| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Mar 2019 10:15:15 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: Sean Christopherson <sean.j.christopherson@...el.com>
Cc: Yang Weijiang <weijiang.yang@...el.com>, rkrcmar@...hat.com,
jmattson@...gle.com, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org, mst@...hat.com, yu-cheng.yu@...el.com,
yi.z.zhang@...el.com, hjl.tools@...il.com,
Zhang Yi Z <yi.z.zhang@...ux.intel.com>
Subject: Re: [PATCH v2 1/7] KVM:VMX: Define CET VMCS fields and bits
On 04/03/19 19:56, Sean Christopherson wrote:
> On Tue, Jan 29, 2019 at 04:19:34PM +0100, Paolo Bonzini wrote:
>> On 28/01/19 11:33, Yang Weijiang wrote:
>>>> There is no code in this series to pass these fields to and from
>>>> userspace, and also to save/restore U_CET, INT_SSP_TAB, PL0_SSP and
>>>> PL3_SSP across context switches.
>>>>
>>> The kernel consumes these MSRs, please see kernel CET patch:
>>> https://lkml.org/lkml/fancy/2018/11/20/225
>>
>> Still, even if the kernel saves these fields across context switch in
>> XSAVE areas, KVM must support accesses to the MSRs from userspace, for
>> example in order to perform live migration.
>>
>> For example, when reading/writing these in kvm_set_msr or
>> kvm_get_msr_common, you would have to do a read/write from the host
>> MSRs. You also have to put kvm_load_guest_fpu/kvm_put_guest_fpu calls
>> in __msr_io.
>
> Paolo, can you elaborate on why KVM would read the host MSRs? Wouldn't
> kvm_{get,set}_msr() pull the values from the VMCS when necessary?
Not all MSRs are in the VMCS; IA32_U_CET and IA32_PL*_SSP are not.
Paolo
Powered by blists - more mailing lists