Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp7900042imu; Mon, 3 Dec 2018 22:38:24 -0800 (PST) X-Google-Smtp-Source: AFSGD/VFGGSq8R7porFTexAOtvrG332BvYj62Q/lpryyKuuI/I+Zi79CP0WpvVIU8ll2sngIiVkd X-Received: by 2002:a17:902:c85:: with SMTP id 5mr19175523plt.339.1543905504236; Mon, 03 Dec 2018 22:38:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543905504; cv=none; d=google.com; s=arc-20160816; b=q+FO+XlPT92CD/hPCa5Hbjh+q/U+FkrbCDkjZ0Mj2YMpi+yWjIYJ5P/D3pdHORTvgZ ur96vFkUyHu5qbmnjp2NbpHh5LgRWEbD8JFtKbuyzf7s/3ZeFSCadjcKGS3yK/L+kwh/ PRfE4hN2HANhwcyrjT+ZZwgyZO0mxDakEC6wf4vjRgMfpL8HTysP2L430GjxpbnfA2JG hOPEO4fx6rZ8rB8TmUlvGflNL6akXnBcS3nN8dwa8d2ZHz+TIqrLBJc+NHy73LbERj8h Gz/ADopHVr5GvEjtDIpyjtVq44dXNB8FzQ6+DiCq+AiARedsFhpCF3wkN/uXUUpBv/sn k/YQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:mail-followup-to:message-id:subject:cc:to:from:date; bh=PHK2pqU4WWRKy1HpJlCta3HZoG0VPSJ6Rl6+oXRsj6I=; b=BdqnTe3x/sQ80J1dBr9WM3AC6/XfpEt1chWICBqGhcA2CFvDvJu4Vg1Vj0t6hAbbW+ /zkfG3U7gOT4zjKzn+710AwdOMesFjy+QDX29jqBMdJ/ypTsnE/XWgQrB6bj7Q1OFjDp 1rj11aA9iIeW7MR2+MnoJz5tOvd5ozUL5OpPlgYJbsEF+JgqE99T6aWJvLZydCQjg6dZ t9t8IHkRh+yUMeBGp65Crln7F8kD/YWIIVkuTTvmImu8HnOY2vtrLb+t4hB1f2t8wrJQ YyfLMM33rFE2qEEqkt6H8XrnBrFDlFG7TYSA+GaCzY10jDLB55U0x6q245cYmV+N2VpQ 1ZpA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m76si16126327pfj.48.2018.12.03.22.38.09; Mon, 03 Dec 2018 22:38:24 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726129AbeLDGfv (ORCPT + 99 others); Tue, 4 Dec 2018 01:35:51 -0500 Received: from mga17.intel.com ([192.55.52.151]:9565 "EHLO mga17.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726026AbeLDGfu (ORCPT ); Tue, 4 Dec 2018 01:35:50 -0500 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Dec 2018 22:35:50 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,312,1539673200"; d="scan'208";a="106805120" Received: from linux.intel.com ([10.54.29.200]) by fmsmga008.fm.intel.com with ESMTP; 03 Dec 2018 22:35:49 -0800 Received: from tiger-server (dazhang1-ssd.sh.intel.com [10.239.48.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by linux.intel.com (Postfix) with ESMTPS id 629EB580117; Mon, 3 Dec 2018 22:35:48 -0800 (PST) Date: Tue, 4 Dec 2018 14:35:34 +0800 From: Yi Zhang To: Mihai =?utf-8?B?RG9uyJt1?= Cc: Paolo Bonzini , rkrcmar@redhat.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Nicusor CITU , Adalbert =?utf-8?B?TGF6xINy?= Subject: Re: [RFC PATCH V2 00/11] Intel EPT-Based Sub-page Protection Support Message-ID: <20181204063533.GA73736@tiger-server> Mail-Followup-To: Mihai =?utf-8?B?RG9uyJt1?= , Paolo Bonzini , rkrcmar@redhat.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Nicusor CITU , Adalbert =?utf-8?B?TGF6xINy?= References: <1c7e9821-df4b-9b1c-76aa-d1c4c654c952@redhat.com> <1543809373.23880.17.camel@bitdefender.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1543809373.23880.17.camel@bitdefender.com> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2018-12-03 at 05:56:13 +0200, Mihai Donțu wrote: > Hi Paolo, > > On Fri, 2018-11-30 at 11:07 +0100, Paolo Bonzini wrote: > > On 30/11/18 08:52, Zhang Yi wrote: > > > Here is a patch-series which adding EPT-Based Sub-page Write Protection Support. > > > > > > Introduction: > > > > > > EPT-Based Sub-page Write Protection referred to as SPP, it is a capability which > > > allow Virtual Machine Monitors(VMM) to specify write-permission for guest > > > physical memory at a sub-page(128 byte) granularity. When this capability is > > > utilized, the CPU enforces write-access permissions for sub-page regions of 4K > > > pages as specified by the VMM. EPT-based sub-page permissions is intended to > > > enable fine-grained memory write enforcement by a VMM for security(guest OS > > > monitoring) and usages such as device virtualization and memory check-point. > > > > > > SPPT is active when the "sub-page write protection" VM-execution control is 1. > > > SPPT looks up the guest physical addresses to derive a 64 bit "sub-page > > > permission" value containing sub-page write permissions. The lookup from > > > guest-physical addresses to the sub-page region permissions is determined by a > > > set of SPPT paging structures. > > > > > > When the "sub-page write protection" VM-execution control is 1, the SPPT is used > > > to lookup write permission bits for the 128 byte sub-page regions containing in > > > the 4KB guest physical page. EPT specifies the 4KB page level privileges that > > > software is allowed when accessing the guest physical address, whereas SPPT > > > defines the write permissions for software at the 128 byte granularity regions > > > within a 4KB page. Write accesses prevented due to sub-page permissions looked > > > up via SPPT are reported as EPT violation VM exits. Similar to EPT, a logical > > > processor uses SPPT to lookup sub-page region write permissions for > > > guest-physical addresses only when those addresses are used to access memory. > > > > Hi, > > > > I think the right thing to do here would be to first get VM > > introspection in KVM, as SPP is mostly an introspection feature and it > > should be controller by the introspector rather than the KVM userspace. > > > > Mihai, if you resubmit, I promise that I will look at it promptly. Thanks review, Paolo, What do u think we cook some user-cases for qemu or some kvmtools? even with some other kernel hyper-calls? SPP is not only an introspection depended features. > > I'm currently traveling until Wednesday, but when I'll get into the > office I will see about preparing a new patch set and send it to the > list before Christmas. Thanks Mihai, please include me in the new VMI patch set. > > Regards, > > -- > Mihai Donțu >