lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c06fdc4f3b4d4346ae80801a6c3a6ff2@intel.com>
Date:   Tue, 21 Dec 2021 09:06:26 +0000
From:   "Wang, Wei W" <wei.w.wang@...el.com>
To:     Paolo Bonzini <pbonzini@...hat.com>,
        "Liu, Jing2" <jing2.liu@...el.com>,
        "x86@...nel.org" <x86@...nel.org>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "mingo@...hat.com" <mingo@...hat.com>,
        "bp@...en8.de" <bp@...en8.de>,
        "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>
CC:     "seanjc@...gle.com" <seanjc@...gle.com>,
        "Nakajima, Jun" <jun.nakajima@...el.com>,
        "Tian, Kevin" <kevin.tian@...el.com>,
        "jing2.liu@...ux.intel.com" <jing2.liu@...ux.intel.com>,
        "Zeng, Guang" <guang.zeng@...el.com>,
        "Zhong, Yang" <yang.zhong@...el.com>
Subject: RE: [PATCH v2 18/23] kvm: x86: Get/set expanded xstate buffer

On Tuesday, December 21, 2021 4:45 PM, Paolo Bonzini wrote:
> On 12/21/21 03:45, Wang, Wei W wrote:
> >> KVM_GET_XSAVE2 and KVM_SET_XSAVE respectively write and read as
> many
> >> bytes as are returned by KVM_CHECK_EXTENSION(KVM_CAP_XSAVE2),
> when
> >> invoked on the vm file descriptor.  Currently,
> >> KVM_CHECK_EXTENSION(KVM_CAP_XSAVE2) will only return a value that is
> >> greater than 4096 bytes if any dynamic features have been enabled
> >> with ``arch_prctl()``; this however may change in the future.
> > Would this make people think that
> KVM_CHECK_EXTENSION(KVM_CAP_XSAVE2)
> > doesn’t return the value (i.e. return 0) if it is smaller than 4096?
> > (i.e. KVM_GET_XSAVE2 doesn't work with size < 4096, which isn’t true)
> >
> > I plan to just reword a bit:
> > Currently, KVM_CHECK_EXTENSION(KVM_CAP_XSAVE2) will only return a
> size
> > value, and the value is greater than 4096 bytes if any dynamic
> > features have been enabled with ``arch_prctl()``. More types of values could
> be returned in the future.
> 
> Next refinement:
> 
> The size value returned by KVM_CHECK_EXTENSION(KVM_CAP_XSAVE2) will
> always be at least 4096.  Currently, it is only greater than 4096 if a dynamic
> feature has been enabled with ``arch_prctl()``, but this may change in the
> future.

> (I'm not sure if the first sentence is true in the code, but if not it is a bug that
> has to be fixed :)).

For the implementation, KVM_CHECK_EXTENSION(KVM_CAP_XSAVE2) always return kvm->vcpus[0]->arch.guest_fpu.uabi_size.
Do you want to change it to below?

If (kvm->vcpus[0]->arch.guest_fpu.uabi_size < 4096)
	return 0;
else
	return kvm->vcpus[0]->arch.guest_fpu.uabi_size;

If the size is less than 4096 (e.g. no dynamic xfeatures enabled),
userspace should use the old KVM_GET_XSAVE (instead of KVM_GET_XSAVE2)?
(KVM_GET_XSAVE2 supports to work with size less than 4096, so I think this isn't necessary)

Thanks,
Wei

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ