Re: [PATCH 3/4] x86,module: Detect VMX vs SLD conflicts

From: Greg KH
Date: Tue Apr 07 2020 - 10:35:47 EST

Next message: John Garry: "Re: [PATCH RFC v2 02/24] scsi: allocate separate queue for reserved commands"
Previous message: Jason Gunthorpe: "Re: WARNING in ib_umad_kill_port"
In reply to: Peter Zijlstra: "[PATCH 3/4] x86,module: Detect VMX vs SLD conflicts"
Next in thread: Paolo Bonzini: "Re: [PATCH 3/4] x86,module: Detect VMX vs SLD conflicts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Apr 07, 2020 at 01:02:39PM +0200, Peter Zijlstra wrote:
> It turns out that with Split-Lock-Detect enabled (default) any VMX
> hypervisor needs at least a little modification in order to not blindly
> inject the #AC into the guest without the guest being ready for it.
>
> Since there is no telling which module implements a hypervisor, scan
> all out-of-tree modules' text and look for VMX instructions and refuse
> to load it when SLD is enabled (default) and the module isn't marked
> 'sld_safe'.
>
> Hypervisors, which have been modified and are known to work correctly,
> can add:
>
> MODULE_INFO(sld_safe, "Y");
>
> to explicitly tell the module loader they're good.

What's to keep any out-of-tree module from adding this same module info
"flag" and just lie about it? Isn't that what you are trying to catch
here, or is it a case of, "if you lie, your code will break" as well?

thanks,

greg k-h

Next message: John Garry: "Re: [PATCH RFC v2 02/24] scsi: allocate separate queue for reserved commands"
Previous message: Jason Gunthorpe: "Re: WARNING in ib_umad_kill_port"
In reply to: Peter Zijlstra: "[PATCH 3/4] x86,module: Detect VMX vs SLD conflicts"
Next in thread: Paolo Bonzini: "Re: [PATCH 3/4] x86,module: Detect VMX vs SLD conflicts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]