| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87sh13qzfl.fsf@vitty.brq.redhat.com>
Date: Thu, 18 Oct 2018 13:14:38 +0200
From: Vitaly Kuznetsov <vkuznets@...hat.com>
To: Paolo Bonzini <pbonzini@...hat.com>,
Jim Mattson <jmattson@...gle.com>
Cc: Radim Krčmář <rkrcmar@...hat.com>,
Roman Kagan <rkagan@...tuozzo.com>,
"K. Y. Srinivasan" <kys@...rosoft.com>,
Haiyang Zhang <haiyangz@...rosoft.com>,
Stephen Hemminger <sthemmin@...rosoft.com>,
"Michael Kelley \(EOSG\)" <Michael.H.Kelley@...rosoft.com>,
LKML <linux-kernel@...r.kernel.org>,
Liran Alon <liran.alon@...cle.com>,
kvm list <kvm@...r.kernel.org>
Subject: Re: [PATCH v6 06/13] KVM: nVMX: optimize prepare_vmcs02{,_full} for Enlightened VMCS case
Paolo Bonzini <pbonzini@...hat.com> writes:
> On 17/10/2018 19:08, Jim Mattson wrote:
>> I believe that ESXi reads GUEST_CS_AR_BYTES on every VM-exit to
>> determine code size.
>
> Which makes me wonder, maybe we should add GUEST_SS_AR_BYTES which is
> where the CPL lives. But then your tests from last year didn't find it.
>
Hyper-V does read GUEST_SS_AR_BYTES. Way less frequent than
GUEST_CS_AR_BYTES but still.
Based on that my suggestion would be to shadow GUEST_SS_AR_BYTES, keep
GUEST_SS_AR_BYTES and unshadow the rest (GUEST_ES_BASE,
GUEST_CS_SELECTOR, GUEST_CS_LIMIT, GUEST_CS_BASE). I can do this as a
separate patch as I see this series is already in kvm/queue.
--
Vitaly
Powered by blists - more mailing lists