From: Andrew Cooper <andrew.cooper3@citrix.com>
To: "H. Peter Anvin" <hpa@zytor.com>,
Elizabeth Figura <zfigura@codeweavers.com>,
Sean Christopherson <seanjc@google.com>
Cc: x86@kernel.org, Linux Kernel <linux-kernel@vger.kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
Ricardo Neri <ricardo.neri-calderon@linux.intel.com>,
wine-devel@winehq.org
Subject: Re: x86 SGDT emulation for Wine
Date: Fri, 5 Jan 2024 02:47:04 +0000 [thread overview]
Message-ID: <11f2135c-2b64-4a90-95ee-358c3f6117b5@citrix.com> (raw)
In-Reply-To: <B042BACA-839E-4A42-9BAA-AC7E58624250@zytor.com>
On 05/01/2024 1:02 am, H. Peter Anvin wrote:
> Note that there is no fundamental reason you cannot run the Unix user space code inside the VM container, too; you only need to vmexit on an actual system call.
I know this is going on a tangent, but getting a VMExit on the SYSCALL
instruction is surprisingly difficult.
The "easy" way is to hide EFER.SCE behind the guests back, intercept #UD
and emulate both the SYSCALL and SYSRET instructions. It's slow, but it
works.
However, FRED completely prohibits tricks like this, because what you
cannot reasonably do is clear CR4.FRED behind the back of a guest
kernel. You'd have to intercept and emulate all event sources in order
to catch SYSCALL.
I raised this as a concern during early review, but Intel has no
official feature to take a VMExit on privilege change, and FRED
(rightly) wasn't an appropriate vehicle to add such a feature, so it was
deemed not an issue that the FRED design would break the unofficial ways
that people were using to intercept/monitor/etc system calls.
~Andrew
P.S. Yes, there are more adventurous tricks like injecting a thunk into
the guest kernel and editing MSR_LSTAR behind the guest's back. In
principle a similar trick works with FRED, but in order to do this to
Windows, you also need to hook checkpatch to blind it to the thunk, and
this is horribly invasive.
next prev parent reply other threads:[~2024-01-05 2:47 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-27 22:20 x86 SGDT emulation for Wine Elizabeth Figura
2023-12-27 23:58 ` H. Peter Anvin
2024-01-02 17:12 ` Sean Christopherson
2024-01-02 19:53 ` Elizabeth Figura
2024-01-03 7:30 ` Stefan Dösinger
2024-01-03 15:19 ` Sean Christopherson
2024-01-03 15:33 ` H. Peter Anvin
2024-01-04 6:35 ` Elizabeth Figura
2024-01-05 1:02 ` H. Peter Anvin
2024-01-05 1:21 ` Sean Christopherson
2024-01-05 2:47 ` Andrew Cooper [this message]
2024-01-05 4:03 ` H. Peter Anvin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=11f2135c-2b64-4a90-95ee-358c3f6117b5@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=ricardo.neri-calderon@linux.intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=wine-devel@winehq.org \
--cc=x86@kernel.org \
--cc=zfigura@codeweavers.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).