| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <46f7b2e0-3225-8a9b-6155-3588b5f60f78@redhat.com> Date: Fri, 1 Jul 2016 17:12:15 +0200 From: Paolo Bonzini <pbonzini@...hat.com> To: Radim Krčmář <rkrcmar@...hat.com> Cc: Andrew Honig <ahonig@...gle.com>, linux-kernel@...r.kernel.org, kvm <kvm@...r.kernel.org>, "Lan, Tianyu" <tianyu.lan@...el.com>, Igor Mammedov <imammedo@...hat.com>, Jan Kiszka <jan.kiszka@....de>, Peter Xu <peterx@...hat.com> Subject: Re: [PATCH v1 03/11] KVM: x86: dynamic kvm_apic_map On 01/07/2016 17:06, Paolo Bonzini wrote: >>> >> > Should it? >> Yes, x2APIC ID cannot be changed in hardware and is initialized to the >> intitial APIC ID. >> Letting LAPIC_SET change x2APIC ID would allow scenarios where userspace >> reuses old VMs instead of building new ones after reconfiguration. >> I don't think it's a sensible use case and it it is currently broken, >> because we don't exit to userspace when changing APIC mode, so KVM would >> just set APIC ID to VCPU ID on any transition and userspace couldn't >> amend it. Forgot to reply about this: letting SET_LAPIC change x2APIC IDs is nonsense. In x2APIC mode + new capability disabled SET_LAPIC should ignore the id register altogether for backwards compatibility. In x2APIC mode + new capability enabled it should either ignore it, or fail if the x2APIC ID doesn't match the VCPU id. I suspect the latter is better because it would help catching the case where userspace is erroneously shifting the id left to bits 31-24. Paolo
Powered by blists - more mailing lists