On 7/3/24 16:35, Tim Merrifield wrote:
> VMCALL and VMMCALL instructions are used by x86 guests to request services
> from the host VMM. Both VMCALL and VMMCALL are not restricted to CPL 0.
> This allows userspace software like open-vm-tools to communicate directly
> with the VMM.
Could we please be frank and transparent about what you actually want
here and how you expect this mechanism to be used?
...
> This patchset introduces a new x86 process control flag to address this
> concern. By setting the TIF_COCO_USER_HCALL thread information flag, the
> process opts in to user-level hypercalls.
The process, and anything it fork()s or execve()s, right?
This inheritance model seems more suited to wrapping a tiny helper app
around an existing binary, a la:
prctl(ARCH_SET_COCO_USER_HCALL);
execve("/existing/binary/that/i/surely/did/not/audit", ...);
... as opposed to something that you set in new versions of
open-vm-tools after an extensive audit and a bug fixing campaign to
clean up everything that the audit found.
