lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 30 Nov 2020 11:27:43 +0000
From:   David Woodhouse <dwmw2@...radead.org>
To:     Paolo Bonzini <pbonzini@...hat.com>,
        Sean Christopherson <sean.j.christopherson@...el.com>,
        Joao Martins <joao.m.martins@...cle.com>
Cc:     kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
        Ankur Arora <ankur.a.arora@...cle.com>,
        Boris Ostrovsky <boris.ostrovsky@...cle.com>,
        Radim Krčmář <rkrcmar@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org
Subject: Re: [PATCH RFC 01/39] KVM: x86: fix Xen hypercall page msr handling

On Mon, 2020-11-30 at 12:03 +0100, Paolo Bonzini wrote:
> You can use CPUID too (search for Hv#1 in leaf 0x40000000)?

That's leaf 0x40000001. Which is also the leaf used for Xen to indicate
the Xen version. So as long as we don't pretend to be Xen version
12759.30280 I suppose that's OK.

Or we could just check leaf 0x40000000 for 'Microsoft Hv'? Or both.

How about...

#define HYPERV_CPUID_INTERFACE_MAGIC 0x31237648 /* 'Hv#1' */

static inline bool guest_cpu_has_hyperv(struct kvm_vcpu *vcpu)
{
    	struct kvm_hv *hv = &vcpu->kvm->arch.hyperv;
	const struct kvm_cpuid_entry2 *entry;

        /*
         * The call to kvm_find_cpuid_entry() is a bit much to put on
  
* the fast path of some of the Hyper-V MSRs, so bypass it if
         * the guest OS ID has already been set.
         */
	if (hv->hv_guest_os_id)
                return true;

        entry = kvm_find_cpuid_entry(vcpu, HYPERV_CPUID_INTERFACE, 0x0);
        return entry && entry->eax == HYPERV_CPUID_INTERFACE_MAGIC;
}

I wonder if this is overengineering when 'let Xen take precedence'
works well enough?

Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5174 bytes)

Powered by blists - more mailing lists