lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 10 Nov 2021 09:45:50 +0800
From:   Xiaoyao Li <xiaoyao.li@...el.com>
To:     Paolo Bonzini <pbonzini@...hat.com>,
        Tom Lendacky <thomas.lendacky@....com>
Cc:     isaku.yamahata@...il.com,
        "Yamahata, Isaku" <isaku.yamahata@...el.com>, x86@...nel.org,
        Joerg Roedel <joro@...tes.org>,
        Jim Mattson <jmattson@...gle.com>,
        Wanpeng Li <wanpengli@...cent.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H . Peter Anvin" <hpa@...or.com>,
        Vitaly Kuznetsov <vkuznets@...hat.com>, erdemaktas@...gle.com,
        Connor Kuehl <ckuehl@...hat.com>,
        Sean Christopherson <seanjc@...gle.com>,
        linux-kernel@...r.kernel.org, kvm@...r.kernel.org
Subject: Re: [RFC PATCH v2 24/69] KVM: x86: Introduce "protected guest"
 concept and block disallowed ioctls

On 11/10/2021 1:15 AM, Paolo Bonzini wrote:
> On 11/9/21 14:37, Xiaoyao Li wrote:
>>
>> Tom,
>>
>> I think what you did in this commit is not so correct. It just 
>> silently ignores the ioctls insteaf of returning an error to userspace 
>> to tell this IOCTL is not invalid to this VM. E.g., for 
>> kvm_arch_vcpu_ioctl_get_fpu(), QEMU just gets it succesful with fpu 
>> being all zeros.
> 
> Yes, it's a "cop out" that removes the need for more complex changes in 
> QEMU.
> 
> I think for the get/set registers ioctls 
> KVM_GET/SET_{REGS,SREGS,FPU,XSAVE,XCRS} we need to consider SEV-ES 
> backwards compatibility.  This means, at least for now, only apply the 
> restriction to TDX (using a bool-returning function, see the review for 
> 28/69).
> 
> For SMM, MCE, vCPU events and for kvm_valid/dirty_regs, it can be done 
> as in this patch.
> 

thank you Paolo,

I will go with this direction.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ