lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 10 Jan 2022 11:47:47 +0800
From:   Like Xu <like.xu.linux@...il.com>
To:     Paolo Bonzini <pbonzini@...hat.com>
Cc:     Sean Christopherson <seanjc@...gle.com>,
        Jim Mattson <jmattson@...gle.com>,
        Wanpeng Li <wanpengli@...cent.com>,
        Vitaly Kuznetsov <vkuznets@...hat.com>,
        Joerg Roedel <joro@...tes.org>, x86@...nel.org,
        kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH v2] KVM: x86/pt: Ignore all unknown Intel PT capabilities

From: Like Xu <likexu@...cent.com>

Some of the new Intel PT capabilities (e.g. SDM Vol3, 32.2.4 Event
Tracing, it exposes details about the asynchronous events, when they are
generated, and when their corresponding software event handler completes
execution) cannot be safely and fully emulated by the KVM, especially
emulating the simultaneous writing of guest PT packets generated by
the KVM to the guest PT buffer.

For KVM, it's better to advertise currently supported features based on
the "static struct pt_cap_desc" implemented in the host PT driver and
ignore _all_ unknown features before they have been investigated one by
one and supported in a safe manner, leaving the rest as system-wide-only
tracing capabilities.

Suggested-by: Paolo Bonzini <pbonzini@...hat.com>
Signed-off-by: Like Xu <likexu@...cent.com>
---
v1 -> v2 Changelog:
- Be safe and ignore _all_ unknown capabilities. (Paolo)

Previous:
https://lore.kernel.org/kvm/20220106085533.84356-1-likexu@tencent.com/

 arch/x86/kvm/cpuid.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 0b920e12bb6d..439b93359848 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -901,6 +901,8 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function)
 			break;
 		}
 
+		/* It's better to be safe and ignore _all_ unknown capabilities. */
+		entry->ebx &= GENMASK(5, 0);
 		for (i = 1, max_idx = entry->eax; i <= max_idx; ++i) {
 			if (!do_host_cpuid(array, function, i))
 				goto out;
-- 
2.33.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ