1. 25 Oct, 2016 40 commits
    • Charlie Jacobsen's avatar
      Basic lcd module create, run, and destroy. · e0193fa4
      Charlie Jacobsen authored
      This code is ugly, but it's working.
      Tested with basic module, and appears to be working
      properly. I will soon incorporate the patched
      modprobe into the kernel tree, and then this code
      will be usable by everyone.
      The ipc code is still unimplemented. The only
      hypercall handled is yield. Also note that other
      exit conditions (e.g. external interrupt) have not
      been fully tested.
      -- kernel code calls lcd_create_as_module with
         the module's name
      -- lcd_create_as_module loads the module using
         request_lcd_module (request_lcd_module calls
         the patched modprobe to load the module, and
         the patched modprobe calls back into the lcd
         driver via the ioctrl interface to load the
      -- lcd_create_as_module then finds the loaded
         module, spawns a kernel thread and passes off
         the module to it
      -- the kernel thread initializes the lcd and
         maps the module inside it, then suspends itself
      -- lcd_run_as_module wakes up the kernel thread
         and tells it to run
      -- lcd_delete_as_module stops the kernel thread
         and deletes the module from the host kernel
      File-by-file details:
      -- lcd was not running in 64-bit mode, and my
         checks had one subtle bug
      -- fixed %cr3 load to properly load vmcs first
      -- fixed set program counter to use guest virtual
         rather than guest physical address
      -- added struct lcd to task_struct
      -- lcd pointer set to null when task_struct is
      -- made init_module and delete_module system calls
         callable from kernel code
      -- available in module.h via do_sys_init_module and
      -- simply moved the majority of the guts of the
         system calls into a non-system call, exported
      -- take an extra flag, for_lcd; when set, the init
         code skips over running (and deallocating) the
         module's init code, and the delete code skips
         over running the module exit
      -- system calls from user code set for_lcd = 0; this
         ensures existing code still works
      -- changed __request_module to __do_request_module; takes
         one extra argument, for_lcd
      -- __request_module   ==>  __do_request_module with for_lcd = 0
      -- request_lcd_module ==>  __do_request_module with for_lcd = 1
      -- call_modprobe conditionally uses lcd_modprobe_path, the path
         to a patched modprobe accessible via sysfs
      -- added lcd status enum; see source code doc
      -- three routines for creating/running/destroying
         lcd's that use modules; see source code doc
      -- added interface defns for patched modprobe to call into
         lcd driver for module init; lcd driver loads
         module (via slightly refactored module.c code) on behalf
         of modprobe
      -- implementation of routines for modules inside lcd's
      -- implementation of module init / delete for lcd's
         (uses patched module.c code)
      -- added test module for lcd module code
      -- test runs automatically when lcd module is inserted
    • Charles Jacobsen's avatar
      Simple blob successfully runs and returns in vmx. · c4fc774c
      Charles Jacobsen authored
      In the process of debugging, major corrections and
      debug checks implemented (this is a big squash):
      -- coded up entry checks documented in Intel SDM
         V3 chp 26 (this should help later if settings
         are changed, make it less risky to experiment
         and give more confidence)
      -- fixed host tr base addr bug (the worst bug! caused
         system to hang and then crash, since the tss
         was erroneous...)
      -- fixed vmx_entry to properly set host rsp before
      -- setting host sysenter and idt info
      -- fixed cs ar bytes bug
      -- fixed gdt limit bug
      -- fixed tr type bug
      -- extra settings added to cr0 and cr4, but may
         not be needed ... (debug fix attempt)
      -- lstar mstar autoload, may not be needed ...
         (debug fix attempt)
    • Charles Jacobsen's avatar
      Fixed build errors, all tests passing. · 78569fe2
      Charles Jacobsen authored
      Fixed (another) nasty casting bug in the
      code that initializes the ept pointer. I
      was using the old way of casting, and overlooking
      that I was storing a host virtual pointer
      inside a host physical pointer. This caused
      invept to fail (invept checks if the eptp is
      I also fixed invept and invvpid to print an
      error message (like vmload and vmclear), rather
      than generate an invalid opcode exception. It's
      easier to debug and understand the problem.
      In the future, we could more carefully parse the
      error returned.
    • Charles Jacobsen's avatar
      Minor build bug fixes. · f9875eab
      Charles Jacobsen authored
      (Sorry for the barrage of pushes, but I want
      to make sure I push changes in case I crash
      the machine...)
    • Charlie Jacobsen's avatar
      Added gv unmap. · 138646b2
      Charlie Jacobsen authored
    • Charles Jacobsen's avatar
      Most build errors fixed. · e6442a9d
      Charles Jacobsen authored
    • Charlie Jacobsen's avatar
    • Charlie Jacobsen's avatar
    • Charles Jacobsen's avatar
      Guest virtual paging now appears to be working. · bdc65df6
      Charles Jacobsen authored
      Nasty casting bug. (I should create separate
      types for gpa, hpa, hva, gva...).
    • Charles Jacobsen's avatar
      Debugging pud lookup. · a00b76d8
      Charles Jacobsen authored
    • Charles Jacobsen's avatar
    • Charles Jacobsen's avatar
      Fixed bad gv bug. · 3eecbe75
      Charles Jacobsen authored
      Wasn't setting paging entry var when
      allocating memory for a paging structure.
    • Charles Jacobsen's avatar
    • Charlie Jacobsen's avatar
      Shifted gpa map / unmap range to arch-dep code. · f9b52a46
      Charlie Jacobsen authored
      Updated tests.
    • Charles Jacobsen's avatar
      Minor stylistic changes. · d12f83e3
      Charles Jacobsen authored
    • Charlie Jacobsen's avatar
      Fixed gv destroy bugs. · bb33e956
      Charlie Jacobsen authored
    • Charles Jacobsen's avatar
      Fixed some bugs related to test 6,7. · e29685aa
      Charles Jacobsen authored
    • Charlie Jacobsen's avatar
      Simple high-level test for gv paging. · 32f96272
      Charlie Jacobsen authored
    • Charles Jacobsen's avatar
      Test 04 now passing. · f5ea240c
      Charles Jacobsen authored
      I needed to mask off the flags in the lower part
      of the pte ...
    • Charles Jacobsen's avatar
    • Charles Jacobsen's avatar
      Fixed paging mem alloc to map in ept. · 71ecd50c
      Charles Jacobsen authored
    • Charlie Jacobsen's avatar
      Added a stress test for guest virtual. · 64bf35a5
      Charlie Jacobsen authored
    • Charles Jacobsen's avatar
      Small bug in lcd_create. · c6783d13
      Charles Jacobsen authored
      Was falling through fail labels.
    • Charlie Jacobsen's avatar
    • Charles Jacobsen's avatar
    • Charlie Jacobsen's avatar
      Guest virtual destroy code in place (untested). · 286445db
      Charlie Jacobsen authored
      Each step in the deallocation requires resolving
      a guest physical address to a host virtual
      address, unmapping the paging structure in the
      lcd's ept, and freeing the host physical memory.
    • Charlie Jacobsen's avatar
    • Charlie Jacobsen's avatar
      Most guest virtual paging code in place (untested). · fa756550
      Charlie Jacobsen authored
      This was tricky. Unfortunately, since guest physical
      addresses are wrapped in the paging entries, we can't
      use some of the linux macros / routines (e.g.,
      pud_offset). This would allow us to benefit from pud-
      and pmd-folding, making the code more portable. Perhaps
      we'll think of something later...
      The code will only work on a linux with 4 paging levels
      (pgd, pud, pmd, page table). lcd_mm_gva_walk is the
      main routine that traverses the hierarchy. Each subroutine
      translates a paging structures guest physical to host
      virtual address, and gets the correct entry.
      A simple watermark is used (rather than a bitmap) for
      allocating guest physical memory.
    • Charlie Jacobsen's avatar
      More graceful teardown (unmapping, freeing) on failure. · caf6c122
      Charlie Jacobsen authored
      Guest physical unmapping code.
      Guest virtual tear down to be implemented soon.
    • Charlie Jacobsen's avatar
      Simple explicit tss, gdt, and stack tear down. · fa05c7bf
      Charlie Jacobsen authored
      (Code before relied on free ept to free memory. But
      this could be confusing and hard to debug in the future...)
    • Charlie Jacobsen's avatar
      More work on blob initialization. · 33d999d6
      Charlie Jacobsen authored
      -- Fixed program counter and stack pointer initialization
      -- Added guest virtual paging pointer modifier routine
      -- Added the minimum amount of data for guest virtual paging
      -- Added general routines for lcd create / destroy.
      -- Moved mm code to this file (to avoid future name clashes and
         be more self contained ... is this why kernel source files are
         so big?)
      -- Added general routine for initializing an lcd's gva.
      -- Re-factored blob initialization to use mm routines. Documented
         memory layout in the source code.
      Problem: I'm relying heavily on the ept tear down to free any
      memory mapped in there. But this is getting ugly ... Next step:
      Write quick routines to properly unmap and explicitly free memory.
    • Charles Jacobsen's avatar
      Fixed braindead bugs in blob-run and lcd-domains. · 47542161
      Charles Jacobsen authored
      Removed map-anon from mmap, and set proper size for
      copy from user in lcd-domains.c.
    • Charles Jacobsen's avatar
      Debugging blob run. · d571b4c2
      Charles Jacobsen authored
      No build errors.
    • Charles Jacobsen's avatar
    • Charlie Jacobsen's avatar
      Driver code and interface for loading a blob in an lcd (untested). · f0735fd0
      Charlie Jacobsen authored
      User code calls ioctl with LCD_RUN_BLOB ioctl number and
      lcd_blob_info (containing userspace address of blob and
      blob order) -- defined in public include/linux/lcd-domains.h.
      The blob must be N pages, and N must be a power of 2 (for
      easy driver code). blob_order = log2(N). The blob consists
      of machine instructions that are loaded in the lcd and
      executed. The machine instructions cannot access any memory,
      including the stack (for now, until gv paging is in place).
      -- Added lcd_arch_set_pc for setting the lcd's program counter.
      -- Added driver code in lcd-domains.c for handling the ioctl
         request, loading the blob from user space into a fresh lcd,
         and running the lcd (in a loop).
    • Charlie Jacobsen's avatar
      Simple renaming lcd => lcd-domains. · f34be85a
      Charlie Jacobsen authored
      Updated Kbuild, Kconfig, Makefiles.
    • Charles Jacobsen's avatar
    • Charlie Jacobsen's avatar
      Starting code for IPC registers and access. · e51d81aa
      Charlie Jacobsen authored
      Set up new header files, under include/lcd-domains/
      -- lcd-domains.h: main include, contains struct lcd
      -- ipc.h: struct lcd_ipc_regs, for message registers
      Updated virt/lcd/lcd-domains.c to use new headers.
      Updated arch-dep code to use new struct lcd_ipc_regs.
      struct lcd_arch contains a pointer to the allocated
      page for stack / ipc registers. struct lcd (arch-indep)
      contains a pointer to the same memory (so that the
      arch-indep code can access the ipc regs directly if
      it wishes).
      Message registers should be accessed through arch-dep
      macros (to be implemented next) for portability and
      speed (some of the message registers will be
      implemented using machine regs, so the message registers
      in struct lcd_ipc_regs are `shadows').
      Message register design based on seL4. See seL4 manual,
    • Charlie Jacobsen's avatar
      Simple re-naming to arch-agnostic names for arch-dep interface. · c8a88195
      Charlie Jacobsen authored
      -- Moved some vmx-specific data structures into implementation file.
      -- lcd_vmx_* => lcd_arch_*
      -- updated virt/lcd/lcd-domains.c
    • Charles Jacobsen's avatar
      Finished tweaking build setup (will test modprobe next). · cfee63b6
      Charles Jacobsen authored
      Some simple renaming
      -- LCD => LCD_DOMAINS
      -- core.c => lcd-domains.c
      -- new LCD_VMX_INTEL configuration
      Adjusted virt/lcd/Kconfig to reflect LCD_DOMAINS dependency
      on LCD_VMX_INTEL.