Message ID | 20230718131844.5706-1-guang.zeng@intel.com (mailing list archive) |
---|---|
Headers | show |
Series | LASS KVM virtualization support | expand |
Please ignore this patch set as I posted wrong one by mistake. I will submit the correct patch series soon. Sorry for bothering. On 7/18/2023 9:18 PM, Zeng, Guang wrote: > Linear Address Space Separation (LASS)[1] is a new mechanism that > enforces the same mode-based protections as paging, i.e. SMAP/SMEP > but without traversing the paging structures. Because the protections > enforced by LASS are applied before paging, "probes" by malicious > software will provide no paging-based timing information. > > Based on a linear-address organization, LASS partitions 64-bit linear > address space into two halves, user-mode address (LA[bit 63]=0) and > supervisor-mode address (LA[bit 63]=1). > > LASS aims to prevent any attempt to probe supervisor-mode addresses by > user mode, and likewise stop any attempt to access (if SMAP enabled) or > execute user-mode addresses from supervisor mode. > > When platform has LASS capability, KVM requires to expose this feature > to guest VM enumerated by CPUID.(EAX=07H.ECX=1):EAX.LASS[bit 6], and > allow guest to enable it via CR4.LASS[bit 27] on demand. For instruction > executed in the guest directly, hardware will perform the check. But KVM > also needs to behave same as hardware to apply LASS to kinds of guest > memory accesses when emulating instructions by software. > > KVM will take following LASS violations check on emulation path. > User-mode access to supervisor space address: > LA[bit 63] && (CPL == 3) > Supervisor-mode access to user space address: > Instruction fetch: !LA[bit 63] && (CPL < 3) > Data access: !LA[bit 63] && (CR4.SMAP==1) && ((RFLAGS.AC == 0 && > CPL < 3) || Implicit supervisor access) > > This patch series provide a LASS KVM solution and depends on kernel > enabling that can be found at > https://lore.kernel.org/all/20230609183632.48706-1-alexander.shishkin@linux.intel.com/ > > We tested the basic function of LASS virtualization including LASS > enumeration and enabling in non-root and nested environment. As KVM > unittest framework is not compatible to LASS rule, we use kernel module > and application test to emulate LASS violation instead. With KVM forced > emulation mechanism, we also verified the LASS functionality on some > emulation path with instruction fetch and data access to have same > behavior as hardware. > > How to extend kselftest to support LASS is under investigation and > experiment. > > [1] Intel ISE https://cdrdv2.intel.com/v1/dl/getContent/671368 > Chapter Linear Address Space Separation (LASS) > > ------------------------------------------------------------------------ > > v1->v2 > 1. refactor and optimize the interface of instruction emulation > by introducing new set of operation type definition prefixed with > "X86EMUL_F_" to distinguish access. > 2. reorganize the patch to make each area of KVM better isolated. > 3. refine LASS violation check design with consideration of wraparound > access across address space boundary. > > v0->v1 > 1. Adapt to new __linearize() API > 2. Function refactor of vmx_check_lass() > 3. Refine commit message to be more precise > 4. Drop LASS kvm cap detection depending > on hardware capability > > Binbin Wu (4): > KVM: x86: Consolidate flags for __linearize() > KVM: x86: Use a new flag for branch instructions > KVM: x86: Add an emulation flag for implicit system access > KVM: x86: Add X86EMUL_F_INVTLB and pass it in em_invlpg() > > Zeng Guang (4): > KVM: emulator: Add emulation of LASS violation checks on linear > address > KVM: VMX: Implement and apply vmx_is_lass_violation() for LASS > protection > KVM: x86: Virtualize CR4.LASS > KVM: x86: Advertise LASS CPUID to user space > > arch/x86/include/asm/kvm-x86-ops.h | 3 ++- > arch/x86/include/asm/kvm_host.h | 5 +++- > arch/x86/kvm/cpuid.c | 5 ++-- > arch/x86/kvm/emulate.c | 37 ++++++++++++++++++++--------- > arch/x86/kvm/kvm_emulate.h | 9 +++++++ > arch/x86/kvm/vmx/nested.c | 3 ++- > arch/x86/kvm/vmx/sgx.c | 4 ++++ > arch/x86/kvm/vmx/vmx.c | 38 ++++++++++++++++++++++++++++++ > arch/x86/kvm/vmx/vmx.h | 3 +++ > arch/x86/kvm/x86.c | 10 ++++++++ > arch/x86/kvm/x86.h | 2 ++ > 11 files changed, 102 insertions(+), 17 deletions(-) >
On July 18, 2023 6:18:36 AM PDT, Zeng Guang <guang.zeng@intel.com> wrote: >Linear Address Space Separation (LASS)[1] is a new mechanism that >enforces the same mode-based protections as paging, i.e. SMAP/SMEP >but without traversing the paging structures. Because the protections >enforced by LASS are applied before paging, "probes" by malicious >software will provide no paging-based timing information. > >Based on a linear-address organization, LASS partitions 64-bit linear >address space into two halves, user-mode address (LA[bit 63]=0) and >supervisor-mode address (LA[bit 63]=1). > >LASS aims to prevent any attempt to probe supervisor-mode addresses by >user mode, and likewise stop any attempt to access (if SMAP enabled) or >execute user-mode addresses from supervisor mode. > >When platform has LASS capability, KVM requires to expose this feature >to guest VM enumerated by CPUID.(EAX=07H.ECX=1):EAX.LASS[bit 6], and >allow guest to enable it via CR4.LASS[bit 27] on demand. For instruction >executed in the guest directly, hardware will perform the check. But KVM >also needs to behave same as hardware to apply LASS to kinds of guest >memory accesses when emulating instructions by software. > >KVM will take following LASS violations check on emulation path. >User-mode access to supervisor space address: > LA[bit 63] && (CPL == 3) >Supervisor-mode access to user space address: > Instruction fetch: !LA[bit 63] && (CPL < 3) > Data access: !LA[bit 63] && (CR4.SMAP==1) && ((RFLAGS.AC == 0 && > CPL < 3) || Implicit supervisor access) > >This patch series provide a LASS KVM solution and depends on kernel >enabling that can be found at >https://lore.kernel.org/all/20230609183632.48706-1-alexander.shishkin@linux.intel.com/ > >We tested the basic function of LASS virtualization including LASS >enumeration and enabling in non-root and nested environment. As KVM >unittest framework is not compatible to LASS rule, we use kernel module >and application test to emulate LASS violation instead. With KVM forced >emulation mechanism, we also verified the LASS functionality on some >emulation path with instruction fetch and data access to have same >behavior as hardware. > >How to extend kselftest to support LASS is under investigation and >experiment. > >[1] Intel ISE https://cdrdv2.intel.com/v1/dl/getContent/671368 >Chapter Linear Address Space Separation (LASS) > >------------------------------------------------------------------------ > >v1->v2 >1. refactor and optimize the interface of instruction emulation > by introducing new set of operation type definition prefixed with > "X86EMUL_F_" to distinguish access. >2. reorganize the patch to make each area of KVM better isolated. >3. refine LASS violation check design with consideration of wraparound > access across address space boundary. > >v0->v1 >1. Adapt to new __linearize() API >2. Function refactor of vmx_check_lass() >3. Refine commit message to be more precise >4. Drop LASS kvm cap detection depending > on hardware capability > >Binbin Wu (4): > KVM: x86: Consolidate flags for __linearize() > KVM: x86: Use a new flag for branch instructions > KVM: x86: Add an emulation flag for implicit system access > KVM: x86: Add X86EMUL_F_INVTLB and pass it in em_invlpg() > >Zeng Guang (4): > KVM: emulator: Add emulation of LASS violation checks on linear > address > KVM: VMX: Implement and apply vmx_is_lass_violation() for LASS > protection > KVM: x86: Virtualize CR4.LASS > KVM: x86: Advertise LASS CPUID to user space > > arch/x86/include/asm/kvm-x86-ops.h | 3 ++- > arch/x86/include/asm/kvm_host.h | 5 +++- > arch/x86/kvm/cpuid.c | 5 ++-- > arch/x86/kvm/emulate.c | 37 ++++++++++++++++++++--------- > arch/x86/kvm/kvm_emulate.h | 9 +++++++ > arch/x86/kvm/vmx/nested.c | 3 ++- > arch/x86/kvm/vmx/sgx.c | 4 ++++ > arch/x86/kvm/vmx/vmx.c | 38 ++++++++++++++++++++++++++++++ > arch/x86/kvm/vmx/vmx.h | 3 +++ > arch/x86/kvm/x86.c | 10 ++++++++ > arch/x86/kvm/x86.h | 2 ++ > 11 files changed, 102 insertions(+), 17 deletions(-) > Equating this with SMEP/SMAP is backwards. LASS is something completely different: it makes it so *user space accesses* cannot even walk the kernel page tables (specifically, the negative half of the linear address space.) Such an access with immediately #PF: it is similar to always having U=0 in the uppermost level of the page tables, except with LASS enabled the CPU will not even touch the page tables in memory.
On 7/20/2023 9:59 AM, H. Peter Anvin wrote: > On July 18, 2023 6:18:36 AM PDT, Zeng Guang <guang.zeng@intel.com> wrote: >> Linear Address Space Separation (LASS)[1] is a new mechanism that >> enforces the same mode-based protections as paging, i.e. SMAP/SMEP >> but without traversing the paging structures. Because the protections >> enforced by LASS are applied before paging, "probes" by malicious >> software will provide no paging-based timing information. >> >> Based on a linear-address organization, LASS partitions 64-bit linear >> address space into two halves, user-mode address (LA[bit 63]=0) and >> supervisor-mode address (LA[bit 63]=1). >> >> LASS aims to prevent any attempt to probe supervisor-mode addresses by >> user mode, and likewise stop any attempt to access (if SMAP enabled) or >> execute user-mode addresses from supervisor mode. >> >> When platform has LASS capability, KVM requires to expose this feature >> to guest VM enumerated by CPUID.(EAX=07H.ECX=1):EAX.LASS[bit 6], and >> allow guest to enable it via CR4.LASS[bit 27] on demand. For instruction >> executed in the guest directly, hardware will perform the check. But KVM >> also needs to behave same as hardware to apply LASS to kinds of guest >> memory accesses when emulating instructions by software. >> >> KVM will take following LASS violations check on emulation path. >> User-mode access to supervisor space address: >> LA[bit 63] && (CPL == 3) >> Supervisor-mode access to user space address: >> Instruction fetch: !LA[bit 63] && (CPL < 3) >> Data access: !LA[bit 63] && (CR4.SMAP==1) && ((RFLAGS.AC == 0 && >> CPL < 3) || Implicit supervisor access) >> >> This patch series provide a LASS KVM solution and depends on kernel >> enabling that can be found at >> https://lore.kernel.org/all/20230609183632.48706-1-alexander.shishkin@linux.intel.com/ >> >> We tested the basic function of LASS virtualization including LASS >> enumeration and enabling in non-root and nested environment. As KVM >> unittest framework is not compatible to LASS rule, we use kernel module >> and application test to emulate LASS violation instead. With KVM forced >> emulation mechanism, we also verified the LASS functionality on some >> emulation path with instruction fetch and data access to have same >> behavior as hardware. >> >> How to extend kselftest to support LASS is under investigation and >> experiment. >> >> [1] Intel ISE https://cdrdv2.intel.com/v1/dl/getContent/671368 >> Chapter Linear Address Space Separation (LASS) >> >> ------------------------------------------------------------------------ >> >> v1->v2 >> 1. refactor and optimize the interface of instruction emulation >> by introducing new set of operation type definition prefixed with >> "X86EMUL_F_" to distinguish access. >> 2. reorganize the patch to make each area of KVM better isolated. >> 3. refine LASS violation check design with consideration of wraparound >> access across address space boundary. >> >> v0->v1 >> 1. Adapt to new __linearize() API >> 2. Function refactor of vmx_check_lass() >> 3. Refine commit message to be more precise >> 4. Drop LASS kvm cap detection depending >> on hardware capability >> >> Binbin Wu (4): >> KVM: x86: Consolidate flags for __linearize() >> KVM: x86: Use a new flag for branch instructions >> KVM: x86: Add an emulation flag for implicit system access >> KVM: x86: Add X86EMUL_F_INVTLB and pass it in em_invlpg() >> >> Zeng Guang (4): >> KVM: emulator: Add emulation of LASS violation checks on linear >> address >> KVM: VMX: Implement and apply vmx_is_lass_violation() for LASS >> protection >> KVM: x86: Virtualize CR4.LASS >> KVM: x86: Advertise LASS CPUID to user space >> >> arch/x86/include/asm/kvm-x86-ops.h | 3 ++- >> arch/x86/include/asm/kvm_host.h | 5 +++- >> arch/x86/kvm/cpuid.c | 5 ++-- >> arch/x86/kvm/emulate.c | 37 ++++++++++++++++++++--------- >> arch/x86/kvm/kvm_emulate.h | 9 +++++++ >> arch/x86/kvm/vmx/nested.c | 3 ++- >> arch/x86/kvm/vmx/sgx.c | 4 ++++ >> arch/x86/kvm/vmx/vmx.c | 38 ++++++++++++++++++++++++++++++ >> arch/x86/kvm/vmx/vmx.h | 3 +++ >> arch/x86/kvm/x86.c | 10 ++++++++ >> arch/x86/kvm/x86.h | 2 ++ >> 11 files changed, 102 insertions(+), 17 deletions(-) >> > Equating this with SMEP/SMAP is backwards. > > LASS is something completely different: it makes it so *user space accesses* cannot even walk the kernel page tables (specifically, the negative half of the linear address space.) > > Such an access with immediately #PF: it is similar to always having U=0 in the uppermost level of the page tables, except with LASS enabled the CPU will not even touch the page tables in memory. Right. LASS provide a more stricter protect mode without touching/walk page table than paging. The difference is that LASS will generate #GP or #SS exception whenever it detects any violation other than page fault.
On August 17, 2023 12:32:44 AM PDT, Zeng Guang <guang.zeng@intel.com> wrote: > >On 7/20/2023 9:59 AM, H. Peter Anvin wrote: >> On July 18, 2023 6:18:36 AM PDT, Zeng Guang <guang.zeng@intel.com> wrote: >>> Linear Address Space Separation (LASS)[1] is a new mechanism that >>> enforces the same mode-based protections as paging, i.e. SMAP/SMEP >>> but without traversing the paging structures. Because the protections >>> enforced by LASS are applied before paging, "probes" by malicious >>> software will provide no paging-based timing information. >>> >>> Based on a linear-address organization, LASS partitions 64-bit linear >>> address space into two halves, user-mode address (LA[bit 63]=0) and >>> supervisor-mode address (LA[bit 63]=1). >>> >>> LASS aims to prevent any attempt to probe supervisor-mode addresses by >>> user mode, and likewise stop any attempt to access (if SMAP enabled) or >>> execute user-mode addresses from supervisor mode. >>> >>> When platform has LASS capability, KVM requires to expose this feature >>> to guest VM enumerated by CPUID.(EAX=07H.ECX=1):EAX.LASS[bit 6], and >>> allow guest to enable it via CR4.LASS[bit 27] on demand. For instruction >>> executed in the guest directly, hardware will perform the check. But KVM >>> also needs to behave same as hardware to apply LASS to kinds of guest >>> memory accesses when emulating instructions by software. >>> >>> KVM will take following LASS violations check on emulation path. >>> User-mode access to supervisor space address: >>> LA[bit 63] && (CPL == 3) >>> Supervisor-mode access to user space address: >>> Instruction fetch: !LA[bit 63] && (CPL < 3) >>> Data access: !LA[bit 63] && (CR4.SMAP==1) && ((RFLAGS.AC == 0 && >>> CPL < 3) || Implicit supervisor access) >>> >>> This patch series provide a LASS KVM solution and depends on kernel >>> enabling that can be found at >>> https://lore.kernel.org/all/20230609183632.48706-1-alexander.shishkin@linux.intel.com/ >>> >>> We tested the basic function of LASS virtualization including LASS >>> enumeration and enabling in non-root and nested environment. As KVM >>> unittest framework is not compatible to LASS rule, we use kernel module >>> and application test to emulate LASS violation instead. With KVM forced >>> emulation mechanism, we also verified the LASS functionality on some >>> emulation path with instruction fetch and data access to have same >>> behavior as hardware. >>> >>> How to extend kselftest to support LASS is under investigation and >>> experiment. >>> >>> [1] Intel ISE https://cdrdv2.intel.com/v1/dl/getContent/671368 >>> Chapter Linear Address Space Separation (LASS) >>> >>> ------------------------------------------------------------------------ >>> >>> v1->v2 >>> 1. refactor and optimize the interface of instruction emulation >>> by introducing new set of operation type definition prefixed with >>> "X86EMUL_F_" to distinguish access. >>> 2. reorganize the patch to make each area of KVM better isolated. >>> 3. refine LASS violation check design with consideration of wraparound >>> access across address space boundary. >>> >>> v0->v1 >>> 1. Adapt to new __linearize() API >>> 2. Function refactor of vmx_check_lass() >>> 3. Refine commit message to be more precise >>> 4. Drop LASS kvm cap detection depending >>> on hardware capability >>> >>> Binbin Wu (4): >>> KVM: x86: Consolidate flags for __linearize() >>> KVM: x86: Use a new flag for branch instructions >>> KVM: x86: Add an emulation flag for implicit system access >>> KVM: x86: Add X86EMUL_F_INVTLB and pass it in em_invlpg() >>> >>> Zeng Guang (4): >>> KVM: emulator: Add emulation of LASS violation checks on linear >>> address >>> KVM: VMX: Implement and apply vmx_is_lass_violation() for LASS >>> protection >>> KVM: x86: Virtualize CR4.LASS >>> KVM: x86: Advertise LASS CPUID to user space >>> >>> arch/x86/include/asm/kvm-x86-ops.h | 3 ++- >>> arch/x86/include/asm/kvm_host.h | 5 +++- >>> arch/x86/kvm/cpuid.c | 5 ++-- >>> arch/x86/kvm/emulate.c | 37 ++++++++++++++++++++--------- >>> arch/x86/kvm/kvm_emulate.h | 9 +++++++ >>> arch/x86/kvm/vmx/nested.c | 3 ++- >>> arch/x86/kvm/vmx/sgx.c | 4 ++++ >>> arch/x86/kvm/vmx/vmx.c | 38 ++++++++++++++++++++++++++++++ >>> arch/x86/kvm/vmx/vmx.h | 3 +++ >>> arch/x86/kvm/x86.c | 10 ++++++++ >>> arch/x86/kvm/x86.h | 2 ++ >>> 11 files changed, 102 insertions(+), 17 deletions(-) >>> >> Equating this with SMEP/SMAP is backwards. >> >> LASS is something completely different: it makes it so *user space accesses* cannot even walk the kernel page tables (specifically, the negative half of the linear address space.) >> >> Such an access with immediately #PF: it is similar to always having U=0 in the uppermost level of the page tables, except with LASS enabled the CPU will not even touch the page tables in memory. >Right. LASS provide a more stricter protect mode without touching/walk page table than paging. >The difference is that LASS will generate #GP or #SS exception whenever it detects any violation >other than page fault. > Ok, that's a minor detail. Perhaps a better way to describe LASS is that "negative addresses are no longer canonical for user access."