Difference between revisions of "Power ISA/Privilege States"

From RCS Wiki
Jump to navigation Jump to search
(Link w/ local copy of PDF full-text copy)
(→‎Ultravisor State: add link to IBM talk about Ultravisor/PEX)
Line 8: Line 8:
  
 
A report from IBM for the Air Force Research Laboratory indicates that the Ultravisor State was tested in a modified [[POWER8|POWER8]] processor simulation.<ref>[[File:AFRL-RI-RS-TR-2017-021.pdf|HARDWARE SUPPORT FOR MALWARE DEFENSE AND END-TO-END TRUST]]. IBM. 2017-02</ref>
 
A report from IBM for the Air Force Research Laboratory indicates that the Ultravisor State was tested in a modified [[POWER8|POWER8]] processor simulation.<ref>[[File:AFRL-RI-RS-TR-2017-021.pdf|HARDWARE SUPPORT FOR MALWARE DEFENSE AND END-TO-END TRUST]]. IBM. 2017-02</ref>
 +
 +
In October 2018, IBM gave a [https://www.youtube.com/watch?v=9ixMd9wwRrs talk about Ultravisor/Protected Execution Facility] at the Linux Security Summit.
  
 
2018-11-08 - IBM published an article about Protected Computing using the Ultravisor state at https://developer.ibm.com/articles/l-support-protected-computing/
 
2018-11-08 - IBM published an article about Protected Computing using the Ultravisor state at https://developer.ibm.com/articles/l-support-protected-computing/

Revision as of 16:09, 7 August 2019

States

Ultravisor State

At the moment very little information exists about the Ultravisor State. It is not mentioned in Power ISA version 2.07 documents at all, and version 3.0B only mentions it as a possible privilege of instructions. There is no official documentation of a UV - Ultravisor State Machine State Register bit, although some source code does reference its existence.[1]

Skiboot documentation mentions this as one of "the four rings".[2]

A report from IBM for the Air Force Research Laboratory indicates that the Ultravisor State was tested in a modified POWER8 processor simulation.[3]

In October 2018, IBM gave a talk about Ultravisor/Protected Execution Facility at the Linux Security Summit.

2018-11-08 - IBM published an article about Protected Computing using the Ultravisor state at https://developer.ibm.com/articles/l-support-protected-computing/

POWER9

IBM has confirmed to Raptor in direct messaging that the ultravisor state does not exist in POWER9, despite some material continuing to reference it. This information was also made public on Twitter.[4]

On March 22, 2018, a paper[5] was published on IBM developerWorks, explaining the reasoning for and the future use of the Ultravisor State.

Hypervisor State

Hypervisor State is indicated by the HV (bit 3) of the Machine State Register, and is normally used by a hypervisor. An operating system running without a hypervisor can run in Hypervisor State, with its userland in Problem State and avoid using Privileged State altogether.

Hypervisor State was introduced in POWER4, although for some time it was not included in documentation, appearing only as a reserved bit in the Machine State Register.[6]

Privileged State

Privileged State, also called Supervisor Mode, is normally used by an operating system running on top of a hypervisor.

Problem State

Problem State, also called User Mode, is indicated by the PR (bit 49) of the Machine State Register.

Instruction Classification

Privilege Classification of Instructions in Power ISA
Code 2.07 3.0B Description
P Yes Yes a privileged instruction.
O Yes Yes an instruction that is treated as privileged or nonprivileged (or hypervisor, for mtspr), depend-

ing on the SPR or PMR number.

PI No Yes an instruction that is illegal in privileged state.
H Yes Yes an instruction that can be executed only in hypervisor state
PH Yes No a hypervisor privileged instruction if Category Embedded.Hypervisor is implemented; otherwise

denotes a privileged instruction.

M Yes No an instruction that is treated as privileged or nonprivileged, depending on the value of the UCLE

bit in the MSR

U No Yes an instruction that can be executed only in ultravisor state

Ultravisor-related Patents, Patent Applications and Official Documentation

References

  1. https://patchwork.ozlabs.org/patch/719952/
  2. P9 XIVE Exploitation > I - Device-tree updates "reg property contains the addresses & sizes for the register ranges corresponding respectively to the 4 rings: Ultravisor level, Hypervisor level, Guest OS level, User level"
  3. File:AFRL-RI-RS-TR-2017-021.pdf. IBM. 2017-02
  4. Lynn, Justin. tweet
  5. Guerney D. H. Hunt, Richard (Rick) H. Boivie, Elaine Rivette Palmer, Dimitrios Pendarakis https://www.ibm.com/developerworks/library/l-support-protected-computing/ Supporting protected computing on IBM Power Architecture
  6. Kerr, Jeremy. OpenPOWER: building an open-source software stack from bare metal (video). Linux.conf.au 2015