lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 20 Feb 2018 00:13:01 +0000
From:   Alan Cox <gnomes@...rguk.ukuu.org.uk>
To:     "Van De Ven, Arjan" <arjan.van.de.ven@...el.com>
Cc:     "valdis.kletnieks@...edu" <valdis.kletnieks@...edu>,
        Jon Masters <jcm@...masters.org>,
        David Woodhouse <dwmw2@...radead.org>,
        Paolo Bonzini <pbonzini@...hat.com>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "x86@...nel.org" <x86@...nel.org>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "torvalds@...ux-foundation.org" <torvalds@...ux-foundation.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "Hansen, Dave" <dave.hansen@...el.com>,
        "Ingo Molnar" <mingo@...nel.org>
Subject: Re: [PATCH 2/2] x86/speculation: Support "Enhanced IBRS" on future
 CPUs

On Tue, 20 Feb 2018 00:00:23 +0000
"Van De Ven, Arjan" <arjan.van.de.ven@...el.com> wrote:

> > On Mon, 19 Feb 2018 23:42:24 +0000, "Van De Ven, Arjan" said:
> >   
> > > the guest is not the problem; guests obviously will already honor if Enhanced
> > > IBRS is enumerated. The problem is mixed migration pools where the  
> > hypervisor  
> > > may need to decide to not pass this enumeration through to the guest.  
> > 
> > For bonus points:  What should happen to a VM that is live migrated from one
> > hypervisor to another, and the hypervisors have different IBRS support?  
> 
> Doctor Doctor it hurts when I do this....
> 
> Migration tends to only work between HV's that are relatively homogeneous, that's nothing new... folks who run clouds or bigger pools know this obviously.

In theory there's nothing stopping a guest getting a 'you are about to
gain/lose IBRS' message or having a new 'CPU' hotplugged and the old one
removed.

It's just that it's always been less painful to avoid the problems you
get with wild mismatches than attmept the cure. And any 'cure' goes
beyond the OS kernel into some of the managed runtimes so I'd agree with
Arjan 'don't do that'.

Alan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ