| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1cebc562-89e9-3806-bb3c-771946fc64f3@redhat.com>
Date: Thu, 25 Jun 2020 10:09:13 +0200
From: Paolo Bonzini <pbonzini@...hat.com>
To: Sean Christopherson <sean.j.christopherson@...el.com>,
Peter Xu <peterx@...hat.com>
Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
Vitaly Kuznetsov <vkuznets@...hat.com>
Subject: Re: [PATCH 1/2] KVM: X86: Move ignore_msrs handling upper the stack
On 25/06/20 08:15, Sean Christopherson wrote:
> IMO, kvm_cpuid() is simply buggy. If KVM attempts to access a non-existent
> MSR then it darn well should warn.
>
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index 8a294f9747aa..7ef7283011d6 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -1013,7 +1013,8 @@ bool kvm_cpuid(struct kvm_vcpu *vcpu, u32 *eax, u32 *ebx,
> *ebx = entry->ebx;
> *ecx = entry->ecx;
> *edx = entry->edx;
> - if (function == 7 && index == 0) {
> + if (function == 7 && index == 0 && (*ebx | (F(RTM) | F(HLE))) &&
> + (vcpu->arch.arch_capabilities & ARCH_CAP_TSX_CTRL_MSR)) {
> u64 data;
> if (!__kvm_get_msr(vcpu, MSR_IA32_TSX_CTRL, &data, true) &&
> (data & TSX_CTRL_CPUID_CLEAR))
>
That works too, but I disagree that warning is the correct behavior
here. It certainly should warn as long as kvm_get_msr blindly returns
zero. However, for a guest it's fine to access a potentially
non-existent MSR if you're ready to trap the #GP, and the point of this
series is to let cpuid.c or any other KVM code do the same.
Paolo
Powered by blists - more mailing lists