| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Jan 2021 13:35:02 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: Sean Christopherson <seanjc@...gle.com>
Cc: Wei Huang <wei.huang2@....com>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, vkuznets@...hat.com, joro@...tes.org,
bp@...en8.de, tglx@...utronix.de, mingo@...hat.com, x86@...nel.org,
jmattson@...gle.com, wanpengli@...cent.com, bsd@...hat.com,
dgilbert@...hat.com, mlevitsk@...hat.com
Subject: Re: [PATCH 1/2] KVM: x86: Add emulation support for #GP triggered by
VM instructions
On 12/01/21 18:42, Sean Christopherson wrote:
> On a related topic, it feels like nested should be disabled by default on SVM
> until it's truly ready for primetime, with the patch tagged for stable. That
> way we don't have to worry about crafting non-trivial fixes (like this one) to
> make them backport-friendly.
Well, that's historical; I wish it had been disabled by default back in
the day.
However, after 10 years and after the shakedown last year, it's hard to
justify breaking backwards compatibility. Nested SVM is not any less
ready than nested VMX---just a little less optimized for things such as
TLB flushes and ASID/VPID---even without this fix. The erratum has
visible effects only on a minority of AMD systems (it depends on an
unlucky placement of TSEG on L0), and it is easy to work around it by
lowering the amount of <4G memory in L1.
Paolo
Powered by blists - more mailing lists