Re: [open-vm-tools-devel] FW: Using iopl() in Posix guests

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Adar Dembo wrote:

> I'm playing around with guestd in QEMU and I've noticed that iopl/ioperm
> 
> aren't used by anything before doing PIO operations.
> 
> I figure this works in VMware b/c you guys are intercepting the backdoor
> io port regardless of CPL/IOPL.  While this is useful for OSes like 
> Windows that have no way to change iopl, it would be nice on Posix 
> platforms if you did actually use iopl appropriately.
> 
> It's a whole lot easier to just take a vmexit for PIO than it is to 
> intercept #gp and try to decode whether it was caused by a ring 3 PIO 
> instruction.

Hello Anthony,
   there are two reasons why we allow backdoor port to be accessed from 
CPL3:

(1) We want to be able to access it even from non-suid applications - 
for example copy/paste daemon runs under normal user account, and so it 
cannot do iopl(3).

(2) When not running in hardware assisted mode binary translation (or 
simulation) has to be used for CPL3 level code, which causes huge 
performance impact.

If it is problem for qemu then perhaps creating kernel module to provide 
access to backdoor is simplest way to address problem, and it will be 
compatible with all VMware products as well.  Only restriction is that 
some of our backdoors are accessible to CPL0 code only already, so 
driver just cannot blindly issue backdoor call with registers it 
received from userspace, but that should not be complicated thing to 
address.

For future products we want to use VMCI, which comes with regular kernel 
driver, and userspace library which can be accessed without IOPL 
elevation or any tricks in the emulation (well, except that it still 
does not use regular I/O instructions).  Unfortunately latest released 
product (WS6) does not provide any interesting service over VMCI, and 
VMCI even did not make into this opensource release (you can take a look 
at WS6, but that one is *not* GPLed).

You can add 'monitor_control.restrict_backdoor = "TRUE"' to VM's 
configuration file when using VMware, and then you should observe 
exactly same behavior you see with QEMU - guestd and everybody else 
crashing.
					Best regards,
						Petr Vandrovec