| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 08 Jan 2018 22:07:26 +0200
From: Liran Alon <LIRAN.ALON@...CLE.COM>
To: Paolo Bonzini <pbonzini@...hat.com>, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org
CC: jmattson@...gle.com, aliguori@...zon.com, thomas.lendacky@....com,
dwmw@...zon.co.uk, bp@...en8.de
Subject: Re: [PATCH 7/7] KVM: x86: add SPEC_CTRL and IBPB_SUPPORT to MSR and
CPUID lists
On 08/01/18 20:08, Paolo Bonzini wrote:
> Expose them to userspace, now that guests can use them.
> I am not adding cpufeatures here to avoid having a kernel
> that shows spec_ctrl in /proc/cpuinfo and actually has no
> support whatsoever for IBRS/IBPB. Keep the ugly special-casing
> for now, and clean it up once the generic arch/x86/ code
> learns about them.
>
> Signed-off-by: Paolo Bonzini <pbonzini@...hat.com>
> ---
> arch/x86/kvm/cpuid.c | 24 +++++++++++++++++++++---
> arch/x86/kvm/x86.c | 1 +
> 2 files changed, 22 insertions(+), 3 deletions(-)
>
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index 767af697c20c..5f43a5940275 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -397,7 +397,12 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function,
>
> /* cpuid 7.0.edx*/
> const u32 kvm_cpuid_7_0_edx_x86_features =
> - KF(AVX512_4VNNIW) | KF(AVX512_4FMAPS);
> + KF(AVX512_4VNNIW) | KF(AVX512_4FMAPS) |
> + KF(SPEC_CTRL) | KF(STIBP);
> +
> + /* cpuid 0x80000008.edx */
> + const u32 kvm_cpuid_80000008_ebx_x86_features =
> + KF(IBPB_SUPPORT);
>
> /* all calls to cpuid_count() should be made on the same cpu */
> get_cpu();
> @@ -483,7 +488,14 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function,
> if (!tdp_enabled || !boot_cpu_has(X86_FEATURE_OSPKE))
> entry->ecx &= ~F(PKU);
> entry->edx &= kvm_cpuid_7_0_edx_x86_features;
> - entry->edx &= get_scattered_cpuid_leaf(7, 0, CPUID_EDX);
> + /*
> + * FIXME: the special casing of SPEC_CTRL and STIBP
> + * can be removed once they become regular
> + * cpufeatures.
> + */
> + entry->edx &= (
> + get_scattered_cpuid_leaf(7, 0, CPUID_EDX) |
> + KF(SPEC_CTRL) | KF(STIBP));
> } else {
> entry->ebx = 0;
> entry->ecx = 0;
> @@ -651,7 +663,13 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function,
> if (!g_phys_as)
> g_phys_as = phys_as;
> entry->eax = g_phys_as | (virt_as << 8);
> - entry->ebx = entry->edx = 0;
> + /*
> + * FIXME: mask against cpufeatures, with
> + * get_scattered_cpuid_leaf(0x80000008, 0, CPUID_EBX),
> + * once IBPB_SUPPORT becomes a regular cpufeature.
> + */
> + entry->ebx &= kvm_cpuid_80000008_ebx_x86_features;
> + entry->edx = 0;
> break;
> }
> case 0x80000019:
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index daa1918031df..4abb37d9f4d8 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -1032,6 +1032,7 @@ unsigned int kvm_get_pt_addr_cnt(void)
> MSR_IA32_RTIT_ADDR1_A, MSR_IA32_RTIT_ADDR1_B,
> MSR_IA32_RTIT_ADDR2_A, MSR_IA32_RTIT_ADDR2_B,
> MSR_IA32_RTIT_ADDR3_A, MSR_IA32_RTIT_ADDR3_B,
> + MSR_IA32_SPEC_CTRL,
> };
>
> static unsigned num_msrs_to_save;
>
Reviewed-by: Liran Alon <liran.alon@...cle.com>
Powered by blists - more mailing lists