| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 1 Feb 2021 18:34:34 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: Sean Christopherson <seanjc@...gle.com>
Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
jmattson@...gle.com, stable@...r.kernel.org
Subject: Re: [PATCH v2] KVM: x86: Allow guests to see MSR_IA32_TSX_CTRL even
if tsx=off
On 01/02/21 17:38, Sean Christopherson wrote:
>>>> /*
>>>> * On TAA affected systems:
>>>> * - nothing to do if TSX is disabled on the host.
>>>> * - we emulate TSX_CTRL if present on the host.
>>>> * This lets the guest use VERW to clear CPU buffers.
>>>> */
>
> it says "nothing to do..." and then clears a
> flag. The other interpretation of "nothing to do... at runtime" is also wrong
> as KVM emulates the MSR as a nop.
>
> I guess I just find the whole comment more confusing than the code itself.
What about:
if (!boot_cpu_has(X86_FEATURE_RTM)) {
/*
* If RTM=0 because the kernel has disabled TSX, the
host might
* have TAA_NO or TSX_CTRL. Clear TAA_NO (the guest
sees RTM=0
* and therefore knows that there cannot be TAA) but keep
* TSX_CTRL: some buggy userspaces leave it set on
tsx=on hosts,
* and we want to allow migrating those guests to
tsx=off hosts.
*/
data &= ~ARCH_CAP_TAA_NO;
} else if (!boot_cpu_has_bug(X86_BUG_TAA)) {
data |= ARCH_CAP_TAA_NO;
} else {
/*
* Nothing to do here; we emulate TSX_CTRL if present
on the
* host so the guest can choose between disabling TSX or
* using VERW to clear CPU buffers.
*/
}
Paolo
Powered by blists - more mailing lists