lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Mar 2019 10:15:15 +0100 From: Paolo Bonzini <pbonzini@...hat.com> To: Sean Christopherson <sean.j.christopherson@...el.com> Cc: Yang Weijiang <weijiang.yang@...el.com>, rkrcmar@...hat.com, jmattson@...gle.com, linux-kernel@...r.kernel.org, kvm@...r.kernel.org, mst@...hat.com, yu-cheng.yu@...el.com, yi.z.zhang@...el.com, hjl.tools@...il.com, Zhang Yi Z <yi.z.zhang@...ux.intel.com> Subject: Re: [PATCH v2 1/7] KVM:VMX: Define CET VMCS fields and bits On 04/03/19 19:56, Sean Christopherson wrote: > On Tue, Jan 29, 2019 at 04:19:34PM +0100, Paolo Bonzini wrote: >> On 28/01/19 11:33, Yang Weijiang wrote: >>>> There is no code in this series to pass these fields to and from >>>> userspace, and also to save/restore U_CET, INT_SSP_TAB, PL0_SSP and >>>> PL3_SSP across context switches. >>>> >>> The kernel consumes these MSRs, please see kernel CET patch: >>> https://lkml.org/lkml/fancy/2018/11/20/225 >> >> Still, even if the kernel saves these fields across context switch in >> XSAVE areas, KVM must support accesses to the MSRs from userspace, for >> example in order to perform live migration. >> >> For example, when reading/writing these in kvm_set_msr or >> kvm_get_msr_common, you would have to do a read/write from the host >> MSRs. You also have to put kvm_load_guest_fpu/kvm_put_guest_fpu calls >> in __msr_io. > > Paolo, can you elaborate on why KVM would read the host MSRs? Wouldn't > kvm_{get,set}_msr() pull the values from the VMCS when necessary? Not all MSRs are in the VMCS; IA32_U_CET and IA32_PL*_SSP are not. Paolo
Powered by blists - more mailing lists