From: Avi Kivity <avi@redhat.com>
To: Ingo Molnar <mingo@elte.hu>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
"H. Peter Anvin" <hpa@zytor.com>, Pavel Machek <pavel@ucw.cz>,
mingo@redhat.com, linux-kernel@vger.kernel.org,
tglx@linutronix.de, hpa@linux.intel.com, rjw@sisk.pl,
linux-tip-commits@vger.kernel.org
Subject: Re: [tip:x86/setup] x86, setup: "glove box" BIOS calls -- infrastructure
Date: Sun, 12 Apr 2009 21:57:14 +0300 [thread overview]
Message-ID: <49E2398A.3050405@redhat.com> (raw)
In-Reply-To: <20090412163356.GA2392@elte.hu>
Ingo Molnar wrote:
>> Sure, go ahead and wrap them in some kind of "save and restore all
>> registers" wrapping, but nothing fancier than that. It would just
>> be overkill, and likely to break more than it fixes.
>>
>
> Yeah. I only brought up the virtualization thing as a hypothetical:
> "if" corrupting the main OS ever became a widespread problem. Then i
> made the argument that this is unlikely to happen, because Windows
> will be affected by it just as much. (while register state
> corruptions might go unnoticed much more easily, just via the random
> call-environment clobbering of registers by Windows itself.)
>
> The only case where i could see virtualization to be useful is the
> low memory RAM corruption pattern that some people have observed.
>
You could easily check that by checksumming pages (or actually copying
them to high memory) before the call, and verifying after the call.
> The problem with it, it happens on s2ram transitions, and that is
> driven by SMM mainly - which is a hypervisor sitting on top of all
> the other would-be-hypervisors and thus not virtualizable.
>
AMD in fact has a chapter called "Containerizing Platform SMM" or words
to the effect, which describes how to take a running system and drop its
SMM mode into a virtualization container. I made a point of skipping
over those pages with my eyes closed so I can't tell you how incredibly
complex it is.
It's probably even doable on Intel, though much more difficult, due to
Intel not supporting big real mode in a guest, and most SMM code using
it to access memory. You'd end up running most of the code in the
emulator, and performing the transitions by hand.
Of course, the VMM has to be careful not to trigger SMM itself, or much
merriment ensues.
> Which leaves us without a single practical case. So it's not going
> to happen.
>
I don't think the effort is worth the benefit in this case, but there
actually is an interesting use case for this. SMM is known to be
harmful to deterministic replay games and to real time response. If we
can virtualize SMM, we can increase the range of hardware on which the
real time kernel is able to deliver real time guarantees.
--
Do not meddle in the internals of kernels, for they are subtle and quick to panic.
next prev parent reply other threads:[~2009-04-12 18:58 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-04-09 23:06 [PATCH 0/6] x86, setup: "glove box" BIOS interrupts H. Peter Anvin
2009-04-09 23:12 ` [tip:x86/setup] x86, setup: "glove box" BIOS calls -- infrastructure H. Peter Anvin
2009-04-10 8:04 ` Pavel Machek
2009-04-10 10:39 ` Ingo Molnar
2009-04-10 10:46 ` Pavel Machek
2009-04-10 11:25 ` Ingo Molnar
2009-04-10 11:38 ` Pavel Machek
2009-04-10 11:49 ` Ingo Molnar
2009-04-11 16:13 ` Avi Kivity
2009-04-12 5:21 ` H. Peter Anvin
2009-04-12 14:01 ` Ingo Molnar
2009-04-12 14:39 ` Avi Kivity
2009-04-12 14:59 ` Linus Torvalds
2009-04-12 16:33 ` Ingo Molnar
2009-04-12 18:57 ` Avi Kivity [this message]
2009-04-13 4:16 ` Ingo Molnar
2009-04-13 4:24 ` Ingo Molnar
2009-04-13 16:27 ` H. Peter Anvin
2009-04-13 16:57 ` Pavel Machek
2009-04-13 17:00 ` H. Peter Anvin
2009-04-13 18:34 ` Alan Jenkins
2009-04-13 19:08 ` H. Peter Anvin
2009-04-14 0:06 ` Ingo Molnar
2009-04-14 4:42 ` H. Peter Anvin
2009-04-14 9:03 ` Jeremy Fitzhardinge
2009-04-14 15:59 ` H. Peter Anvin
2009-04-13 6:44 ` Avi Kivity
2009-04-12 17:51 ` H. Peter Anvin
2009-04-10 17:17 ` H. Peter Anvin
2009-04-10 17:19 ` H. Peter Anvin
2009-04-09 23:13 ` [tip:x86/setup] x86, setup: "glove box" BIOS interrupts in the core boot code H. Peter Anvin
2009-04-09 23:13 ` [tip:x86/setup] x86, setup: "glove box" BIOS interrupts in the APM code H. Peter Anvin
2009-04-09 23:13 ` [tip:x86/setup] x86, setup: "glove box" BIOS interrupts in the EDD code H. Peter Anvin
2009-04-09 23:13 ` [tip:x86/setup] x86, setup: "glove box" BIOS interrupts in the MCA code H. Peter Anvin
2009-04-09 23:13 ` [tip:x86/setup] x86, setup: "glove box" BIOS interrupts in the video code H. Peter Anvin
2009-04-10 8:05 ` Pavel Machek
2009-04-10 18:05 ` [PATCH 0/6] x86, setup: "glove box" BIOS interrupts Rafael J. Wysocki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49E2398A.3050405@redhat.com \
--to=avi@redhat.com \
--cc=hpa@linux.intel.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=mingo@redhat.com \
--cc=pavel@ucw.cz \
--cc=rjw@sisk.pl \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox