Re: [Qemu-devel] Prohibit Windows from running in QEMU
Am 04.08.2017 um 12:43 schrieb Paolo Bonzini: > On 04/08/2017 12:27, Peter Lieven wrote: >> Am 04.08.2017 um 12:23 schrieb Paolo Bonzini: >>> On 04/08/2017 11:58, Peter Lieven wrote: Am 29.10.2013 um 10:59 schrieb Paolo Bonzini: > Il 29/10/2013 10:48, Peter Lieven ha scritto: >> Hi all, >> >> this question might seem a bit weird, but does anyone see a good way to >> avoid >> that Windows is able to boot inside qemu? >> >> We have defined several profiles for different operation systems and I >> want >> to avoid that someone chooses Linux and then installs Windows within >> a VM. Reason is licensing. > Patch QEMU to crash when Hyper-V extensions are enabled... Hi all, this is an old topic that has become important for me again recently. Now all Linux versions should be able to detect KVM even if Hyper-V is enabled. But how do I detect from Qemu userspace that Hyper-V is enabled? >>> Maybe a better one: make KVM crash the guest if CR8 is nonzero on a >>> vmexit. Linux doesn't use it, Windows should not survive long. >> You mean the kvm kernel module? Or can I access this register also >> from Qemu on any call that is handled in userspace? It would be easier >> to have a cmdline option to Qemu than an option to a kernel module. > Yes, the kernel module. Accessing it in QEMU requires > cpu_synchronize_state so it's slow. However, you could piggyback on > some other functionality that is never used by Linux to do the check, > for example the RTC I/O port. > > That is, in the RTC I/O port code you call cpu_synchronize_state and > check CR8. Thanks, I will try that out and let you know. Peter
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On 04/08/2017 12:27, Peter Lieven wrote: > Am 04.08.2017 um 12:23 schrieb Paolo Bonzini: >> On 04/08/2017 11:58, Peter Lieven wrote: >>> Am 29.10.2013 um 10:59 schrieb Paolo Bonzini: Il 29/10/2013 10:48, Peter Lieven ha scritto: > Hi all, > > this question might seem a bit weird, but does anyone see a good way to > avoid > that Windows is able to boot inside qemu? > > We have defined several profiles for different operation systems and I > want > to avoid that someone chooses Linux and then installs Windows within > a VM. Reason is licensing. Patch QEMU to crash when Hyper-V extensions are enabled... >>> Hi all, >>> >>> this is an old topic that has become important for me again recently. >>> Now all Linux versions should be able to detect KVM even if Hyper-V is >>> enabled. >>> >>> But how do I detect from Qemu userspace that Hyper-V is enabled? >> Maybe a better one: make KVM crash the guest if CR8 is nonzero on a >> vmexit. Linux doesn't use it, Windows should not survive long. > > You mean the kvm kernel module? Or can I access this register also > from Qemu on any call that is handled in userspace? It would be easier > to have a cmdline option to Qemu than an option to a kernel module. Yes, the kernel module. Accessing it in QEMU requires cpu_synchronize_state so it's slow. However, you could piggyback on some other functionality that is never used by Linux to do the check, for example the RTC I/O port. That is, in the RTC I/O port code you call cpu_synchronize_state and check CR8. Paolo >> Warning, I don't know if UEFI firmware uses CR8. > > UEFI firmware is not important in this case. > Do you know if FreeBSD, OpenBSD or NetBSD use it? > > > Thank for your ideas, > Peter >
Re: [Qemu-devel] Prohibit Windows from running in QEMU
Am 04.08.2017 um 12:23 schrieb Paolo Bonzini: > On 04/08/2017 11:58, Peter Lieven wrote: >> Am 29.10.2013 um 10:59 schrieb Paolo Bonzini: >>> Il 29/10/2013 10:48, Peter Lieven ha scritto: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. >>> Patch QEMU to crash when Hyper-V extensions are enabled... >> Hi all, >> >> this is an old topic that has become important for me again recently. >> Now all Linux versions should be able to detect KVM even if Hyper-V is >> enabled. >> >> But how do I detect from Qemu userspace that Hyper-V is enabled? > Maybe a better one: make KVM crash the guest if CR8 is nonzero on a > vmexit. Linux doesn't use it, Windows should not survive long. You mean the kvm kernel module? Or can I access this register also from Qemu on any call that is handled in userspace? It would be easier to have a cmdline option to Qemu than an option to a kernel module. > Warning, I don't know if UEFI firmware uses CR8. UEFI firmware is not important in this case. Do you know if FreeBSD, OpenBSD or NetBSD use it? Thank for your ideas, Peter
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On 04/08/2017 11:58, Peter Lieven wrote: > Am 29.10.2013 um 10:59 schrieb Paolo Bonzini: >> Il 29/10/2013 10:48, Peter Lieven ha scritto: >>> Hi all, >>> >>> this question might seem a bit weird, but does anyone see a good way to >>> avoid >>> that Windows is able to boot inside qemu? >>> >>> We have defined several profiles for different operation systems and I want >>> to avoid that someone chooses Linux and then installs Windows within >>> a VM. Reason is licensing. >> Patch QEMU to crash when Hyper-V extensions are enabled... > > Hi all, > > this is an old topic that has become important for me again recently. > Now all Linux versions should be able to detect KVM even if Hyper-V is > enabled. > > But how do I detect from Qemu userspace that Hyper-V is enabled? Maybe a better one: make KVM crash the guest if CR8 is nonzero on a vmexit. Linux doesn't use it, Windows should not survive long. Warning, I don't know if UEFI firmware uses CR8. Paolo
Re: [Qemu-devel] Prohibit Windows from running in QEMU
Am 29.10.2013 um 10:59 schrieb Paolo Bonzini: > Il 29/10/2013 10:48, Peter Lieven ha scritto: >> Hi all, >> >> this question might seem a bit weird, but does anyone see a good way to >> avoid >> that Windows is able to boot inside qemu? >> >> We have defined several profiles for different operation systems and I want >> to avoid that someone chooses Linux and then installs Windows within >> a VM. Reason is licensing. > Patch QEMU to crash when Hyper-V extensions are enabled... Hi all, this is an old topic that has become important for me again recently. Now all Linux versions should be able to detect KVM even if Hyper-V is enabled. But how do I detect from Qemu userspace that Hyper-V is enabled? Thanks, Peter
Re: [Qemu-devel] Prohibit Windows from running in QEMU
Il 29/10/2013 10:48, Peter Lieven ha scritto: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Patch QEMU to crash when Hyper-V extensions are enabled... Paolo
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On 29.10.2013 10:59, Paolo Bonzini wrote: Il 29/10/2013 10:48, Peter Lieven ha scritto: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Patch QEMU to crash when Hyper-V extensions are enabled... I was thinking about this, but wouldn't this mean the cpu signature would always be Microsoft Hv and not KVMKVMKVM\0\0\0? Peter
Re: [Qemu-devel] Prohibit Windows from running in QEMU
Il 29/10/2013 11:11, Peter Lieven ha scritto: On 29.10.2013 10:59, Paolo Bonzini wrote: Il 29/10/2013 10:48, Peter Lieven ha scritto: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Patch QEMU to crash when Hyper-V extensions are enabled... I was thinking about this, but wouldn't this mean the cpu signature would always be Microsoft Hv and not KVMKVMKVM\0\0\0? The KVM signature should be at CPUID leaf 0x4100. Paolo
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On Tue, Oct 29, 2013 at 11:19:54AM +0100, Paolo Bonzini wrote: Il 29/10/2013 11:11, Peter Lieven ha scritto: On 29.10.2013 10:59, Paolo Bonzini wrote: Il 29/10/2013 10:48, Peter Lieven ha scritto: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Patch QEMU to crash when Hyper-V extensions are enabled... I was thinking about this, but wouldn't this mean the cpu signature would always be Microsoft Hv and not KVMKVMKVM\0\0\0? The KVM signature should be at CPUID leaf 0x4100. But only recently Linux started to search for it there. -- Gleb.
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On 29.10.2013 11:19, Paolo Bonzini wrote: Il 29/10/2013 11:11, Peter Lieven ha scritto: On 29.10.2013 10:59, Paolo Bonzini wrote: Il 29/10/2013 10:48, Peter Lieven ha scritto: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Patch QEMU to crash when Hyper-V extensions are enabled... I was thinking about this, but wouldn't this mean the cpu signature would always be Microsoft Hv and not KVMKVMKVM\0\0\0? The KVM signature should be at CPUID leaf 0x4100. If I enable hyperv for all vServers the signature is at KVM_CPUID_SIGNATURE_NEXT (0x4100) otherwise at KVM_CPUID_SIGNATURE (0x0). Does this matter to Linux? Peter
Re: [Qemu-devel] Prohibit Windows from running in QEMU
Il 29/10/2013 11:40, Peter Lieven ha scritto: The KVM signature should be at CPUID leaf 0x4100. If I enable hyperv for all vServers the signature is at KVM_CPUID_SIGNATURE_NEXT (0x4100) otherwise at KVM_CPUID_SIGNATURE (0x0). KVM_CPU_ID_SIGNATURE is 0x4000. Does this matter to Linux? For recent versions it doesn't. Older versions will not be able to use kvmclock (and other PV enhancements for KVM such as steal time or PV EOI). Paolo
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On 29.10.2013 11:48, Paolo Bonzini wrote: Il 29/10/2013 11:40, Peter Lieven ha scritto: The KVM signature should be at CPUID leaf 0x4100. If I enable hyperv for all vServers the signature is at KVM_CPUID_SIGNATURE_NEXT (0x4100) otherwise at KVM_CPUID_SIGNATURE (0x0). KVM_CPU_ID_SIGNATURE is 0x4000. Does this matter to Linux? For recent versions it doesn't. Older versions will not be able to use kvmclock (and other PV enhancements for KVM such as steal time or PV EOI). Ok, so this is not an option today - maybe later... Any other idea to detect Windows is running or trying to start? Thanks, Peter
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On Tue, Oct 29, 2013 at 10:48:07AM +0100, Peter Lieven wrote: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Thanks, Peter - create a device - write a linux driver - if driver is not enabled crash guest -- MST
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On Tue, Oct 29, 2013 at 01:13:24PM +0200, Michael S. Tsirkin wrote: On Tue, Oct 29, 2013 at 10:48:07AM +0100, Peter Lieven wrote: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Thanks, Peter - create a device - write a linux driver - if driver is not enabled crash guest For how long to wait before a crash? -- Gleb.
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On 29.10.2013 12:26, Gleb Natapov wrote: On Tue, Oct 29, 2013 at 01:13:24PM +0200, Michael S. Tsirkin wrote: On Tue, Oct 29, 2013 at 10:48:07AM +0100, Peter Lieven wrote: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Thanks, Peter - create a device - write a linux driver - if driver is not enabled crash guest For how long to wait before a crash? I would not like to alter the software in the guest anyway. If this would be required I could force a Linux version that would search for the alternate KVM signature in the cpuid leaf. Peter
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On Tue, Oct 29, 2013 at 12:31:18PM +0100, Peter Lieven wrote: On 29.10.2013 12:26, Gleb Natapov wrote: On Tue, Oct 29, 2013 at 01:13:24PM +0200, Michael S. Tsirkin wrote: On Tue, Oct 29, 2013 at 10:48:07AM +0100, Peter Lieven wrote: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Thanks, Peter - create a device - write a linux driver - if driver is not enabled crash guest For how long to wait before a crash? I would not like to alter the software in the guest anyway. If this would be required I could force a Linux version that would search for the alternate KVM signature in the cpuid leaf. You can detect certain patterns of RTC usage (Linux does not use it usually), but it is fragile since Linux allows userspace to access RTC and it may create the same usage pattern. -- Gleb.
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On Tue, Oct 29, 2013 at 10:48:07AM +0100, Peter Lieven wrote: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Do you have todo the check in QEMU itself, or is it possible to add a hook into your installation method ? If so, then you could use the virt-inspector tool that comes with libguestfs to probe the install media and/or disk image to detect the operating system type, and then avoid starting QEMU at all if not what was expected Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On Tue, Oct 29, 2013 at 01:26:59PM +0200, Gleb Natapov wrote: On Tue, Oct 29, 2013 at 01:13:24PM +0200, Michael S. Tsirkin wrote: On Tue, Oct 29, 2013 at 10:48:07AM +0100, Peter Lieven wrote: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Thanks, Peter - create a device - write a linux driver - if driver is not enabled crash guest For how long to wait before a crash? Or don't crash, disable some other functionality, for example, you can keep all network links down until your driver is loaded. -- Gleb.
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On Tue, Oct 29, 2013 at 02:17:10PM +0200, Michael S. Tsirkin wrote: On Tue, Oct 29, 2013 at 01:26:59PM +0200, Gleb Natapov wrote: On Tue, Oct 29, 2013 at 01:13:24PM +0200, Michael S. Tsirkin wrote: On Tue, Oct 29, 2013 at 10:48:07AM +0100, Peter Lieven wrote: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Thanks, Peter - create a device - write a linux driver - if driver is not enabled crash guest For how long to wait before a crash? Or don't crash, disable some other functionality, for example, you can keep all network links down until your driver is loaded. Unless your root is on nfs and driver is in a module :). Anyway if you need to write guest code there are easier ways to do it than writing new device/driver. In ideal world you could have used ACPI _OS(?) function, but since most bioses are broken for anything but Windows Linux reports that it is Windows too. -- Gleb.
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On 10/29/13 11:50, Peter Lieven wrote: On 29.10.2013 11:48, Paolo Bonzini wrote: Il 29/10/2013 11:40, Peter Lieven ha scritto: The KVM signature should be at CPUID leaf 0x4100. If I enable hyperv for all vServers the signature is at KVM_CPUID_SIGNATURE_NEXT (0x4100) otherwise at KVM_CPUID_SIGNATURE (0x0). KVM_CPU_ID_SIGNATURE is 0x4000. Does this matter to Linux? For recent versions it doesn't. Older versions will not be able to use kvmclock (and other PV enhancements for KVM such as steal time or PV EOI). Ok, so this is not an option today - maybe later... Any other idea to detect Windows is running or trying to start? I don't know what I'm talking about. But: - Maybe tracing MSR accesses could give you a profile. - Windows' ACPI parser is super cranky. You could pass in a custom (but standardized) ACPI table on the command line (-acpitable) that only triggers some warnings in Linux's port of ACPICA, but crashes Windows (BSOD). Like, write compile a simple table to AML, then mess it up (eg. Package encoding or some such) with a hex editor. This would take some experimentation as well, but searching existing bug reports could help. Laszlo
Re: [Qemu-devel] Prohibit Windows from running in QEMU
Il 29/10/2013 16:55, BALATON Zoltan ha scritto: On Tue, 29 Oct 2013, Laszlo Ersek wrote: I don't know what I'm talking about. But: Neither do I but... - Windows' ACPI parser is super cranky. You could pass in a custom (but standardized) ACPI table on the command line (-acpitable) that only triggers some warnings in Linux's port of ACPICA, but crashes Windows (BSOD). Like, write compile a simple table to AML, then mess it up (eg. Package encoding or some such) with a hex editor. This would take some experimentation as well, but searching existing bug reports could help. This seems evil and fragile (although this can be done without patches with a command line option only). But instead why not remove/disable some BIOS functions that Linux doesn't need but Windows relies on? This seems to be less fragile (although requiring a patch) if it's possible at all. Subtly crippling the HPET might work, since Linux will prefer kvmclock. Good luck when users come screaming for support though. Paolo
Re: [Qemu-devel] Prohibit Windows from running in QEMU
On Tue, 29 Oct 2013, Laszlo Ersek wrote: I don't know what I'm talking about. But: Neither do I but... - Windows' ACPI parser is super cranky. You could pass in a custom (but standardized) ACPI table on the command line (-acpitable) that only triggers some warnings in Linux's port of ACPICA, but crashes Windows (BSOD). Like, write compile a simple table to AML, then mess it up (eg. Package encoding or some such) with a hex editor. This would take some experimentation as well, but searching existing bug reports could help. This seems evil and fragile (although this can be done without patches with a command line option only). But instead why not remove/disable some BIOS functions that Linux doesn't need but Windows relies on? This seems to be less fragile (although requiring a patch) if it's possible at all. Regards, BALATON Zoltan
Re: [Qemu-devel] Prohibit Windows from running in QEMU
Am 29.10.2013 um 17:00 schrieb Paolo Bonzini pbonz...@redhat.com: Il 29/10/2013 16:55, BALATON Zoltan ha scritto: On Tue, 29 Oct 2013, Laszlo Ersek wrote: I don't know what I'm talking about. But: Neither do I but... - Windows' ACPI parser is super cranky. You could pass in a custom (but standardized) ACPI table on the command line (-acpitable) that only triggers some warnings in Linux's port of ACPICA, but crashes Windows (BSOD). Like, write compile a simple table to AML, then mess it up (eg. Package encoding or some such) with a hex editor. This would take some experimentation as well, but searching existing bug reports could help. This seems evil and fragile (although this can be done without patches with a command line option only). But instead why not remove/disable some BIOS functions that Linux doesn't need but Windows relies on? This seems to be less fragile (although requiring a patch) if it's possible at all. Subtly crippling the HPET might work, since Linux will prefer kvmclock. Good luck when users come screaming for support though. I think without hyper-v Windows will prefer the pmtimer. I will look at this it might work. Thanks for your ideas. Peter Paolo
Re: [Qemu-devel] Prohibit Windows from running in QEMU
Michael S. Tsirkin wrote: On Tue, Oct 29, 2013 at 10:48:07AM +0100, Peter Lieven wrote: Hi all, this question might seem a bit weird, but does anyone see a good way to avoid that Windows is able to boot inside qemu? We have defined several profiles for different operation systems and I want to avoid that someone chooses Linux and then installs Windows within a VM. Reason is licensing. Thanks, Peter - create a device - write a linux driver - if driver is not enabled crash guest another option: _OSI() in ACPI, for ACPI compatible cases.