[RFC,13/13] x86/Kconfig: Add Kconfig for KVM based XO

Message ID	20191003212400.31130-14-rick.p.edgecombe@intel.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=cKhE=X4=kvack.org=owner-linux-mm@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DF644215EA From: Rick Edgecombe <rick.p.edgecombe@intel.com> To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, linux-mm@kvack.org, luto@kernel.org, peterz@infradead.org, dave.hansen@intel.com, pbonzini@redhat.com, sean.j.christopherson@intel.com, keescook@chromium.org Cc: kristen@linux.intel.com, deneen.t.dock@intel.com, Rick Edgecombe <rick.p.edgecombe@intel.com> Subject: [RFC PATCH 13/13] x86/Kconfig: Add Kconfig for KVM based XO Date: Thu, 3 Oct 2019 14:24:00 -0700 Message-Id: <20191003212400.31130-14-rick.p.edgecombe@intel.com> In-Reply-To: <20191003212400.31130-1-rick.p.edgecombe@intel.com> References: <20191003212400.31130-1-rick.p.edgecombe@intel.com> Sender: owner-linux-mm@kvack.org Precedence: bulk
Series	XOM for KVM guest userspace \| expand [RFC,00/13] XOM for KVM guest userspace [RFC,01/13] kvm: Enable MTRR to work with GFNs with perm bits [RFC,02/13] kvm: Add support for X86_FEATURE_KVM_XO [RFC,03/13] kvm: Add XO memslot type [RFC,04/13] kvm, vmx: Add support for gva exit qualification [RFC,05/13] kvm: Add #PF injection for KVM XO [RFC,06/13] kvm: Add KVM_CAP_EXECONLY_MEM [RFC,07/13] kvm: Add docs for KVM_CAP_EXECONLY_MEM [RFC,08/13] x86/boot: Rename USE_EARLY_PGTABLE_L5 [RFC,09/13] x86/cpufeature: Add detection of KVM XO [RFC,10/13] x86/mm: Add NR page bit for KVM XO [RFC,11/13] x86, ptdump: Add NR bit to page table dump [RFC,12/13] mmap: Add XO support for KVM XO [RFC,13/13] x86/Kconfig: Add Kconfig for KVM based XO

Message ID

20191003212400.31130-14-rick.p.edgecombe@intel.com (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DF644215EA
From: Rick Edgecombe <rick.p.edgecombe@intel.com>
To: kvm@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	x86@kernel.org,
	linux-mm@kvack.org,
	luto@kernel.org,
	peterz@infradead.org,
	dave.hansen@intel.com,
	pbonzini@redhat.com,
	sean.j.christopherson@intel.com,
	keescook@chromium.org
Cc: kristen@linux.intel.com,
	deneen.t.dock@intel.com,
	Rick Edgecombe <rick.p.edgecombe@intel.com>
Subject: [RFC PATCH 13/13] x86/Kconfig: Add Kconfig for KVM based XO
Date: Thu,  3 Oct 2019 14:24:00 -0700
Message-Id: <20191003212400.31130-14-rick.p.edgecombe@intel.com>
In-Reply-To: <20191003212400.31130-1-rick.p.edgecombe@intel.com>
References: <20191003212400.31130-1-rick.p.edgecombe@intel.com>
Sender: owner-linux-mm@kvack.org
Precedence: bulk

Series

XOM for KVM guest userspace | expand

Comments

Kees Cook Oct. 29, 2019, 11:36 p.m. UTC | #1

On Thu, Oct 03, 2019 at 02:24:00PM -0700, Rick Edgecombe wrote:
> Add CONFIG_KVM_XO for supporting KVM based execute only memory.

I would expect this config to be added earlier in the series so that the
code being added that depends on it can be incrementally build tested...

(Also, if this is default=y, why have a Kconfig for it at all? Guests
need to know to use this already, yes?)

-Kees

> 
> Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
> ---
>  arch/x86/Kconfig | 13 +++++++++++++
>  1 file changed, 13 insertions(+)
> 
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index 222855cc0158..3a3af2a456e8 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -802,6 +802,19 @@ config KVM_GUEST
>  	  underlying device model, the host provides the guest with
>  	  timing infrastructure such as time of day, and system time
>  
> +config KVM_XO
> +	bool "Support for KVM based execute only virtual memory permissions"
> +	select DYNAMIC_PHYSICAL_MASK
> +	select SPARSEMEM_VMEMMAP
> +	depends on KVM_GUEST && X86_64
> +	default y
> +	help
> +	  This option enables support for execute only memory for KVM guests. If
> +	  support from the underlying VMM is not detected at boot, this
> +	  capability will automatically disable.
> +
> +	  If you are unsure how to answer this question, answer Y.
> +
>  config PVH
>  	bool "Support for running PVH guests"
>  	---help---
> -- 
> 2.17.1
>

Edgecombe, Rick P Oct. 30, 2019, 12:01 a.m. UTC | #2

On Tue, 2019-10-29 at 16:36 -0700, Kees Cook wrote:
> On Thu, Oct 03, 2019 at 02:24:00PM -0700, Rick Edgecombe wrote:
> > Add CONFIG_KVM_XO for supporting KVM based execute only memory.
> 
> I would expect this config to be added earlier in the series so that the
> code being added that depends on it can be incrementally build tested...
> 
> (Also, if this is default=y, why have a Kconfig for it at all? Guests
> need to know to use this already, yes?)
> 
> -Kees
Hmm, good point. One reason could be that this requires SPARSEMEM_VMEMMAP due to
some pre-processor tricks that need a compile time known max physical address
size. So maybe someone could want KVM_GUEST and !SPARSEMEM_VMEMMAP. I'm not
sure.

> > 
> > Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
> > ---
> >  arch/x86/Kconfig | 13 +++++++++++++
> >  1 file changed, 13 insertions(+)
> > 
> > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> > index 222855cc0158..3a3af2a456e8 100644
> > --- a/arch/x86/Kconfig
> > +++ b/arch/x86/Kconfig
> > @@ -802,6 +802,19 @@ config KVM_GUEST
> >  	  underlying device model, the host provides the guest with
> >  	  timing infrastructure such as time of day, and system time
> >  
> > +config KVM_XO
> > +	bool "Support for KVM based execute only virtual memory permissions"
> > +	select DYNAMIC_PHYSICAL_MASK
> > +	select SPARSEMEM_VMEMMAP
> > +	depends on KVM_GUEST && X86_64
> > +	default y
> > +	help
> > +	  This option enables support for execute only memory for KVM guests. If
> > +	  support from the underlying VMM is not detected at boot, this
> > +	  capability will automatically disable.
> > +
> > +	  If you are unsure how to answer this question, answer Y.
> > +
> >  config PVH
> >  	bool "Support for running PVH guests"
> >  	---help---
> > -- 
> > 2.17.1
> > 
> 
>

Kees Cook Oct. 30, 2019, 6:36 p.m. UTC | #3

On Wed, Oct 30, 2019 at 12:01:18AM +0000, Edgecombe, Rick P wrote:
> On Tue, 2019-10-29 at 16:36 -0700, Kees Cook wrote:
> > On Thu, Oct 03, 2019 at 02:24:00PM -0700, Rick Edgecombe wrote:
> > > Add CONFIG_KVM_XO for supporting KVM based execute only memory.
> > 
> > I would expect this config to be added earlier in the series so that the
> > code being added that depends on it can be incrementally build tested...
> > 
> > (Also, if this is default=y, why have a Kconfig for it at all? Guests
> > need to know to use this already, yes?)
> > 
> > -Kees
> Hmm, good point. One reason could be that this requires SPARSEMEM_VMEMMAP due to
> some pre-processor tricks that need a compile time known max physical address
> size. So maybe someone could want KVM_GUEST and !SPARSEMEM_VMEMMAP. I'm not
> sure.

Good point about the combination of other CONFIGs. All the more reason
to move it earlier, though.

-Kees

> 
> > > 
> > > Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
> > > ---
> > >  arch/x86/Kconfig | 13 +++++++++++++
> > >  1 file changed, 13 insertions(+)
> > > 
> > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> > > index 222855cc0158..3a3af2a456e8 100644
> > > --- a/arch/x86/Kconfig
> > > +++ b/arch/x86/Kconfig
> > > @@ -802,6 +802,19 @@ config KVM_GUEST
> > >  	  underlying device model, the host provides the guest with
> > >  	  timing infrastructure such as time of day, and system time
> > >  
> > > +config KVM_XO
> > > +	bool "Support for KVM based execute only virtual memory permissions"
> > > +	select DYNAMIC_PHYSICAL_MASK
> > > +	select SPARSEMEM_VMEMMAP
> > > +	depends on KVM_GUEST && X86_64
> > > +	default y
> > > +	help
> > > +	  This option enables support for execute only memory for KVM guests. If
> > > +	  support from the underlying VMM is not detected at boot, this
> > > +	  capability will automatically disable.
> > > +
> > > +	  If you are unsure how to answer this question, answer Y.
> > > +
> > >  config PVH
> > >  	bool "Support for running PVH guests"
> > >  	---help---
> > > -- 
> > > 2.17.1
> > > 
> > 
> >

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 222855cc0158..3a3af2a456e8 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -802,6 +802,19 @@  config KVM_GUEST
 	  underlying device model, the host provides the guest with
 	  timing infrastructure such as time of day, and system time
 
+config KVM_XO
+	bool "Support for KVM based execute only virtual memory permissions"
+	select DYNAMIC_PHYSICAL_MASK
+	select SPARSEMEM_VMEMMAP
+	depends on KVM_GUEST && X86_64
+	default y
+	help
+	  This option enables support for execute only memory for KVM guests. If
+	  support from the underlying VMM is not detected at boot, this
+	  capability will automatically disable.
+
+	  If you are unsure how to answer this question, answer Y.
+
 config PVH
 	bool "Support for running PVH guests"
 	---help---

[RFC,13/13] x86/Kconfig: Add Kconfig for KVM based XO

Commit Message

Comments

Patch