lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 24 Jun 2020 13:56:11 +0800
From:   Yang Weijiang <weijiang.yang@...el.com>
To:     Sean Christopherson <sean.j.christopherson@...el.com>
Cc:     Yang Weijiang <weijiang.yang@...el.com>, kvm@...r.kernel.org,
        linux-kernel@...r.kernel.org, pbonzini@...hat.com,
        jmattson@...gle.com, yu.c.zhang@...ux.intel.com
Subject: Re: [PATCH v12 00/10] Introduce support for guest CET feature

On Tue, Jun 23, 2020 at 11:39:19AM -0700, Sean Christopherson wrote:
> On Thu, Jun 11, 2020 at 09:29:13AM +0800, Yang Weijiang wrote:
> > On Wed, Jun 10, 2020 at 09:56:36AM -0700, Sean Christopherson wrote:
> > > On Wed, May 06, 2020 at 04:20:59PM +0800, Yang Weijiang wrote:
> > > > Several parts in KVM have been updated to provide VM CET support, including:
> > > > CPUID/XSAVES config, MSR pass-through, user space MSR access interface, 
> > > > vmentry/vmexit config, nested VM etc. These patches have dependency on CET
> > > > kernel patches for xsaves support and CET definitions, e.g., MSR and related
> > > > feature flags.
> > > 
> > > Other than the MSR and cpufeatures flags definitions, is there any direct
> > > dependency on kernel CET support?  I.e. if/when XSAVES support is merged,
> > > is there anything beyond the architectural definitions that are required to
> > > merge KVM CET virtualization?
> > No, KVM CET patches only depend on kernel CET related definitions and XSAVES 
> > support now.
> 
> Neato.
> 
> > But to make guest CET work, we need CET patches for QEMU.
> 
> Ya, but we don't need to wait for host kernel support, which was the crux of
> my question.
> 
> 
> Can you please respin this series with the CET definition patches included?
> The XSAVES support has been queued to tip/x86/fpu.  Assuming that lands in
> kernel 5.9, I _think_ KVM support for CET can land in 5.10.

Sure. Besides this change and the unrestricted guest case change, any
other changes I should do to v12 patch?

Thanks for review!
> 
> Base your series on kvm/queue, i.e. don't worry about the XSAVES patches,
> I'll merge them in from tip/x86/fpu for testing.
> 
> Thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ