On Sep 19, 2014, at 9:42 PM, Andy Lutomirski <luto at amacapital.net> wrote: > >> On Fri, Sep 19, 2014 at 11:30 AM, Christopher Covington >> <cov at codeaurora.org> wrote: >>> On 09/17/2014 10:50 PM, Andy Lutomirski wrote: >>>> Hi all- >>>>

On 09/19/2014 05:46 PM, H. Peter Anvin wrote: > On 09/19/2014 01:46 PM, Andy Lutomirski wrote: >>> >>> However, it sounds to me that at least for KVM, it is very easy just to emulate the RDRAND instruction. The hypervisor would report to the guest that RDRAND is supported in CPUID and the emulate the instruction when guest executes it. KVM already traps guest #UD (which would

On 09/19/2014 05:46 PM, H. Peter Anvin wrote: > On 09/19/2014 01:46 PM, Andy Lutomirski wrote: >>> >>> However, it sounds to me that at least for KVM, it is very easy just to emulate the RDRAND instruction. The hypervisor would report to the guest that RDRAND is supported in CPUID and the emulate the instruction when guest executes it. KVM already traps guest #UD (which would