lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 3 Mar 2020 10:08:36 -0800
From:   Jim Mattson <jmattson@...gle.com>
To:     Sean Christopherson <sean.j.christopherson@...el.com>
Cc:     Paolo Bonzini <pbonzini@...hat.com>,
        Vitaly Kuznetsov <vkuznets@...hat.com>,
        Wanpeng Li <wanpengli@...cent.com>,
        Joerg Roedel <joro@...tes.org>, kvm list <kvm@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Jan Kiszka <jan.kiszka@...mens.com>,
        Xiaoyao Li <xiaoyao.li@...el.com>
Subject: Re: [PATCH 2/6] KVM: x86: Fix CPUID range check for Centaur and
 Hypervisor ranges

On Tue, Mar 3, 2020 at 10:01 AM Sean Christopherson
<sean.j.christopherson@...el.com> wrote:
>
> On Tue, Mar 03, 2020 at 09:42:42AM -0800, Jim Mattson wrote:
> > Unfathomable was the wrong word.
>
> I dunno, one could argue that the behavior of Intel CPUs for CPUID is
> unfathomable and I was just trying to follow suit :-D
>
> >  I can see what you're trying to do. I
> > just don't think it's defensible. I suspect that Intel CPU architects
> > will be surprised and disappointed to find that the maximum effective
> > value of CPUID.0H:EAX is now 255, and that they have to define
> > CPUID.100H:EAX as the "maximum leaf between 100H and 1FFH" if they
> > want to define any leaves between 100H and 1FFH.
>
> Hmm, ya, I agree that applying a 0xffffff00 mask to all classes of CPUID
> ranges is straight up wrong.
>
> > Furthermore, AMD has only ceded 4000_0000h through 4000_00FFh to
> > hypervisors, so kvm's use of 40000100H through 400001FFH appears to be
> > a land grab, akin to VIA's unilateral grab of the C0000000H leaves.
> > Admittedly, one could argue that the 40000000H leaves are not AMD's to
> > apportion, since AMD and Intel appear to have reached a detente by
> > splitting the available space down the middle. Intel, who seems to be
> > the recognized authority for this range, declares the entire range
> > from 40000000H through 4FFFFFFFH to be invalid. Make of that what you
> > will.
> >
> > In any event, no one has ever documented what's supposed to happen if
> > you leave gaps in the 4xxxxxxxH range when defining synthesized CPUID
> > leaves under kvm.
>
> Probably stating the obvious, but for me, the least suprising thing is for
> such leafs to output zeros.  It also feels safer, e.g. a guest that's
> querying hypervisor support is less likely to be led astray by all zeros
> than by a random feature bits being set.
>
> What about something like this?  Along with a comment and documentation...
>
> static bool cpuid_function_in_range(struct kvm_vcpu *vcpu, u32 function)
> {
>         struct kvm_cpuid_entry2 *max;
>
>         if (function >= 0x40000000 && function <= 0x4fffffff)
>                 max = kvm_find_cpuid_entry(vcpu, function & 0xffffff00, 0);
>         else
>                 max = kvm_find_cpuid_entry(vcpu, function & 0x80000000, 0);
>         return max && function <= max->eax;
> }

I can get behind that. The behavior of the 4xxxxxxxH leaves under kvm
is arguably up to kvm (though AMD may disagree).

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ