| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 27 Apr 2017 06:44:02 +0200
From: Juergen Gross <jgross@...e.com>
To: Borislav Petkov <bp@...en8.de>
Cc: linux-kernel@...r.kernel.org, xen-devel@...ts.xenproject.org,
x86@...nel.org, boris.ostrovsky@...cle.com, hpa@...or.com,
tglx@...utronix.de, mingo@...hat.com
Subject: Re: [PATCH] x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS if forced to
zero
On 27/04/17 00:04, Borislav Petkov wrote:
> On Wed, Apr 26, 2017 at 08:24:12PM +0200, Juergen Gross wrote:
>> I'm not feeling strong about it. So if you want to test for
>> X86_FEATURE_XENPV to avoid setting X86_BUG_SYSRET_SS_ATTRS I'm fine
>> with it.
>>
>> Will send V2 with that change.
>
> And remove the corresponding
>
> clear_cpu_bug(c, X86_BUG_SYSRET_SS_ATTRS);
>
> in xen_set_cpu_features().
Okay, you are right, we can omit this one now.
> So that we can set it once, only on !XENPV feature set.
>
> /me looks again at the code...
>
> Gah, except that we do
>
> set_cpu_cap(c, X86_FEATURE_XENPV);
>
> and that runs as part of init_hypervisor() and it runs *after* c_init().
No, this is called by xen_start_kernel(), long before c_init().
> So, back to square one. :-\
>
> So lemme try to explain again what I mean:
>
> I'd like to have a generic way of detecting whether I'm running as a xen
> guest at ->c_init() time and depending on the result of that detection,
> to set X86_BUG_SYSRET_SS_ATTRS or not set it.
>
> Does that make more sense?
This does make sense and it is working, as Sander could confirm.
Juergen
Powered by blists - more mailing lists