Ring privilege of host linux kernel

Ring privilege of host linux kernel

[lim4]

As we have known, in KVM full virtualization, guest VM is running in 
non-root mode and KVM is running in root mode. While, in non-root mode, 
guest kernel is running in Ring 0 and Apps are running in Ring 3.  
However, what about the ring privilege for host linux?

In my knowledge, host linux is not controlled by VMX instructions and 
VMCS/VMCB. therefore, host linux should be running in root mode. Before 
we install KVM, host linux just run in Ring 0 (at that time, there is no 
root mode or non-root mode because VMX is not active). Hence, after we 
install KVM module, host linux kernel should be still in Ring 0 of root 
mode and Apps in host should run in Ring 3 of root mode. Is KVM running 
in higher privileged mode like Ring -1 of root mode or also running in 
Ring 0 of root mode?

Maybe my thoughts about KVM privilege ring is not correct. :-) Please 
give me some comments and I will really appreciate for your help.

Thank you,

Best Regards,

Min Li

Re: Ring privilege of host linux kernel

[Gleb Natapov]

On Thu, Mar 07, 2013 at 10:56:34PM -0500, lim4@mymail.vcu.edu wrote:
> As we have known, in KVM full virtualization, guest VM is running in
> non-root mode and KVM is running in root mode. While, in non-root
> mode, guest kernel is running in Ring 0 and Apps are running in Ring
> 3.  However, what about the ring privilege for host linux?
> 
> In my knowledge, host linux is not controlled by VMX instructions
> and VMCS/VMCB. therefore, host linux should be running in root mode.
> Before we install KVM, host linux just run in Ring 0 (at that time,
> there is no root mode or non-root mode because VMX is not active).
> Hence, after we install KVM module, host linux kernel should be
> still in Ring 0 of root mode and Apps in host should run in Ring 3
> of root mode. Is KVM running in higher privileged mode like Ring -1
> of root mode or also running in Ring 0 of root mode?
> 
KVM and the Linux kernel are running in Ring 0 in root mode.

--
			Gleb.

Re: Ring privilege of host linux kernel

[Min Li]

On 03/08/2013 06:42 AM, Gleb Natapov wrote:
> On Thu, Mar 07, 2013 at 10:56:34PM -0500, lim4@mymail.vcu.edu wrote:
>> As we have known, in KVM full virtualization, guest VM is running in
>> non-root mode and KVM is running in root mode. While, in non-root
>> mode, guest kernel is running in Ring 0 and Apps are running in Ring
>> 3.  However, what about the ring privilege for host linux?
>>
>> In my knowledge, host linux is not controlled by VMX instructions
>> and VMCS/VMCB. therefore, host linux should be running in root mode.
>> Before we install KVM, host linux just run in Ring 0 (at that time,
>> there is no root mode or non-root mode because VMX is not active).
>> Hence, after we install KVM module, host linux kernel should be
>> still in Ring 0 of root mode and Apps in host should run in Ring 3
>> of root mode. Is KVM running in higher privileged mode like Ring -1
>> of root mode or also running in Ring 0 of root mode?
>>
> KVM and the Linux kernel are running in Ring 0 in root mode.
>
> --
> 			Gleb.
Hi, Gleb
      Really appreciate for your answer because this question has 
confused me for several days.

Best,

Min