Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp3254301ybb; Mon, 6 Apr 2020 05:25:28 -0700 (PDT) X-Google-Smtp-Source: APiQypLDJDPWxiUpYluTE80dOt830xtuoSVu61+8QpydCnz9QXuuKj+YUJEPQt+J1CpvIUMnHIYI X-Received: by 2002:aca:fd44:: with SMTP id b65mr11789681oii.119.1586175928751; Mon, 06 Apr 2020 05:25:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586175928; cv=none; d=google.com; s=arc-20160816; b=U9JpawL8KA2380pSVilW9mpMRkzyftEN4nKYEeczt5k/6BzqWo5fGItBWPuQv1tNxl YsllQzREZxGaqxD3gDDUNy2nGeA+D1b5eRyJI3tkBNlUKNAR/SQKdgSAfiCTHufCiyIN ffUzW/U60KH461sI1IxNDYynxQfU6jGm50d+hEVl9bgOTXSTRLf9yIDviX8zTBFgZluk ppNHYGG6rhC4UAUhSGd9fUF0oFTe6+UkWxgYUAgCBvLU92o8qHuzXCq06mrp03X3c+qW iwtBrb0RIlFrgfutT2yQJbCVzzlrWYq8SCLVZqsFOCbl+fe6v74aXwJKrEKVa71GC1Gp ut7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=RQo2OeDfd3m+4rXBRNxBZJdmUxyXALb8lqu8vJKOiPA=; b=fAR6xRZQgzC0XAtn3LasbgDi+sSBAkmYc7f9fhABec0NQUuVVxjzRzchoLQne8CdAX 6gHDsn0/nPtJgL/FDVjoXKXKFWdeORFn7OyDjgKkjlsG0wbJaTBXpYqNXLYXxMnWQz+W 45X5BolBSA+tygTYf/BhgDy2l5Ui6hxiHzbsO5VUs3qvmqzOrtW8DNdBtEK7wttbx+18 PAboXQ1rqgK84dgDxjt/LWyHpT7d4rqCouoQ19aIrZ8zTR/HpctZrdPCoBLD56tpiI7J EYEY6Kicbl18W8LHMQz2cpVB8efAcM6TfR86WWa5xdPAlDhA1tKE5/AcipwZd3nEBbTL PnCw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b="T3An/isl"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m22si8158617otn.81.2020.04.06.05.25.17; Mon, 06 Apr 2020 05:25:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b="T3An/isl"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727951AbgDFMXs (ORCPT + 99 others); Mon, 6 Apr 2020 08:23:48 -0400 Received: from bombadil.infradead.org ([198.137.202.133]:44082 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727652AbgDFMXs (ORCPT ); Mon, 6 Apr 2020 08:23:48 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20170209; h=In-Reply-To:Content-Type:MIME-Version :References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=RQo2OeDfd3m+4rXBRNxBZJdmUxyXALb8lqu8vJKOiPA=; b=T3An/islyD62Q4dxt/D9Hy+mVe yvurDqxme6dUP6xwB/OOGBcKVk7VCcxxImAYQ0WwRRKtNjBJlC8gSFWd6UJuqPcqoVtX3Myt36dqs BHszbcFPCUv4vJ0fLTXFJ6VuiMsH7M4PTaLD4NoS0F4YZCBTaVj5txSfF0vOcIpOu8zDenonM2VZ1 hNeTZa+MUD73sn2ElnID2IAeLxqsS4FXJnbgcWbF/XaSJrV2D2SeEP6gRdWcD2Xrqdy/E1zVsKeKC x2GS8ZiKS0R1I1NjgTMFB4WOwqgpeWiU6mR7i0VhB5JWJQCLm4STPG6pARo2ZjqSRUS4d0J9KbkX4 m2Yo/0Mw==; Received: from hch by bombadil.infradead.org with local (Exim 4.92.3 #3 (Red Hat Linux)) id 1jLQn1-0002hG-3h; Mon, 06 Apr 2020 12:23:43 +0000 Date: Mon, 6 Apr 2020 05:23:43 -0700 From: Christoph Hellwig To: Thomas Gleixner Cc: LKML , x86@kernel.org, "Kenneth R. Crudup" , "Peter Zijlstra (Intel)" , Paolo Bonzini , Jessica Yu , Fenghua Yu , Xiaoyao Li , Nadav Amit , Thomas Hellstrom , Sean Christopherson , Tony Luck , Steven Rostedt Subject: Re: [patch 1/2] x86,module: Detect VMX modules and disable Split-Lock-Detect Message-ID: <20200406122343.GA10683@infradead.org> References: <20200402123258.895628824@linutronix.de> <20200402124205.242674296@linutronix.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200402124205.242674296@linutronix.de> X-SRS-Rewrite: SMTP reverse-path rewritten from by bombadil.infradead.org. See http://www.infradead.org/rpr.html Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Apr 02, 2020 at 02:32:59PM +0200, Thomas Gleixner wrote: > From: Peter Zijlstra > > It turns out that with Split-Lock-Detect enabled (default) any VMX > hypervisor needs at least a little modification in order to not blindly > inject the #AC into the guest without the guest being ready for it. > > Since there is no telling which module implements a hypervisor, scan the > module text and look for the VMLAUNCH instruction. If found, the module is > assumed to be a hypervisor of some sort and SLD is disabled. > > Hypervisors, which have been modified and are known to work correctly, > can add: > > MODULE_INFO(sld_safe, "Y"); > > to explicitly tell the module loader they're good. > > NOTE: it is unfortunate that struct load_info is not available to the > arch module code, this means CONFIG_CPU_SUP_INTEL gunk is needed > in generic code. > > NOTE: while we can 'trivially' fix KVM, we're still stuck with stuff > like VMware and VirtualBox doing their own thing. This is just crazy. We have never cared about any out tree module, why would we care here where it creates a real complexity. Just fix KVM and ignore anything else.