| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 8 Jan 2018 17:33:38 -0500 (EST)
From: Paolo Bonzini <pbonzini@...hat.com>
To: David Woodhouse <dwmw2@...radead.org>
Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
jmattson@...gle.com, aliguori@...zon.com,
thomas lendacky <thomas.lendacky@....com>, bp@...en8.de
Subject: Re: [PATCH 3/7] kvm: vmx: pass MSR_IA32_SPEC_CTRL and
MSR_IA32_PRED_CMD down to the guest
----- Original Message -----
> From: "David Woodhouse" <dwmw2@...radead.org>
> To: "Paolo Bonzini" <pbonzini@...hat.com>, linux-kernel@...r.kernel.org, kvm@...r.kernel.org
> Cc: jmattson@...gle.com, aliguori@...zon.com, "thomas lendacky" <thomas.lendacky@....com>, bp@...en8.de
> Sent: Monday, January 8, 2018 8:41:07 PM
> Subject: Re: [PATCH 3/7] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest
>
> On Mon, 2018-01-08 at 19:08 +0100, Paolo Bonzini wrote:
> >
> > + if (have_spec_ctrl && vmx->spec_ctrl != 0)
> > + wrmsrl(MSR_IA32_SPEC_CTRL, vmx->spec_ctrl);
> > +
>
> I think this one probably *is* safe even without an 'else lfence',
> which means that the CPU can speculate around it, but it wants a
> comment explaining that someone has properly analysed it and saying
> precisely why.
This one is okay as long as there are no indirect jumps until
vmresume. But the one on vmexit is only okay because right now
it's *disabling* IBRS. Once IBRS is used by Linux, we'll need an
lfence there. I'll add a comment.
Paolo
Powered by blists - more mailing lists