New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 908689 link

Starred by 3 users

Issue metadata

Status: Assigned
Owner:
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Feature



Sign in to add a comment

Add split-irqchip support to crosvm

Project Member Reported by mutexlox@chromium.org, Nov 27

Issue description

Some time ago, GCE engineers added support for "split-irqchip" to KVM. This allows the userspace component (e.g. QEMU) to handle device emulation for devices like the IOAPIC, PIC, and PIT. The GCE security team found that these devices were the cause of a significant number of KVM security issues.

With relatively little work, we should be able to take advantage of their changes to use userspace implementations of these devices for crosvm.

Some relevant KVM patches that we need (and should already have):
1) https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit/?id=49df6397edfc5a8ba8ca813b51fb9729d8e94b40
2) https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit/?id=7543a635aa09eb138b2cbf60ac3ff19503ae6954
3) https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit/?id=b053b2aef25d00773fa6762dcd4b7f5c9c42d171
4) https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit/?id=1c1a9ce973a7863dd46767226bce2a5f12d48bc6

 
Cc: srutherford@google.com
Further reading:
"The security state of KVM" https://lwn.net/Articles/619376/
"Performant Security Hardening" http://events17.linuxfoundation.org/sites/events/files/slides/Performant%20Security%20Hardening_0.pdf
I've just run into a bit of a speed bump here; the PIC and PIT are both PIO devices and, to the best of my knowledge (and as far as dgreid knew offhand) crosvm does not support PIO devices.
Nevermind, we do in fact support PIO devices (the serial device is one).

Sign in to add a comment