lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1380722776-12358-1-git-send-email-pbonzini@redhat.com>
Date:	Wed,  2 Oct 2013 16:06:13 +0200
From:	Paolo Bonzini <pbonzini@...hat.com>
To:	linux-kernel@...r.kernel.org
Cc:	kvm@...r.kernel.org, gleb@...hat.com
Subject: [PATCH v3 0/3] KVM: prepare for future XSAVE extensions

As soon as the kernel will support the XSAVE extensions in Skylake
processors, we will want both userspace and the hypervisor to run
guests without showing any trace of the new features (because
support for them in the hypervisor will come later).

This series does exactly this.  Patches 1 and 3 ensures that userspace
does not get access to features not supported in the hypervisor.
Patch 2 does the same for the guest.

The effect of these patches is already visible together with
the corresponding QEMU patches and a command line such as "-cpu
SandyBridge,-avx".  Previously, the guest could still enable AVX via
xsetbv, and state would be sent by QEMU during migration.  These patches
make sure that disabling AVX will really prevent the guest from using it,
which helps if you have to deal with migration from newer versions of
QEMU and the kernel to older versions.  The QEMU patches set up the
guest's 0xd CPUID leaf, which also ensures that the kernel has the
necessary information.

Paolo

v2->v3:
	rename supported_xcr0 field to guest_supported_xcr0
	rename xstate_size field to guest_xstate_size
	do not hardcode XSTATE_FPSSE in guest_supported_xcr0
	handle missing 0xd leaf

Paolo Bonzini (3):
  KVM: x86: mask unsupported XSAVE entries from leaf 0Dh index 0
  KVM: x86: prevent setting unsupported XSAVE states
  KVM: x86: only copy XSAVE state for the supported features

 arch/x86/include/asm/kvm_host.h |  2 ++
 arch/x86/kvm/cpuid.c            | 36 +++++++++++++++++++++++++++++++++++-
 arch/x86/kvm/x86.c              | 29 ++++++++++++++++++++++-------
 arch/x86/kvm/x86.h              |  1 +
 4 files changed, 60 insertions(+), 8 deletions(-)

-- 
1.8.3.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ