lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 1 Feb 2021 09:46:38 +0100
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     Sean Christopherson <seanjc@...gle.com>
Cc:     linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
        jmattson@...gle.com, stable@...r.kernel.org
Subject: Re: [PATCH v2] KVM: x86: Allow guests to see MSR_IA32_TSX_CTRL even
 if tsx=off

On 29/01/21 17:58, Sean Christopherson wrote:
> On Fri, Jan 29, 2021, Paolo Bonzini wrote:
>> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
>> index 76bce832cade..15733013b266 100644
>> --- a/arch/x86/kvm/x86.c
>> +++ b/arch/x86/kvm/x86.c
>> @@ -1401,7 +1401,7 @@ static u64 kvm_get_arch_capabilities(void)
>>   	 *	  This lets the guest use VERW to clear CPU buffers.
> 
> 
> This comment be updated to call out the new TSX_CTRL behavior.
> 
> 	/*
> 	 * On TAA affected systems:
> 	 *      - nothing to do if TSX is disabled on the host.
> 	 *      - we emulate TSX_CTRL if present on the host.
> 	 *	  This lets the guest use VERW to clear CPU buffers.
> 	 */

Ok.

>>   	 */
>>   	if (!boot_cpu_has(X86_FEATURE_RTM))
>> -		data &= ~(ARCH_CAP_TAA_NO | ARCH_CAP_TSX_CTRL_MSR);
>> +		data &= ~ARCH_CAP_TAA_NO;
> 
> Hmm, simply clearing TSX_CTRL will only preserve the host value.  Since
> ARCH_CAPABILITIES is unconditionally emulated by KVM, wouldn't it make sense to
> unconditionally expose TSX_CTRL as well, as opposed to exposing it only if it's
> supported in the host?  I.e. allow migrating a TSX-disabled guest to a host
> without TSX.  Or am I misunderstanding how TSX_CTRL is checked/used?

I'm a bit wary of having a combination (MDS_NO=0, TSX_CTRL=1) that does 
not exist on bare metal.  There are other cases where such combinations 
can happen, especially with the Spectre and SSBD mitigations (for 
example due to AMD CPUID bits for Intel processors), but at least those 
are just redundancies in the CPUID bits and it's more likely that the 
guest does something sensible with them.

Paolo

>>   	else if (!boot_cpu_has_bug(X86_BUG_TAA))
>>   		data |= ARCH_CAP_TAA_NO;
>>   
>> -- 
>> 2.26.2
>>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ