From: "Nakajima, Jun" <jun.nakajima@intel.com>
To: Andy Lutomirski <luto@amacapital.net>
Cc: Mathew John <mathewj@microsoft.com>,
Theodore Ts'o <tytso@mit.edu>,
John Starks <John.Starks@microsoft.com>,
kvm list <kvm@vger.kernel.org>, Gleb Natapov <gleb@kernel.org>,
Niels Ferguson <niels@microsoft.com>,
Linux Virtualization <virtualization@lists.linux-foundation.org>,
David Hepkin <davidhep@microsoft.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Jake Oshins <jakeo@microsoft.com>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: Standardizing an MSR or other hypercall to get an RNG seed?
Date: Fri, 19 Sep 2014 09:14:56 -0700 [thread overview]
Message-ID: <CAL54oT0sibBiLSHf+eajdRgxqs1jgSzdTTCWBUH9M25ZL10EzA@mail.gmail.com> (raw)
In-Reply-To: <CALCETrWZ1cF23aT82yGfTKS48d2G+_Od7hEkAzDWzDhqpHNVqA@mail.gmail.com>
On Thu, Sep 18, 2014 at 6:28 PM, Andy Lutomirski <luto@amacapital.net> wrote:
> On Thu, Sep 18, 2014 at 6:03 PM, Andy Lutomirski <luto@amacapital.net> wrote:
>> On Thu, Sep 18, 2014 at 5:49 PM, Nakajima, Jun <jun.nakajima@intel.com> wrote:
>>> On Thu, Sep 18, 2014 at 3:07 PM, Andy Lutomirski <luto@amacapital.net> wrote:
>>>
>>>> So, as a concrete straw-man:
>>>>
>>>> CPUID leaf 0x48000000 would return a maximum leaf number in EAX (e.g.
>>>> 0x48000001) along with a signature value (e.g. "CrossHVPara\0") in
>>>> EBX, ECX, and EDX.
>>>>
>>>> CPUID 0x48000001.EAX would contain an MSR number to read to get a
>>>> random number if supported and zero if not supported.
>>>>
>>>> Questions:
>>>>
>>>> 1. Can we use a fixed MSR number? This would be a little bit simpler,
>>>> but it would depend on getting a wider MSR range from Intel.
>>>>
>>>
>>> Why do you need a wider MSR range if you always detect the feature by
>>> CPUID.0x48000001?
>>> Or are you still trying to avoid the detection by CPUID?
>>
>> Detecting the feature is one thing, but figuring out the MSR index is
>> another. We could shove the index into the cpuid leaf, but that seems
>> unnecessarily indirect. I'd much rather just say that CPUID leaves
>> *and* MSR indexes 0x48000000-0x4800ffff or so are reserved for the
>> cross-HV mechanism, but we can't do that without either knowingly
>> violating the SDM assignments or asking Intel to consider allocating
>> more MSR indexes.
>>
>> Also, KVM is already conflicting with the SDM right now in its MSR
>> choice :( I *think* that KVM could be changed to fix that, but 256
>> MSRs is rather confining given that KVM currently implements its own
>> MSR index *and* part of the Hyper-V index.
>
> Correction and update:
>
> KVM currently implements its own MSRs and, optionally, some of the
> Hyper-V MSRs. By my count, Linux knows about 68 Hyper-V MSRs (in a
> header file), and there are current 7 KVM MSRs, so over 1/4 of the
> available MSR indices are taken (and even more would be taken if KVM
> were to move its MSRs into the correct range).
>
I slept on it, and I think using the CPUID instruction alone would be
simple and efficient:
- We have a huge space for CPUID leaves
- CPUID also works for user-level
- It can take an additional 32-bit parameter (ECX), and returns 4
32-bit values (EAX, EBX, ECX, and EDX). RDMSR, for example, returns a
64-bit value.
Basically we can use it to implement a hypercall (rather than VMCALL).
For example,
- CPUID 0x48000001.EAX would return the feature presence (e.g. in
EBX), and the result in EDX:EAX (if present) at the same time, or
- CPUID 0x48000001.EAX would return the feature presence only, and
CPUID 0x48000002.EAX (acts like a hypercall) returns up to 4 32-bit
values.
--
Jun
Intel Open Source Technology Center
next prev parent reply other threads:[~2014-09-19 16:14 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-18 2:50 Standardizing an MSR or other hypercall to get an RNG seed? Andy Lutomirski
2014-09-18 14:40 ` KY Srinivasan
[not found] ` <2aa00301e9af4826b5781e01709f81e7@BY2PR0301MB0711.namprd03.prod.outlook.com>
2014-09-18 14:43 ` H. Peter Anvin
2014-09-18 15:38 ` Andy Lutomirski
2014-09-18 15:44 ` Andy Lutomirski
2014-09-18 15:58 ` Paolo Bonzini
2014-09-18 16:36 ` KY Srinivasan
[not found] ` <5b9c7dcde3824e49a25f3ee00844b868@BY2PR0301MB0711.namprd03.prod.outlook.com>
2014-09-18 17:13 ` Nakajima, Jun
2014-09-18 17:17 ` Paolo Bonzini
[not found] ` <541B13B8.1020006@redhat.com>
2014-09-18 17:20 ` Jake Oshins
2014-09-18 17:20 ` KY Srinivasan
[not found] ` <b697ef83ae594d8fb34347339dd52dfa@BY2PR0301MB0711.namprd03.prod.outlook.com>
2014-09-18 17:42 ` Nakajima, Jun
2014-09-18 18:35 ` Andy Lutomirski
2014-09-18 18:39 ` H. Peter Anvin
2014-09-18 18:54 ` Niels Ferguson
2014-09-18 19:03 ` Andy Lutomirski
2014-09-18 21:54 ` David Hepkin
[not found] ` <572ba53a2e1e4278823f718a421e2c1d@BY2PR03MB585.namprd03.prod.outlook.com>
2014-09-19 6:04 ` Paolo Bonzini
2014-09-18 18:58 ` Paolo Bonzini
2014-09-18 19:07 ` Andy Lutomirski
2014-09-18 21:21 ` Nakajima, Jun
2014-09-18 21:35 ` Andy Lutomirski
2014-09-18 21:46 ` David Hepkin
[not found] ` <0180a8dfcad746a895755c4374853c16@BY2PR03MB585.namprd03.prod.outlook.com>
2014-09-18 21:57 ` H. Peter Anvin
2014-09-18 22:07 ` Andy Lutomirski
2014-09-19 0:49 ` Nakajima, Jun
[not found] ` <CAL54oT1Q8kABge=t4s5REVWWakboON-6vfszMRkVz=ks_3vRoA@mail.gmail.com>
2014-09-19 1:03 ` Andy Lutomirski
2014-09-19 1:28 ` Andy Lutomirski
[not found] ` <CALCETrWZ1cF23aT82yGfTKS48d2G+_Od7hEkAzDWzDhqpHNVqA@mail.gmail.com>
2014-09-19 16:14 ` Nakajima, Jun [this message]
2014-09-19 16:22 ` Paolo Bonzini
2014-09-19 16:40 ` H. Peter Anvin
2014-09-19 17:21 ` Andy Lutomirski
2014-09-19 17:36 ` H. Peter Anvin
2014-09-19 17:39 ` Andy Lutomirski
2014-09-19 22:05 ` Theodore Ts'o
2014-09-19 22:06 ` Andy Lutomirski
2014-09-19 22:57 ` Nakajima, Jun
2014-09-19 22:57 ` Theodore Ts'o
2014-09-19 23:12 ` Andy Lutomirski
2014-09-19 23:29 ` H. Peter Anvin
2014-09-19 23:35 ` Theodore Ts'o
2014-09-19 23:41 ` Andy Lutomirski
2014-09-20 0:06 ` H. Peter Anvin
2014-09-19 23:29 ` H. Peter Anvin
2014-09-18 22:00 ` Andy Lutomirski
2014-09-18 22:03 ` H. Peter Anvin
2014-09-19 16:37 ` Gleb Natapov
2014-09-19 16:40 ` H. Peter Anvin
2014-09-19 16:53 ` Gleb Natapov
2014-09-19 17:08 ` H. Peter Anvin
2014-09-19 17:15 ` Gleb Natapov
2014-09-19 17:18 ` H. Peter Anvin
2014-09-19 17:49 ` Gleb Natapov
2014-09-19 18:02 ` Andy Lutomirski
2014-09-19 18:12 ` Gleb Natapov
2014-09-19 18:20 ` Andy Lutomirski
2014-09-19 20:53 ` Gleb Natapov
2014-09-22 4:11 ` Alok Kataria
2014-09-19 17:18 ` H. Peter Anvin
2014-09-19 17:21 ` Andy Lutomirski
2014-09-19 17:59 ` Gleb Natapov
2014-09-18 18:56 ` Paolo Bonzini
2014-09-19 18:30 ` Christopher Covington
2014-09-19 18:42 ` Andy Lutomirski
2014-09-19 20:21 ` Nadav Amit
[not found] ` <15C8041A-3488-4693-B329-3A9FE77A0CB9@gmail.com>
2014-09-19 20:46 ` Andy Lutomirski
2014-09-19 21:46 ` H. Peter Anvin
2014-09-22 13:31 ` Christopher Covington
2014-09-22 14:17 ` H. Peter Anvin
2014-09-22 14:18 ` H. Peter Anvin
2014-09-22 23:01 ` H. Peter Anvin
2014-09-21 12:39 ` Paolo Bonzini
2014-09-22 13:33 ` Christopher Covington
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAL54oT0sibBiLSHf+eajdRgxqs1jgSzdTTCWBUH9M25ZL10EzA@mail.gmail.com \
--to=jun.nakajima@intel.com \
--cc=John.Starks@microsoft.com \
--cc=davidhep@microsoft.com \
--cc=gleb@kernel.org \
--cc=hpa@zytor.com \
--cc=jakeo@microsoft.com \
--cc=kvm@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mathewj@microsoft.com \
--cc=niels@microsoft.com \
--cc=pbonzini@redhat.com \
--cc=tytso@mit.edu \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).