Re: [RFC PATCH V2 00/11] Intel EPT-Based Sub-page Protection Support

From: Paolo Bonzini
Date: Fri Nov 30 2018 - 05:07:31 EST

Next message: Daniel Borkmann: "Re: [PATCH] arm64/bpf: use movn/movk/movk sequence to generate kernel addresses"
Previous message: Leo Yan: "[PATCH] perf evsel: Correct clock unit to nanosecond"
In reply to: Zhang Yi: "[RFC PATCH V2 11/11] KVM: VMX: implement setup SPP page structure in spp miss."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 30/11/18 08:52, Zhang Yi wrote:
> Here is a patch-series which adding EPT-Based Sub-page Write Protection Support.
>
> Introduction:
>
> EPT-Based Sub-page Write Protection referred to as SPP, it is a capability which
> allow Virtual Machine Monitors(VMM) to specify write-permission for guest
> physical memory at a sub-page(128 byte) granularity. When this capability is
> utilized, the CPU enforces write-access permissions for sub-page regions of 4K
> pages as specified by the VMM. EPT-based sub-page permissions is intended to
> enable fine-grained memory write enforcement by a VMM for security(guest OS
> monitoring) and usages such as device virtualization and memory check-point.
>
> SPPT is active when the "sub-page write protection" VM-execution control is 1.
> SPPT looks up the guest physical addresses to derive a 64 bit "sub-page
> permission" value containing sub-page write permissions. The lookup from
> guest-physical addresses to the sub-page region permissions is determined by a
> set of SPPT paging structures.
>
> When the "sub-page write protection" VM-execution control is 1, the SPPT is used
> to lookup write permission bits for the 128 byte sub-page regions containing in
> the 4KB guest physical page. EPT specifies the 4KB page level privileges that
> software is allowed when accessing the guest physical address, whereas SPPT
> defines the write permissions for software at the 128 byte granularity regions
> within a 4KB page. Write accesses prevented due to sub-page permissions looked
> up via SPPT are reported as EPT violation VM exits. Similar to EPT, a logical
> processor uses SPPT to lookup sub-page region write permissions for
> guest-physical addresses only when those addresses are used to access memory.

Hi,

I think the right thing to do here would be to first get VM
introspection in KVM, as SPP is mostly an introspection feature and it
should be controller by the introspector rather than the KVM userspace.

Mihai, if you resubmit, I promise that I will look at it promptly.

Paolo

Next message: Daniel Borkmann: "Re: [PATCH] arm64/bpf: use movn/movk/movk sequence to generate kernel addresses"
Previous message: Leo Yan: "[PATCH] perf evsel: Correct clock unit to nanosecond"
In reply to: Zhang Yi: "[RFC PATCH V2 11/11] KVM: VMX: implement setup SPP page structure in spp miss."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]