| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160701154354.GA5965@potion> Date: Fri, 1 Jul 2016 17:43:55 +0200 From: Radim Krčmář <rkrcmar@...hat.com> To: Paolo Bonzini <pbonzini@...hat.com> Cc: Andrew Honig <ahonig@...gle.com>, linux-kernel@...r.kernel.org, kvm <kvm@...r.kernel.org>, "Lan, Tianyu" <tianyu.lan@...el.com>, Igor Mammedov <imammedo@...hat.com>, Jan Kiszka <jan.kiszka@....de>, Peter Xu <peterx@...hat.com> Subject: Re: [PATCH v1 03/11] KVM: x86: dynamic kvm_apic_map 2016-07-01 17:12+0200, Paolo Bonzini: > On 01/07/2016 17:06, Paolo Bonzini wrote: >>>> >> > Should it? >>> Yes, x2APIC ID cannot be changed in hardware and is initialized to the >>> intitial APIC ID. >>> Letting LAPIC_SET change x2APIC ID would allow scenarios where userspace >>> reuses old VMs instead of building new ones after reconfiguration. >>> I don't think it's a sensible use case and it it is currently broken, >>> because we don't exit to userspace when changing APIC mode, so KVM would >>> just set APIC ID to VCPU ID on any transition and userspace couldn't >>> amend it. > > Forgot to reply about this: letting SET_LAPIC change x2APIC IDs is nonsense. > > In x2APIC mode + new capability disabled SET_LAPIC should ignore the id > register altogether for backwards compatibility. I'd still shift SET_LAPIC APIC ID to have internal APIC ID register in hardware-compatible format. > In x2APIC mode + new capability enabled it should either ignore it, or > fail if the x2APIC ID doesn't match the VCPU id. I suspect the latter > is better because it would help catching the case where userspace is > erroneously shifting the id left to bits 31-24. Yes, I'll make it EINVAL.
Powered by blists - more mailing lists