Difference between revisions of "Power ISA/Privilege States"
(Link w/ local copy of PDF full-text copy) |
(→Ultravisor State: add link to IBM talk about Ultravisor/PEX) |
||
Line 8: | Line 8: | ||
A report from IBM for the Air Force Research Laboratory indicates that the Ultravisor State was tested in a modified [[POWER8|POWER8]] processor simulation.<ref>[[File:AFRL-RI-RS-TR-2017-021.pdf|HARDWARE SUPPORT FOR MALWARE DEFENSE AND END-TO-END TRUST]]. IBM. 2017-02</ref> | A report from IBM for the Air Force Research Laboratory indicates that the Ultravisor State was tested in a modified [[POWER8|POWER8]] processor simulation.<ref>[[File:AFRL-RI-RS-TR-2017-021.pdf|HARDWARE SUPPORT FOR MALWARE DEFENSE AND END-TO-END TRUST]]. IBM. 2017-02</ref> | ||
+ | |||
+ | In October 2018, IBM gave a [https://www.youtube.com/watch?v=9ixMd9wwRrs talk about Ultravisor/Protected Execution Facility] at the Linux Security Summit. | ||
2018-11-08 - IBM published an article about Protected Computing using the Ultravisor state at https://developer.ibm.com/articles/l-support-protected-computing/ | 2018-11-08 - IBM published an article about Protected Computing using the Ultravisor state at https://developer.ibm.com/articles/l-support-protected-computing/ |
Revision as of 16:09, 7 August 2019
Contents
States
Ultravisor State
At the moment very little information exists about the Ultravisor State. It is not mentioned in Power ISA version 2.07 documents at all, and version 3.0B only mentions it as a possible privilege of instructions. There is no official documentation of a UV - Ultravisor State Machine State Register bit, although some source code does reference its existence.[1]
Skiboot documentation mentions this as one of "the four rings".[2]
A report from IBM for the Air Force Research Laboratory indicates that the Ultravisor State was tested in a modified POWER8 processor simulation.[3]
In October 2018, IBM gave a talk about Ultravisor/Protected Execution Facility at the Linux Security Summit.
2018-11-08 - IBM published an article about Protected Computing using the Ultravisor state at https://developer.ibm.com/articles/l-support-protected-computing/
POWER9
IBM has confirmed to Raptor in direct messaging that the ultravisor state does not exist in POWER9, despite some material continuing to reference it. This information was also made public on Twitter.[4]
On March 22, 2018, a paper[5] was published on IBM developerWorks, explaining the reasoning for and the future use of the Ultravisor State.
Hypervisor State
Hypervisor State is indicated by the HV (bit 3) of the Machine State Register, and is normally used by a hypervisor. An operating system running without a hypervisor can run in Hypervisor State, with its userland in Problem State and avoid using Privileged State altogether.
Hypervisor State was introduced in POWER4, although for some time it was not included in documentation, appearing only as a reserved bit in the Machine State Register.[6]
Privileged State
Privileged State, also called Supervisor Mode, is normally used by an operating system running on top of a hypervisor.
Problem State
Problem State, also called User Mode, is indicated by the PR (bit 49) of the Machine State Register.
Instruction Classification
Code | 2.07 | 3.0B | Description |
---|---|---|---|
P | Yes | Yes | a privileged instruction. |
O | Yes | Yes | an instruction that is treated as privileged or nonprivileged (or hypervisor, for mtspr), depend-
ing on the SPR or PMR number. |
PI | No | Yes | an instruction that is illegal in privileged state. |
H | Yes | Yes | an instruction that can be executed only in hypervisor state |
PH | Yes | No | a hypervisor privileged instruction if Category Embedded.Hypervisor is implemented; otherwise
denotes a privileged instruction. |
M | Yes | No | an instruction that is treated as privileged or nonprivileged, depending on the value of the UCLE
bit in the MSR |
U | No | Yes | an instruction that can be executed only in ultravisor state |
- US Patent Application 20190034666 - HARDWARE BASED ISOLATION FOR SECURE EXECUTION OF VIRTUAL MACHINES - Local Full-Text PDF w/ Illustrations: File:US020190034666A120190131-HARDWARE-BASED-ISOLATION-FOR-SECURE-EXECUTION-OF-VIRTUAL-MACHINES.pdf
- Hostboot Bootloader - Secure Memory Facility/Ultravisor Configuration References
References
- ↑ https://patchwork.ozlabs.org/patch/719952/
- ↑ P9 XIVE Exploitation > I - Device-tree updates "reg property contains the addresses & sizes for the register ranges corresponding respectively to the 4 rings: Ultravisor level, Hypervisor level, Guest OS level, User level"
- ↑ File:AFRL-RI-RS-TR-2017-021.pdf. IBM. 2017-02
- ↑ Lynn, Justin. tweet
- ↑ Guerney D. H. Hunt, Richard (Rick) H. Boivie, Elaine Rivette Palmer, Dimitrios Pendarakis https://www.ibm.com/developerworks/library/l-support-protected-computing/ Supporting protected computing on IBM Power Architecture
- ↑ Kerr, Jeremy. OpenPOWER: building an open-source software stack from bare metal (video). Linux.conf.au 2015