From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1MJWl2-0004gv-Ug for qemu-devel@nongnu.org; Wed, 24 Jun 2009 13:59:40 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1MJWky-0004Za-5Y for qemu-devel@nongnu.org; Wed, 24 Jun 2009 13:59:40 -0400 Received: from [199.232.76.173] (port=35844 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1MJWkx-0004ZB-S1 for qemu-devel@nongnu.org; Wed, 24 Jun 2009 13:59:35 -0400 Received: from mail-ew0-f211.google.com ([209.85.219.211]:34041) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1MJWkw-0004t8-Vl for qemu-devel@nongnu.org; Wed, 24 Jun 2009 13:59:35 -0400 Received: by ewy7 with SMTP id 7so1337949ewy.34 for ; Wed, 24 Jun 2009 10:59:33 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: <4A426665.1030506@redhat.com> References: <1245707277-769-1-git-send-email-andre.przywara@amd.com> <4A41F7EC.2000305@redhat.com> <5b31733c0906241037t54706611w19eeb2f27f8e63f3@mail.gmail.com> <4A426665.1030506@redhat.com> Date: Wed, 24 Jun 2009 19:59:33 +0200 Message-ID: <5b31733c0906241059j43c1f355r9af4ae8d4d270bc0@mail.gmail.com> Subject: Re: [Qemu-devel] Re: [PATCH 2/2] introduce -cpu host target From: Filip Navara Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Avi Kivity Cc: Andre Przywara , aliguori@us.ibm.com, qemu-devel@nongnu.org, kvm@vger.kernel.org On Wed, Jun 24, 2009 at 7:46 PM, Avi Kivity wrote: > On 06/24/2009 08:37 PM, Filip Navara wrote: >> >> On Wed, Jun 24, 2009 at 11:54 AM, Avi Kivity =A0wrote: >> >>> >>> On 06/23/2009 12:47 AM, Andre Przywara wrote: >>> >>>> >>>> Should we ignore unhandled MSRs like QEMU or Xen do? >>>> >>>> >>> >>> Ignoring unhandled msrs is dangerous. =A0If a write has some effect the >>> guest >>> depends on, and we're not emulating that effect, the guest will fail. >>> =A0Similarly if you don't know what a register mean, who knows what >>> returning >>> zero for a read will do. >>> >> >> It is definitely a bad idea to ignore unknown MSRs. Kernel patch >> protection scheme used by certain operating system depend on them to >> work properly and it's pretty hard to debug when you don't know what >> failed (the MSR read in this case). >> >> http://www.uninformed.org/?v=3D3&a=3D3 >> http://www.uninformed.org/?v=3D6&a=3D1 >> http://www.uninformed.org/?v=3D8&a=3D5 >> http://en.wikipedia.org/wiki/Kernel_Patch_Protection >> >> > > Which unknown msrs are used by kernel patch protection? It's a moving target. At the time I first got Win64 running on QEMU it was the one for getting number of implemented virtual address bits (0x80000008 iirc) and some other for getting cache sizes (0x80000005/0x80000006 iirc). Both of them were documented in AMD manuals and not implemented by QEMU. Also the higher bits of virtual addresses must be treated as sign-extended (as per the information in the 0x80000008 MSR) even though there are actually bits stored in the address. Me and Alex Ionescu have spent considerable time by reversing the PatchGuard v1 and that information is described in more detail in the first link above. I haven't looked at PatchGuard v2/v3 yet. Best regards, Filip Navara