| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <834e9b46-5d59-a81e-8cda-5f576964e1cb@redhat.com>
Date: Tue, 9 Jan 2018 17:57:08 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: Liran Alon <liran.alon@...cle.com>
Cc: jmattson@...gle.com, x86@...nel.org, dwmw@...zon.co.uk,
bp@...en8.de, aliguori@...zon.com, thomas.lendacky@....com,
rkrcmar@...hat.com, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org
Subject: Re: [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and
MSR_IA32_PRED_CMD down to the guest
On 09/01/2018 17:48, Liran Alon wrote:
>>>
>>> + if (have_spec_ctrl) {
>>> + rdmsrl(MSR_IA32_SPEC_CTRL, vmx->spec_ctrl);
>>> + if (vmx->spec_ctrl != 0)
>>> + wrmsrl(MSR_IA32_SPEC_CTRL, 0);
>
> As I said also on the AMD patch, I think this is a bug.
> Intel specify that we should set IBRS bit even if it was already set on every #VMExit.
That's correct (though I'd like to understand _why_---I'm not inclined
to blindly trust a spec), but for now it's saving a wrmsr of 0. That is
quite obviously okay, and will be also okay after the bare-metal IBRS
patches.
Of course the code will become something like
if (using_ibrs || vmx->spec_ctrl != 0)
wrmsrl(MSR_IA32_SPEC_CTRL, host_ibrs);
optimizing the case where the host is using retpolines.
Paolo
Powered by blists - more mailing lists