| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CALMp9eQcRbMjQ_=jQ=qaYmh1Lavc3PYvm4Qcf3zY+N8j3zZe-w@mail.gmail.com>
Date: Fri, 16 Aug 2019 14:45:39 -0700
From: Jim Mattson <jmattson@...gle.com>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: LKML <linux-kernel@...r.kernel.org>, kvm list <kvm@...r.kernel.org>
Subject: Re: [PATCH 1/2] KVM: x86: fix reporting of AMD speculation bug CPUID leaf
On Thu, Aug 15, 2019 at 12:41 AM Paolo Bonzini <pbonzini@...hat.com> wrote:
>
> The AMD_* bits have to be set from the vendor-independent
> feature and bug flags, because KVM_GET_SUPPORTED_CPUID does not care
> about the vendor and they should be set on Intel processors as well.
> On top of this, SSBD, STIBP and AMD_SSB_NO bit were not set, and
> VIRT_SSBD does not have to be added manually because it is a
> cpufeature that comes directly from the host's CPUID bit.
>
> Signed-off-by: Paolo Bonzini <pbonzini@...hat.com>
On AMD systems, aren't AMD_SSBD, AMD_STIBP, and AMD_SSB_NO set by
inheritance from the host:
/* cpuid 0x80000008.ebx */
const u32 kvm_cpuid_8000_0008_ebx_x86_features =
F(WBNOINVD) | F(AMD_IBPB) | F(AMD_IBRS) | F(AMD_SSBD) | F(VIRT_SSBD) |
F(AMD_SSB_NO) | F(AMD_STIBP) | F(AMD_STIBP_ALWAYS_ON);
I am curious why the cross-vendor settings go only one way. For
example, you set AMD_STIBP on Intel processors that have STIBP, but
you do not set INTEL_STIBP on AMD processors that have STIBP?
Similarly, you set AMD_SSB_NO for Intel processors that are immune to
SSB, but you do not set IA32_ARCH_CAPABILITIES.SSB_NO for AMD
processors that are immune to SSB?
Perhaps there is another patch coming for reporting Intel bits on AMD?
Powered by blists - more mailing lists