Re: [PATCH 4/4] x86,module: Detect CRn and DRn manipulation

[Jan Kiszka]

On 08.04.20 10:03, Paolo Bonzini wrote:
> On 08/04/20 07:58, Jan Kiszka wrote:
> > > >  Â +ÂÂÂÂÂÂÂ if (insn_is_mov_CRn(&insn) || insn_is_mov_DRn(&insn)) {
> > > > +ÂÂÂÂÂÂÂÂÂÂÂ pr_err("Module writes to CRn or DRn, please use the
> > > > proper accessors: %s\n", mod->name);
> > > > +ÂÂÂÂÂÂÂÂÂÂÂ return -ENOEXEC;
> > > > +ÂÂÂÂÂÂÂ }
> > >
> > > Hmm, wont this break jailhouse?
> >
> > Yes, possibly. We load the hypervisor binary via request_firmware into
> > executable memory and then jump into it. So most of the "suspicious"
> > code is there - except two cr4_init_shadow() calls to propagate the
> > non-transparent update of VMXE into that shadow. We could hide that CR4
> > flag, but that could mislead root Linux to try to use VMX while in jail.
>
> Why not contribute the Jailhouse loader into Linux?

Definitely planned. But right now it would add the burden of managing 
the interface between loader and hypervisor carefully. Currently it is 
internal to Jailhouse and maintained in lock-step, without any backward 
compatibility.

Jan

--
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux