On 2024/2/27 上午4:02, Jiaxun Yang wrote:
Can you add PLV checking when cpucfg 0x40000000-0x400000FF is emulated? if it is user mode return value is zero and it is kernel mode emulated value will be returned. It can avoid information leaking.
在2024年2月26日二月 上午8:04,maobibo写道:
On 2024/2/26 下午2:12, Huacai Chen wrote:
On Mon, Feb 26, 2024 at 10:04 AM maobibo <maobibo@xxxxxxxxxxx> wrote:Only x86 support multiple hypervisors and there is multiple hypervisor
Nearly all architectures use hypercall except x86 for its historical
On 2024/2/24 下午5:13, Huacai Chen wrote:
Hi, Bibo,No, I do not think so. cpucfg is simper than hypercall, hypercall can
On Thu, Feb 22, 2024 at 11:28 AM Bibo Mao <maobibo@xxxxxxxxxxx> wrote:After reading and thinking, I find that the hypercall method which is
Instruction cpucfg can be used to get processor features. And there
is trap exception when it is executed in VM mode, and also it is
to provide cpu features to VM. On real hardware cpucfg area 0 - 20
is used. Here one specified area 0x40000000 -- 0x400000ff is used
for KVM hypervisor to privide PV features, and the area can be extended
for other hypervisors in future. This area will never be used for
real HW, it is only used by software.
used in our productive kernel is better than this cpucfg method.
Because hypercall is more simple and straightforward, plus we don't
worry about conflicting with the real hardware.
be in effect when system runs in guest mode. In some scenario like TCG
mode, hypercall is illegal intruction, however cpucfg can work.
in x86 only. It is an advantage, not historical reason.
I do believe that all those stuff should not be exposed to guest user space
for security reasons.