Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp4812868ybb; Tue, 7 Apr 2020 15:14:10 -0700 (PDT) X-Google-Smtp-Source: APiQypIY7CLC/pzopCpoN/Fu+VwfTZPzxbnZ2CeVTEj9xOBWVQ0nuUmPNLKZ0KMzGSIsr8EUYxxW X-Received: by 2002:a9d:63c9:: with SMTP id e9mr3486390otl.65.1586297649145; Tue, 07 Apr 2020 15:14:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586297649; cv=none; d=google.com; s=arc-20160816; b=x6gi6I6syX9ceJuBsbFi8M2dTw3z0oAM1QEExwhZam5PHArY06+35kpqZM61Z01Wqt TPgevbIN6EGqSgZe91t+rT3jGXQyYP5+djwOcHF9uvr7ubrbdUeVj57eQL2+lvPFHK/h VSrpe75bWoFXlh7G8Ixi+lp6+FNTf9dF97mARn9zfDAFfmJ1PeGbI6e81K7DuysCRzNV /LYLHzUTblydS9uvtyFM8xtKlX1T3cbUIZIvJKW6CQBSXGAQNJhKJ9BvlwCOnugETcEh Mjq3RzFNKEXdMKc/Ts2zzYshaYoY9HV2nrslftzjITuLRZwQQvzHOIQFcdo9v1hLAJ7D YeIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=+76ohg15yjGQ53/NYcOF5gb3ZEmpJpgNPDQ8a4CriK8=; b=t/XHeuSgtMoDaVUGqvcrgMEUHp5kyYTaCamJIdetfkukT4qaxQb37GcNms3KmaKaLh fODDG8FgvdpRPYdhTgWEuI3HjlJlosbJpx0Yu49lHnVAUXCj2/F+CaCgSgTBEWF+BE6x 3gqHnIKgyPh1IVB4yRI+6OwgwgebJ8qP3KoEIYqggt8/i7qdQu9mz0N/HWoG17SZVCvv OOZ7eySgJSi+1ljzpvtUNMprhbJDrAWFva0PtNaRz7VgT04U1IukVClDUfC6JrmUGpzk P05jy1bjjLJN+j1V7nl4g2+h3uukvil+GgH7E+N2ASUENSeUdvnVdYu8J++FD6kP9jK+ 8/9w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=cJvZ2cKD; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f17si1627696oov.44.2020.04.07.15.13.54; Tue, 07 Apr 2020 15:14:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=cJvZ2cKD; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726523AbgDGWMV (ORCPT + 99 others); Tue, 7 Apr 2020 18:12:21 -0400 Received: from us-smtp-2.mimecast.com ([207.211.31.81]:48657 "EHLO us-smtp-delivery-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726380AbgDGWMU (ORCPT ); Tue, 7 Apr 2020 18:12:20 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586297539; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+76ohg15yjGQ53/NYcOF5gb3ZEmpJpgNPDQ8a4CriK8=; b=cJvZ2cKD9vAmengtppjIJwffVhqyeghHQlz0rCyAkqEeSPren99wtmjOh0HnM4PRcMPdv8 608GSntEd6webY9G30Yj/4TwrrcszZb0oVj5orw+grelGfClgPt0tGd375p48EOA7aoHVn ioofkjkV41U1MvM9s3AzZfMTBBkzncc= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-415-sd9nioGrNL6JI8fe_7fs1g-1; Tue, 07 Apr 2020 18:12:18 -0400 X-MC-Unique: sd9nioGrNL6JI8fe_7fs1g-1 Received: by mail-wr1-f70.google.com with SMTP id v14so2924975wrq.13 for ; Tue, 07 Apr 2020 15:12:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=+76ohg15yjGQ53/NYcOF5gb3ZEmpJpgNPDQ8a4CriK8=; b=o8W6g4JWJ4hZK9yh7Kle6nTfJOgISj5ITxNOJBZTd4BFC1nOZrTj4sEUbrqPXUnVbO tgbyzCjNNzL9HIv7jCgz1WWl5o11djLdtTPllgXCElxAsXFmenEWxu4p+1cCedMPnBnD 2DcCFBFM3HgSNNyYw8+VpcGgFgb1vCWpc6QgeDtq/5fYCfiXyo5EXWKyOmEzuka6vOCd cKK138uoc9EUfKGmJP70n2Fjw7llM3W71TlcoWUGsz28kHYsC+04iSzTmOrpsunseKlG zyQ3UbUlhYr5NHDiuJAenp6SrSXRPvneU9rTSVMZGJWFsIt2JjJpAPEyfXBSAP2B1Wm9 n9Ww== X-Gm-Message-State: AGi0PuYR4+9Xtum7gijASpefoeZj5bLG6Q2kSUXitZ+6ggsg3c63R1Xf xFAeU5OEEiyxg308Xmc+IWAU8GKozH14N3MiLqDnvr8cq+qIx+1XN4qUZoEeOADtIntBrr8Bv2V amSlnZbaikuHeXkvRh0UX0gfk X-Received: by 2002:adf:fecb:: with SMTP id q11mr5011771wrs.350.1586297537084; Tue, 07 Apr 2020 15:12:17 -0700 (PDT) X-Received: by 2002:adf:fecb:: with SMTP id q11mr5011744wrs.350.1586297536865; Tue, 07 Apr 2020 15:12:16 -0700 (PDT) Received: from ?IPv6:2001:b07:6468:f312:bd61:914:5c2f:2580? ([2001:b07:6468:f312:bd61:914:5c2f:2580]) by smtp.gmail.com with ESMTPSA id n6sm6483443wrs.81.2020.04.07.15.12.15 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 07 Apr 2020 15:12:16 -0700 (PDT) Subject: Re: [PATCH 4/4] x86,module: Detect CRn and DRn manipulation To: Peter Zijlstra , Nadav Amit Cc: Thomas Gleixner , LKML , hch@infradead.org, Sean Christopherson , mingo , bp , hpa@zytor.com, x86 , "Kenneth R. Crudup" , Jessica Yu , Rasmus Villemoes , Fenghua Yu , Xiaoyao Li , Thomas Hellstrom , Tony Luck , Steven Rostedt , Greg Kroah-Hartman , jannh@google.com, keescook@chromium.org, David.Laight@aculab.com, Doug Covelli , mhiramat@kernel.org References: <20200407110236.930134290@infradead.org> <20200407111007.429362016@infradead.org> <10ABBCEE-A74D-4100-99D9-05B4C1758FF6@gmail.com> <20200407193853.GP2452@worktop.programming.kicks-ass.net> <90B32DAE-0BB5-4455-8F73-C43037695E7C@gmail.com> <20200407205042.GT2452@worktop.programming.kicks-ass.net> <96C2F23A-D6F4-4A04-82B6-284788C5D2CC@gmail.com> <20200407212754.GU2452@worktop.programming.kicks-ass.net> From: Paolo Bonzini Message-ID: Date: Wed, 8 Apr 2020 00:12:14 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 MIME-Version: 1.0 In-Reply-To: <20200407212754.GU2452@worktop.programming.kicks-ass.net> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 07/04/20 23:27, Peter Zijlstra wrote: > On Tue, Apr 07, 2020 at 02:22:11PM -0700, Nadav Amit wrote: >> Anyhow, I do not think it is the only use-case which is not covered by your >> patches (even considering CRs/DRs alone). For example, there is no kernel >> function to turn on CR4.VMXE, which is required to run hypervisors on x86. > That needs an exported function; there is no way we'll allow random > writes to CR4, there's too much dodgy stuff in there. native_write_cr4 and pv_ops (through which you can do write_cr4) are both exported, and so is cpu_tlbstate which is used by __cr4_set_bits and friends. Am I missing something glaringly obvious? Paolo