From mboxrd@z Thu Jan  1 00:00:00 1970
From: Rusty Russell <rusty-8n+1lVoiYb80n/F98K4Iww@public.gmane.org>
Subject: Re: [PATCH 2/2] kvm: pr_guest: don't let guest
	invoke	printk() on host
Date: Tue, 24 Jul 2007 20:48:34 +1000
Message-ID: <1185274114.1803.309.camel@localhost.localdomain>
References: <1185259677.1803.239.camel@localhost.localdomain>
	<1185260620.1803.245.camel@localhost.localdomain>
	<46A5D215.5030301@qumranet.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Cc: kvm-devel <kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>
To: Avi Kivity <avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
Return-path: <kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>
In-Reply-To: <46A5D215.5030301-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/kvm-devel>,
	<mailto:kvm-devel-request-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=kvm-devel>
List-Post: <mailto:kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>
List-Help: <mailto:kvm-devel-request-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/kvm-devel>,
	<mailto:kvm-devel-request-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org?subject=subscribe>
Sender: kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Errors-To: kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
List-Id: kvm.vger.kernel.org

On Tue, 2007-07-24 at 13:19 +0300, Avi Kivity wrote:
> Rusty Russell wrote:
> > diff -r 3f158ee9df43 drivers/kvm/kvm_main.c
> > --- a/drivers/kvm/kvm_main.c	Tue Jul 24 16:22:39 2007 +1000
> > +++ b/drivers/kvm/kvm_main.c	Tue Jul 24 16:28:33 2007 +1000
> > @@ -425,8 +425,8 @@ inject_gp(struct kvm_vcpu *vcpu, const c
> >  	va_list args;
> >  
> >  	va_start(args, why_fmt);
> > -	printk(KERN_DEBUG "kvm: #GP ");
> > -	vprintk(why_fmt, args);
> > +	if (pr_guest(vcpu, "#GP "))
> > +		vprintk(why_fmt, args);
> >  	va_end(args);
> >  	kvm_arch_ops->inject_gp(vcpu, 0);
> >  }
> >   
> 
> Why go through this optimization?  If it happens frequently, we can just 
> remove the printk().  The printk()s are mostly on not-expected-to-happen 
> exceptions, and should just be removed if guests do exercise them.

It's not an optimization, just being thorough.  It raises it to
KERN_WARN and makes it a common format.  Importantly there should be no
unlimited printks which can be triggered by the guest.

KVM *will* be used to run malicious guests.  That's going to be hard to
lock down later, so I figure we should start now.

Thanks,
Rusty.


-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/