| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 10 Feb 2021 17:40:10 -0600
From: Babu Moger <babu.moger@....com>
To: pbonzini@...hat.com, tglx@...utronix.de, mingo@...hat.com,
bp@...en8.de
Cc: fenghua.yu@...el.com, tony.luck@...el.com, wanpengli@...cent.com,
kvm@...r.kernel.org, thomas.lendacky@....com, peterz@...radead.org,
seanjc@...gle.com, joro@...tes.org, x86@...nel.org,
kyung.min.park@...el.com, linux-kernel@...r.kernel.org,
krish.sadhukhan@...cle.com, hpa@...or.com, mgross@...ux.intel.com,
vkuznets@...hat.com, kim.phillips@....com, wei.huang2@....com,
jmattson@...gle.com
Subject: Re: [PATCH v4 0/2] x86: Add the feature Virtual SPEC_CTRL
Paolo/Sean,
Any comments on these patches?
Thanks
Babu
On 1/28/21 6:43 PM, Babu Moger wrote:
> Newer AMD processors have a feature to virtualize the use of the
> SPEC_CTRL MSR on the guest. The series adds the feature support
> and enables the feature on SVM.
> ---
> v4:
> 1. Taken care of comments from Sean Christopherson.
> a. Updated svm_set_msr/svm_get_msr to read/write the spec_ctrl value
> directly from save spec_ctrl.
> b. Disabled the msr_interception in init_vmcb when V_SPEC_CTRL is
> present.
> c. Added the save restore for nested vm. Also tested to make sure
> the nested SPEC_CTRL settings properly saved and restored between
> L2 and L1 guests.
> 2. Added the kvm-unit-tests to verify that. Sent those patches separately.
>
> v3:
> 1. Taken care of recent changes in vmcb_save_area. Needed to adjust the save
> area spec_ctrl definition.
> 2. Taken care of few comments from Tom.
> a. Initialised the save area spec_ctrl in case of SEV-ES.
> b. Removed the changes in svm_get_msr/svm_set_msr.
> c. Reverted the changes to disable the msr interception to avoid compatibility
> issue.
> 3. Updated the patch #1 with Acked-by from Boris.
>
> v2:
> NOTE: This is not final yet. Sending out the patches to make
> sure I captured all the comments correctly.
>
> 1. Most of the changes are related to Jim and Sean's feedback.
> 2. Improved the description of patch #2.
> 3. Updated the vmcb save area's guest spec_ctrl value(offset 0x2E0)
> properly. Initialized during init_vmcb and svm_set_msr and
> returned the value from save area for svm_get_msr.
> 4. As Jim commented, transferred the value into the VMCB prior
> to VMRUN and out of the VMCB after #VMEXIT.
> 5. Added kvm-unit-test to detect the SPEC CTRL feature.
> https://lore.kernel.org/kvm/160865324865.19910.5159218511905134908.stgit@bmoger-ubuntu/
> 6. Sean mantioned of renaming MSR_AMD64_VIRT_SPEC_CTRL. But, it might
> create even more confusion, so dropped the idea for now.
>
> v3: https://lore.kernel.org/kvm/161073115461.13848.18035972823733547803.stgit@bmoger-ubuntu/
> v2: https://lore.kernel.org/kvm/160867624053.3471.7106539070175910424.stgit@bmoger-ubuntu/
> v1: https://lore.kernel.org/kvm/160738054169.28590.5171339079028237631.stgit@bmoger-ubuntu/
>
> Babu Moger (2):
> x86/cpufeatures: Add the Virtual SPEC_CTRL feature
> KVM: SVM: Add support for Virtual SPEC_CTRL
>
>
> arch/x86/include/asm/cpufeatures.h | 1 +
> arch/x86/include/asm/svm.h | 4 +++-
> arch/x86/kvm/svm/nested.c | 2 ++
> arch/x86/kvm/svm/svm.c | 27 ++++++++++++++++++++++-----
> 4 files changed, 28 insertions(+), 6 deletions(-)
>
> --
>
Powered by blists - more mailing lists