| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20221110005706.1064832-1-seanjc@google.com>
Date: Thu, 10 Nov 2022 00:57:04 +0000
From: Sean Christopherson <seanjc@...gle.com>
To: Sean Christopherson <seanjc@...gle.com>,
Paolo Bonzini <pbonzini@...hat.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
Yu Zhang <yu.c.zhang@...ux.intel.com>
Subject: [PATCH 0/2] KVM: nVMX: Fix another case where KVM overrides VMX MSRs
Fix another case where KVM overrides the VMX MSRs (well, just the one MSR)
during KVM_SET_CPUID. Similar to somewhat recent reverts
8805875aa473 ("Revert "KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled"")
9389d5774aca ("Revert "KVM: nVMX: Expose load IA32_PERF_GLOBAL_CTRL VM-{Entry,Exit} control"")
undo misguided KVM behavior where KVM overrides allowed-1 settings in the
secondary execution controls in response to changes to the guest's CPUID
model. To avoid breaking userspace that doesn't take ownership of the
VMX MSRs, go hands off if and only if userpace sets the MSR in question
Sean Christopherson (2):
KVM: nVMX: Don't muck with allowed sec exec controls on CPUID changes
KVM: selftests: Test KVM's handling of VMX's sec exec MSR on
KVM_SET_CPUID
arch/x86/kvm/vmx/capabilities.h | 1 +
arch/x86/kvm/vmx/nested.c | 3 +
arch/x86/kvm/vmx/vmx.c | 2 +-
.../selftests/kvm/include/x86_64/processor.h | 1 +
.../selftests/kvm/include/x86_64/vmx.h | 4 +-
.../selftests/kvm/x86_64/vmx_msrs_test.c | 92 +++++++++++++++++++
6 files changed, 100 insertions(+), 3 deletions(-)
base-commit: d663b8a285986072428a6a145e5994bc275df994
--
2.38.1.431.g37b22c650d-goog
Powered by blists - more mailing lists