linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Keno Fischer <keno@juliacomputing.com>
To: Dave Hansen <dave.hansen@intel.com>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>,
	"maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)"
	<x86@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>,
	Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Andi Kleen <andi@firstfloor.org>, Kyle Huey <khuey@kylehuey.com>,
	"Robert O'Callahan" <robert@ocallahan.org>,
	Andy Lutomirski <luto@amacapital.net>,
	Peter Zijlstra <peterz@infradead.org>
Subject: Re: [RFC PATCH v2] x86/arch_prctl: Add ARCH_SET_XCR0 to set XCR0 per-thread
Date: Tue, 14 Apr 2020 15:55:07 -0400	[thread overview]
Message-ID: <CABV8kRy6M8_-An5TEvBATAz+MxdaQqbCLBEZbJsaz=aZiV48wA@mail.gmail.com> (raw)
In-Reply-To: <CABV8kRxDkE1dQh0c2FkFpkUruiR0aD-hXbgd5-jcoCDiwYHs1A@mail.gmail.com>

Hi everyone,

I'd like to continue this discussion along two directions:

1) In this patch, what should happen to signal frames?

I continue to think that it would be good for these to observe
the process' XCR0, but I understand the argument that we
should not let the XCR0 setting modify any kernel behavior
whatsoever. Andy, I would in particular appreciate your views
on this since I believe you thought it should do the latter.

2) What would a solution based on the raw KVM API look like?

I'm still afraid that going down the KVM route would just end up
back in the same situation as we're in right now, but I'd like to
explore this further, so here's my current thinking: Particularly for
recording, the process does need to look very much like a regular
linux process, so we can get recording of syscalls and signal state right.
I don't have enough of an intuition for the performance implications
of this. For example, suppose we added a way for the kernel to
directly take syscalls from guest CPL3 - what would the cost
of incurring a vmexit for every syscall be? I suppose another
idea would be to build a minimal linux kernel that sits in guest
CPL0 and emulates at least the process state and other high
frequency syscalls, but forwards the rest to the host kernel.
Seems potentially doable, but a bit brittle - is there prior art
here I should be aware of, e.g. from people looking at securing
containers? As I mentioned, I had looked at Project Dune
before (http://dune.scs.stanford.edu/), which does seem to
do a lot of the things I would need, though it doesn't appear
to currently be handling signals at all, and of course it's also
not really KVM based, but rather
KVM-but-copy-pasted-and-manually-hacked-up-in-a-separate.ko
based.

I may also be missing a completely obvious way to do this -
my apologies if so. I would certainly appreciate any insight on
how to achieve the set of requirements here (multiple tracees
with potentially differing XCR0 values, faithful and performant
provision of syscalls/signals to the tracees) on top of KVM.

If we can figure out a good way forward with KVM, I'd be quite
interested in it, since I think there may be additional performance
games that could be played by having part of rr be in guest CPL0,
I'm just unsure that KVM is really the right abstraction here, so
I'd like to think through it a bit.

Keno

  reply	other threads:[~2020-04-14 20:15 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-07  1:12 [RFC PATCH v2] x86/arch_prctl: Add ARCH_SET_XCR0 to set XCR0 per-thread Keno Fischer
2020-04-07  3:57 ` Andy Lutomirski
2020-04-07  4:44   ` Keno Fischer
2020-04-07  4:53     ` Kyle Huey
2020-04-07 12:33       ` Peter Zijlstra
2020-04-07 13:52         ` Keno Fischer
2020-04-07 12:21 ` Peter Zijlstra
2020-04-07 14:06   ` Dave Hansen
2020-04-07 14:16     ` Andy Lutomirski
2020-04-07 18:30       ` Keno Fischer
2020-04-14 23:20         ` Andy Lutomirski
2020-04-15  0:09           ` Keno Fischer
2020-04-16  1:07             ` Andy Lutomirski
2020-04-16  1:14               ` Keno Fischer
2020-04-16  1:16                 ` Keno Fischer
2020-04-16  1:22                   ` Andy Lutomirski
2020-04-07 16:29     ` Kyle Huey
2020-04-07 13:14 ` Dave Hansen
     [not found]   ` <CABV8kRw1TQsqs+z43bSfZ5isctuFGMB4g_ztDYihiiXHcy4nVA@mail.gmail.com>
2020-04-07 16:27     ` Dave Hansen
2020-04-07 17:55       ` Keno Fischer
2020-04-07 20:21         ` Dave Hansen
2020-04-07 21:42           ` Andy Lutomirski
2020-04-07 22:15           ` Keno Fischer
2020-04-14 19:55             ` Keno Fischer [this message]
2020-04-07 14:20 ` Andi Kleen
2020-04-07 18:06   ` Keno Fischer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CABV8kRy6M8_-An5TEvBATAz+MxdaQqbCLBEZbJsaz=aZiV48wA@mail.gmail.com' \
    --to=keno@juliacomputing.com \
    --cc=andi@firstfloor.org \
    --cc=bp@alien8.de \
    --cc=dave.hansen@intel.com \
    --cc=dave.hansen@linux.intel.com \
    --cc=hpa@zytor.com \
    --cc=khuey@kylehuey.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@amacapital.net \
    --cc=mingo@redhat.com \
    --cc=peterz@infradead.org \
    --cc=robert@ocallahan.org \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).