lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <0f8dde12-576b-1579-38c9-496306aeeb81@redhat.com>
Date:   Fri, 22 Jul 2022 19:18:22 +0200
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     Sean Christopherson <seanjc@...gle.com>
Cc:     linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
        oliver.upton@...ux.dev
Subject: Re: [PATCH] Revert "KVM: nVMX: Do not expose MPX VMX controls when
 guest MPX disabled"

On 7/22/22 17:27, Sean Christopherson wrote:
>> So revert it, at the potential cost
>> of breaking L1s with a 6 year old kernel.
> I would further qualify this with "breaking L1s with an_unpatched_  6 year old
> kernel".  That fix was tagged for stable and made it way to at least the 4.9 and
> 4.4 LTS releases.
> 

Well, there _are_ people that use very old kernels and keep them 
up-to-date with fixes for only critical CVEs (for example by, ehm, 
paying my employer to do so).  But still it's way way unlikely for them 
to be used as L1 in a nested setup, whether on their own hardware or in 
the cloud.

I pushed everything to kvm/queue, but depending on what you post it may 
be deferred to 5.21.

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ