| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87k15mf5pl.fsf@vitty.brq.redhat.com>
Date: Mon, 20 Jan 2020 17:33:26 +0100
From: Vitaly Kuznetsov <vkuznets@...hat.com>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: Jim Mattson <jmattson@...gle.com>,
Sean Christopherson <sean.j.christopherson@...el.com>,
kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
Liran Alon <liran.alon@...cle.com>
Subject: Re: [RFC] Revert "kvm: nVMX: Restrict VMX capability MSR changes"
Paolo Bonzini <pbonzini@...hat.com> writes:
> On 20/01/20 16:11, Vitaly Kuznetsov wrote:
>>
>> RFC. I think the check for vmx->nested.vmxon is legitimate for everything
>> but restore so removing it (what I do with the revert) is likely a no-go.
>> I'd like to gather opinions on the proper fix: should we somehow check
>> that the vCPU is in 'restore' start (has never being run) and make
>> KVM_SET_MSRS pass or should we actually mandate that KVM_SET_NESTED_STATE
>> is run after KVM_SET_MSRS by userspace?
>>
>> Signed-off-by: Vitaly Kuznetsov <vkuznets@...hat.com>
>
> I think this should be fixed in QEMU, by doing KVM_SET_MSRS for feature
> MSRs way earlier. I'll do it since I'm currently working on a patch to
> add a KVM_SET_MSR for the microcode revision.
Works for me, thanks)
The bigger issue is that the vCPU setup sequence (like QEMU's
kvm_arch_put_registers()) effectively becomes an API convention and as
it gets more complex it would be great to document it for KVM.
--
Vitaly
Powered by blists - more mailing lists