8000 add support to control CPU features exposed to user apps by tianyuzhou95 · Pull Request #11498 · google/gvisor · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

add support to control CPU features exposed to user apps #11498

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

add support to control CPU features exposed to user apps #11498

wants to merge 2 commits into from

Conversation

tianyuzhou95
Copy link
Contributor
@tianyuzhou95 tianyuzhou95 commented Feb 28, 2025
edited
Loading

Updates #11486

@tianyuzhou95 tianyuzhou95 force-pushed the albert/cpuid branch 2 times, most recently from 75df46d to 0d79d24 Compare February 28, 2025 08:56
@tianyuzhou95 tianyuzhou95 changed the title [WIP] add support to control CPU features exposed to user apps add support to control CPU features exposed to user apps Feb 28, 2025
@tianyuzhou95 tianyuzhou95 mentioned this pull request Feb 28, 2025
Open
@tianyuzhou95
runsc: add support to control CPU features exposed to user apps
7a0749e 
Currently, runsc compares the host feature set between the machine used
for checkpointing and the machine used for restoring. If the former
feature set is not a subset of the latter, the restore will fail, as
user apps might mistakenly use unsupported instructions.

Thanks to cpuid faulting support, it is possible to intercept the cpuid
instruction from user apps and generate results referring to the host
feature set recorded during sandbox boot.

This patch adds support to expose only specified CPU features by
removing features from the list when storing the host feature set. This
makes it possible to checkpoint and restore on machines with different
CPU features. The list of enabled features is passed via annotation.

It should be noted that currently, CPUID faulting is not supported on
the arm64 architecture, and therefore, control over the CPU features
exposed to user apps is also not supported.

Updates google#11486

Signed-off-by: Tianyu Zhou <albert.zty@antgroup.com>
ayushr2
ayushr2 reviewed Mar 3, 2025
View reviewed changes
@tianyuzhou95
cmd: add subcommand cpu-feature to dump supported CPU features
0b1a0b2 
This patch adds the subcommand cpu-feature, used for retrieving the
features supported by the current physical machine's CPU.

Signed-off-by: Tianyu Zhou <albert.zty@antgroup.com>
@tianyuzhou95
Copy link
Contributor Author

Depends on this patch(#11492) to ensure CPUID faulting on the KVM platform.

@milantracy milantracy requested a review from nixprime March 4, 2025 19:16
@tianyuzhou95
Copy link
Contributor Author

Is there anything I can do to help move this pull request forward?

@ayushr2
Copy link
Collaborator
ayushr2 commented Mar 25, 2025

Sorry for the delay @tianyuzhou95. We are a little pre-empted right now but we will eventually get to this. Appreciate the patch!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ayushr2 ayushr2 ayushr2 left review comments

@nixprime nixprime Awaiting requested review from nixprime

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tianyuzhou95 @ayushr2
0