lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 18 Jun 2020 15:49:32 +0000
From:   "Andersen, John" <john.s.andersen@...el.com>
To:     Dave Hansen <dave.hansen@...el.com>
Cc:     corbet@....net, pbonzini@...hat.com, tglx@...utronix.de,
        mingo@...hat.com, bp@...en8.de, x86@...nel.org, hpa@...or.com,
        shuah@...nel.org, sean.j.christopherson@...el.com,
        liran.alon@...cle.com, drjones@...hat.com,
        rick.p.edgecombe@...el.com, kristen@...ux.intel.com,
        vkuznets@...hat.com, wanpengli@...cent.com, jmattson@...gle.com,
        joro@...tes.org, mchehab+huawei@...nel.org,
        gregkh@...uxfoundation.org, paulmck@...nel.org,
        pawan.kumar.gupta@...ux.intel.com, jgross@...e.com,
        mike.kravetz@...cle.com, oneukum@...e.com, luto@...nel.org,
        peterz@...radead.org, fenghua.yu@...el.com,
        reinette.chatre@...el.com, vineela.tummalapalli@...el.com,
        dave.hansen@...ux.intel.com, arjan@...ux.intel.com,
        caoj.fnst@...fujitsu.com, bhe@...hat.com, nivedita@...m.mit.edu,
        keescook@...omium.org, dan.j.williams@...el.com,
        eric.auger@...hat.com, aaronlewis@...gle.com, peterx@...hat.com,
        makarandsonare@...gle.com, linux-doc@...r.kernel.org,
        linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
        linux-kselftest@...r.kernel.org,
        kernel-hardening@...ts.openwall.com
Subject: Re: [PATCH 4/4] X86: Use KVM CR pin MSRs

On Thu, Jun 18, 2020 at 08:38:06AM -0700, Dave Hansen wrote:
> On 6/18/20 8:26 AM, Andersen, John wrote:
> > On Thu, Jun 18, 2020 at 07:41:04AM -0700, Dave Hansen wrote:
> >>> +config PARAVIRT_CR_PIN
> >>> +       bool "Paravirtual bit pinning for CR0 and CR4"
> >>> +       depends on KVM_GUEST
> >>> +       help
> >>> +         Select this option to have the virtualised guest request that the
> >>> +         hypervisor disallow it from disabling protections set in control
> >>> +         registers. The hypervisor will prevent exploits from disabling
> >>> +         features such as SMEP, SMAP, UMIP, and WP.
> >>
> >> I'm confused.  Does this add support for ""Paravirtual bit pinning", or
> >> actually tell the guest to request pinning by default?
> >>
> >> It says "Select this option to have the virtualised guest request...",
> >> which makes it sound like it affects the default rather than the
> >> availability of the option.
> > 
> > How about this
> > 
> > Select this option to request protection of SMEP, SMAP, UMIP, and WP
> > control register bits when running paravirtualized under KVM. Protection will
> > be active provided the feature is available host side and kexec is disabled via
> > kconfig or the command line for the guest requesting protection.
> 
> It still isn't very clear to me.
> 
> Let's pull the config option out of this patch.  Enable the feature by
> default and do the command-line processing in this patch.
> 
> If you still think a Kconfig option is helpful, add it in a separate
> patch calling out the deficiencies with the boot-time options.

That's right we're going to pull it out anyway and just disable if the
disable_pv_cr_pin command line option is set. Oops. That solves that.

Thank you very much for your review Dave

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ