lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Jan 2021 10:58:29 -0800 From: Andy Lutomirski <luto@...nel.org> To: Sean Christopherson <seanjc@...gle.com> Cc: Wei Huang <wei.huang2@....com>, kvm list <kvm@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>, Paolo Bonzini <pbonzini@...hat.com>, Vitaly Kuznetsov <vkuznets@...hat.com>, Joerg Roedel <joro@...tes.org>, Borislav Petkov <bp@...en8.de>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, X86 ML <x86@...nel.org>, Jim Mattson <jmattson@...gle.com>, Wanpeng Li <wanpengli@...cent.com>, Bandan Das <bsd@...hat.com>, "Dr. David Alan Gilbert" <dgilbert@...hat.com>, Maxim Levitsky <mlevitsk@...hat.com> Subject: Re: [PATCH 1/2] KVM: x86: Add emulation support for #GP triggered by VM instructions On Tue, Jan 12, 2021 at 9:59 AM Sean Christopherson <seanjc@...gle.com> wrote: > > On Tue, Jan 12, 2021, Sean Christopherson wrote: > > On Tue, Jan 12, 2021, Wei Huang wrote: > > > From: Bandan Das <bsd@...hat.com> > > > > > > While running VM related instructions (VMRUN/VMSAVE/VMLOAD), some AMD > > > CPUs check EAX against reserved memory regions (e.g. SMM memory on host) > > > before checking VMCB's instruction intercept. > > > > It would be very helpful to list exactly which CPUs are/aren't affected, even if > > that just means stating something like "all CPUs before XYZ". Given patch 2/2, > > I assume it's all CPUs without the new CPUID flag? > > Ah, despite calling this an 'errata', the bad behavior is explicitly documented > in the APM, i.e. it's an architecture bug, not a silicon bug. > > Can you reword the changelog to make it clear that the premature #GP is the > correct architectural behavior for CPUs without the new CPUID flag? Andrew Cooper points out that there may be a nicer workaround. Make sure that the SMRAM and HT region (FFFD00000000 - FFFFFFFFFFFF) are marked as reserved in the guest, too. --Andy
Powered by blists - more mailing lists