From: Alexander Shishkin <alexander.shishkin@linux.intel.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
Luwei Kang <luwei.kang@intel.com>,
kvm@vger.kernel.org, x86@kernel.org
Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
hpa@zytor.com, rkrcmar@redhat.com, joro@8bytes.org,
songliubraving@fb.com, peterz@infradead.org,
kstewart@linuxfoundation.org, gregkh@linuxfoundation.org,
thomas.lendacky@amd.com, konrad.wilk@oracle.com,
mattst88@gmail.com, Janakarajan.Natarajan@amd.com,
dwmw@amazon.co.uk, jpoimboe@redhat.com, marcorr@google.com,
ubizjak@gmail.com, sean.j.christopherson@intel.com,
jmattson@google.com, linux-kernel@vger.kernel.org,
Chao Peng <chao.p.peng@linux.intel.com>
Subject: Re: [PATCH v13 08/12] KVM: x86: Add Intel PT context switch for each vcpu
Date: Wed, 31 Oct 2018 16:21:58 +0200 [thread overview]
Message-ID: <87lg6e5h89.fsf@ashishki-desk.ger.corp.intel.com> (raw)
In-Reply-To: <2cb38ceb-9c86-4174-0b2b-9f070eb0df48@redhat.com>
Paolo Bonzini <pbonzini@redhat.com> writes:
> On 31/10/2018 12:38, Alexander Shishkin wrote:
>>> There is no standard way to tell the guest that the host overrode its
>>> choice to use PT. However, the host will get a PGD/PGE packet around
>>> vmentry and vmexit, so there _will_ be an indication that the guest
>>> owned the MSRs for that period of time.
>>
>> Not if they are not tracing the kernel.
>
> If they are not tracing the kernel why should they be tracing the guest
> at all?
To trace the guest userspace, perhaps?
>>> If PT context switching is enabled with the module parameter, we could
>>> also reject creation of events with the attribute set. However that
>>> won't help if the event is created before KVM is even loaded.
>>
>> In that case, modprobe kvm should fail.
>
> Does that mean that an unprivileged user can effectively DoS
> virtualization for everyone on the machine? (Honest question).
Would the leave-PT-to-the-host still be allowed? Would ignoring the
module parameter in that case and falling back to this mode still be
fine?
I'm not really the one to brainstorm solutions here. There are
possibilities of solving this, and the current patchset does not even
begin to acknowledge the existence of the problem, which is what my ACK
depends on.
Regards,
--
Alex
next prev parent reply other threads:[~2018-10-31 14:21 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-24 8:05 [PATCH v13 00/12] Intel Processor Trace virtualization enabling Luwei Kang
2018-10-24 8:05 ` [PATCH v13 01/12] perf/x86/intel/pt: Move Intel PT MSRs bit defines to global header Luwei Kang
2018-10-24 8:05 ` [PATCH v13 02/12] perf/x86/intel/pt: Export pt_cap_get() Luwei Kang
2018-10-24 8:05 ` [PATCH v13 03/12] perf/x86/intel/pt: Introduce intel_pt_validate_cap() Luwei Kang
2018-10-24 8:05 ` [PATCH v13 04/12] perf/x86/intel/pt: Add new bit definitions for PT MSRs Luwei Kang
2018-10-24 8:05 ` [PATCH v13 05/12] perf/x86/intel/pt: add new capability for Intel PT Luwei Kang
2018-10-30 9:57 ` Thomas Gleixner
2018-10-24 8:05 ` [PATCH v13 06/12] KVM: x86: Add Intel PT virtualization work mode Luwei Kang
2018-10-24 16:18 ` Jim Mattson
2018-10-25 0:35 ` Kang, Luwei
2018-10-30 9:30 ` Thomas Gleixner
2018-10-30 9:49 ` Paolo Bonzini
2018-10-30 10:13 ` Kang, Luwei
2018-10-30 10:23 ` Thomas Gleixner
2018-10-31 0:36 ` Kang, Luwei
2018-10-24 8:05 ` [PATCH v13 07/12] KVM: x86: Add Intel Processor Trace cpuid emulation Luwei Kang
2018-10-24 8:05 ` [PATCH v13 08/12] KVM: x86: Add Intel PT context switch for each vcpu Luwei Kang
2018-10-24 10:13 ` Alexander Shishkin
2018-10-25 0:06 ` Kang, Luwei
2018-10-29 17:48 ` Paolo Bonzini
2018-10-30 10:00 ` Thomas Gleixner
2018-10-31 10:43 ` Paolo Bonzini
2018-10-31 11:46 ` Alexander Shishkin
2018-10-30 11:26 ` Alexander Shishkin
2018-10-31 10:49 ` Paolo Bonzini
2018-10-31 11:38 ` Alexander Shishkin
2018-10-31 12:07 ` Paolo Bonzini
2018-10-31 14:21 ` Alexander Shishkin [this message]
2018-10-31 14:43 ` Paolo Bonzini
2018-10-24 8:05 ` [PATCH v13 09/12] KVM: x86: Introduce a function to initialize the PT configuration Luwei Kang
2018-10-24 8:05 ` [PATCH v13 10/12] KVM: x86: Implement Intel PT MSRs read/write emulation Luwei Kang
2018-10-24 8:05 ` [PATCH v13 11/12] KVM: x86: Set intercept for Intel PT MSRs read/write Luwei Kang
2018-10-24 8:05 ` [PATCH v13 12/12] KVM: x86: Disable Intel PT when VMXON in L1 guest Luwei Kang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87lg6e5h89.fsf@ashishki-desk.ger.corp.intel.com \
--to=alexander.shishkin@linux.intel.com \
--cc=Janakarajan.Natarajan@amd.com \
--cc=bp@alien8.de \
--cc=chao.p.peng@linux.intel.com \
--cc=dwmw@amazon.co.uk \
--cc=gregkh@linuxfoundation.org \
--cc=hpa@zytor.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=jpoimboe@redhat.com \
--cc=konrad.wilk@oracle.com \
--cc=kstewart@linuxfoundation.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luwei.kang@intel.com \
--cc=marcorr@google.com \
--cc=mattst88@gmail.com \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rkrcmar@redhat.com \
--cc=sean.j.christopherson@intel.com \
--cc=songliubraving@fb.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=ubizjak@gmail.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox