Hi people of OSDev,
for my thesis I am trying to run a program (process) in ring0 in a virtual environment (qemu + kvm). The reason I am trying to do this is to eliminate the system call from the process to the guest and only have the overhead of the hypercall from the guest os to the host os. My first question is actually if I use an initramfs and the init process of this initramfs is it executed in ring0 or ring3? The cpu registers from the guest indicates an CPL=0, but I read this is actually executed in ring3?
If it is not excuted in ring0, what's the efficient way to execute a single program in ring0 so in kernel mode?
Process in ring0 in virtual machine
-
Combuster
- Member
- Posts: 9301
- Joined: Wed Oct 18, 2006 3:45 am
- Libera.chat IRC: [com]buster
- Location: On the balcony, where I can actually keep 1½m distance
- Contact:
Re: Process in ring0 in virtual machine
Privileged code in the guest is unprivileged code in the host. You're likely to see the CPL=0 when the hypervisor itself is running in CPL=3. Also, all non-kernel software running in the guest runs in ring 3, yet all the regular methods that invoke the hypervisior are usually limited to actions performed in ring 0.
If you are just going to observe the time to invoke the hypervisor, any ring transitions within the hypervisor and all communications the hypervisor makes with the host operating system accounts for that time. Basically, you have little more to do than to perform for example an IN instruction where you're allowed to, and measure the time it takes. The direct addressing of hardware forces the hypervisor to generate an answer and thus implies that a transition is made. Since software does not normally addresses hardware directly, only the linux kernel will be the actual source of hypervisor interaction, and any timing measurements you want to make must therefore be done there, or you must allow ring 3 code to do something that invokes the hypervisor directly (I/O permissions are a good start for options)
If you are just going to observe the time to invoke the hypervisor, any ring transitions within the hypervisor and all communications the hypervisor makes with the host operating system accounts for that time. Basically, you have little more to do than to perform for example an IN instruction where you're allowed to, and measure the time it takes. The direct addressing of hardware forces the hypervisor to generate an answer and thus implies that a transition is made. Since software does not normally addresses hardware directly, only the linux kernel will be the actual source of hypervisor interaction, and any timing measurements you want to make must therefore be done there, or you must allow ring 3 code to do something that invokes the hypervisor directly (I/O permissions are a good start for options)
Re: Process in ring0 in virtual machine
Yes, I know. For now I am just wondering about how to run a program with full privileges in the kernel. Is it possible to load it with an initramfs? Or is that an user mode process? Or are there any other modifications I have to make to the kernel?
Re: Process in ring0 in virtual machine
Yeah sorry, maybe I wasn't that clear. I want to run a program with full privileges in kernel. I know initramfs isn't a process, but can you compile a program in a way so you can stuff for example as the init exec of the initramfs and run it with full privileges. As I understand it the init process is the first user mode process so it runs in ringlevel3.
-
Combuster
- Member
- Posts: 9301
- Joined: Wed Oct 18, 2006 3:45 am
- Libera.chat IRC: [com]buster
- Location: On the balcony, where I can actually keep 1½m distance
- Contact:
Re: Process in ring0 in virtual machine
Since I'm guessing you haven't told us that you are using linux, write a driver instead of a regular program.
Otherwise, write a driver
Otherwise, write a driver