lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <75aec9df-860c-f1d8-15f1-a401d1ee3c3a@amd.com>
Date:   Tue, 24 Jan 2023 18:47:04 +0530
From:   "Nikunj A. Dadhania" <nikunj@....com>
To:     Alexey Kardashevskiy <aik@....com>
Cc:     kvm@...r.kernel.org, x86@...nel.org, linux-kernel@...r.kernel.org,
        Yury Norov <yury.norov@...il.com>,
        Venu Busireddy <venu.busireddy@...cle.com>,
        Tony Luck <tony.luck@...el.com>,
        Tom Lendacky <thomas.lendacky@....com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Sean Christopherson <seanjc@...gle.com>,
        Sandipan Das <sandipan.das@....com>,
        Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Michael Roth <michael.roth@....com>,
        Mario Limonciello <mario.limonciello@....com>,
        Kim Phillips <kim.phillips@....com>,
        Kees Cook <keescook@...omium.org>,
        Juergen Gross <jgross@...e.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Ingo Molnar <mingo@...hat.com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Daniel Sneddon <daniel.sneddon@...ux.intel.com>,
        Brijesh Singh <brijesh.singh@....com>,
        Borislav Petkov <bp@...en8.de>,
        Arnaldo Carvalho de Melo <acme@...hat.com>,
        Andrew Cooper <andrew.cooper3@...rix.com>,
        Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
        Adrian Hunter <adrian.hunter@...el.com>,
        "Peter Zijlstra (Intel)" <peterz@...radead.org>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        "H. Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH kernel v3 3/3] x86/sev: Do not handle #VC for DR7
 read/write



On 24/01/23 18:07, Alexey Kardashevskiy wrote:
> 
> 
> On 24/1/23 21:37, Nikunj A. Dadhania wrote:
>> It is MSR_AMD64_SEV_DEBUG_SWAP (SEV, not SNP), it is an SEV-ES thing.
> Yes, noticed that, earlier analysis was that Debug Swap shouldn't need any guest side changes, but it does need it.

>>> Why is that feature negotiation SNP-only and not SEV?

>> As per the spec, GHCB termination request: reason code: 0x2 is SNP features specific.
> Does the guest really need to terminate in such case? 

The termination is from the guest that do not have implementation for the hypervisor enabled feature, in this case DebugSwap. 
If DebugSwap is enabled by the hypervisor and not handled in guest #VC, then DR7 read/write can be intercepted by the malicious
hypervisor, which can return unexpected values.

> A VM could just not do the GHCB thing if it does not want to.

In that case, the VM can have unexpected failures.

Regards
Nikunj

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ