Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp545351ybb; Fri, 3 Apr 2020 07:36:13 -0700 (PDT) X-Google-Smtp-Source: APiQypK0vY4JwLznUlwRzBgH/p39oTyw0hxm56t3LyqvD+RZ0JKdbQn8QXjdMiIK3aB77yFrE8UD X-Received: by 2002:aca:682:: with SMTP id 124mr3258236oig.69.1585924573363; Fri, 03 Apr 2020 07:36:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585924573; cv=none; d=google.com; s=arc-20160816; b=rYlSbXFf9plBloMyFP/seR7m8p5Y5bWFuqhn1k/E+HdQLtMfRdlTp1HrN96tOkuRPk Zh6YZOlgF+tTR+Fk/AGOEmtnrIC8UUSwl04s57W46aHWqHX2zYCW0lTKP00N1w0+76YX m10HKU3DdcmXcdcItpYSY8IeaUDllIlrXaAftBJ+CEpq9phuG1TFuc4RJ6ianW2N3XjS VBYFajBDfiHeTMq/XYcyeOHv12IVqVDwq2RXpN2cPu/O/qoZyBM+MVVEaFzxi5tT6W8G u14aDGMVhIosEV1ab2go7H8pokjfX6a+p9g4P+Uy5AoEZhUl8R3sIzAoktGbI0ji+jzj Iv5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=l0EiIHchinDWyCf43w0lhXunhiG167jMxs4uH8nFBj4=; b=TplEs+pitLUryn8M5dyHyICLvyn+tbauh3nkHXYsiivNZUd0DSaD+fNDpzyOnAnClC O5EzOdNKDLb/lvhMq2gGSS12uYsVrRZ1tJI9Pj2rqBJtVAzdwo2Jj8jbdlS0AK0zhB/B QYohiy1PB0FQWruLZdLNJX+RHwocXOKZX0+rrctiEk1ZGyw7SFtfzzOoDb7FQKtXQ+B3 ydVVv54NMNbS4JiQT3k9keNvBe6qti8/9X0bB5Tyh1+TahfgcJa+uz6E0/BC7ftCPRy9 LzrIGK65CbzI7oOYlheKWP2Ge7Tz3VwrhOveX9QU5ylF14fP/GDExfMunth9rblW88OD mcPg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=yt5CYCfa; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m18si3395572otk.29.2020.04.03.07.35.59; Fri, 03 Apr 2020 07:36:13 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=yt5CYCfa; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2403815AbgDCOfG (ORCPT + 99 others); Fri, 3 Apr 2020 10:35:06 -0400 Received: from mail.kernel.org ([198.145.29.99]:55264 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390784AbgDCOfG (ORCPT ); Fri, 3 Apr 2020 10:35:06 -0400 Received: from linux-8ccs (p3EE2C7AC.dip0.t-ipconnect.de [62.226.199.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 39BB72073B; Fri, 3 Apr 2020 14:35:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1585924505; bh=l0EiIHchinDWyCf43w0lhXunhiG167jMxs4uH8nFBj4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=yt5CYCfaNNG0hTQtdc+FclL0cgpS2x3v05p14lXgVFdsM3ZGhhpIKU2WPLClo3GRQ LqLpVFyhPoXtzNQGl/X9dsg4kXFTPn+hKDqhZtYCelZa0eTaXajtavVptm/Q954UHW 30Q4UjZ2n5e8/iKwGBIqUXYQlTAD+LuLtC3CT+aw= Date: Fri, 3 Apr 2020 16:35:00 +0200 From: Jessica Yu To: Rasmus Villemoes Cc: Thomas Gleixner , LKML , x86@kernel.org, "Kenneth R. Crudup" , "Peter Zijlstra (Intel)" , Paolo Bonzini , Fenghua Yu , Xiaoyao Li , Nadav Amit , Thomas Hellstrom , Sean Christopherson , Tony Luck , Steven Rostedt Subject: Re: [patch 1/2] x86,module: Detect VMX modules and disable Split-Lock-Detect Message-ID: <20200403143459.GA30424@linux-8ccs> References: <20200402123258.895628824@linutronix.de> <20200402124205.242674296@linutronix.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: X-OS: Linux linux-8ccs 4.12.14-lp150.12.61-default x86_64 User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org +++ Rasmus Villemoes [03/04/20 01:42 +0200]: >On 02/04/2020 14.32, Thomas Gleixner wrote: >> From: Peter Zijlstra >> >> It turns out that with Split-Lock-Detect enabled (default) any VMX >> hypervisor needs at least a little modification in order to not blindly >> inject the #AC into the guest without the guest being ready for it. >> >> Since there is no telling which module implements a hypervisor, scan the >> module text and look for the VMLAUNCH instruction. If found, the module is >> assumed to be a hypervisor of some sort and SLD is disabled. > >How long does that scan take/add to module load time? Would it make >sense to exempt in-tree modules? > >Rasmus I second Rasmus's question. It seems rather unfortunate that we have to do this text scan for every module load on x86, when it doesn't apply to the majority of them, and only to a handful of out-of-tree hypervisor modules (assuming kvm is taken care of already). I wonder if it would make sense then to limit the text scans to just out-of-tree modules (i.e., missing the intree modinfo flag)? Jessica