lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 9 Jun 2023 16:46:45 +0000
From:   "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
To:     "john.allen@....com" <john.allen@....com>
CC:     "Yang, Weijiang" <weijiang.yang@...el.com>,
        "Christopherson,, Sean" <seanjc@...gle.com>,
        "bp@...en8.de" <bp@...en8.de>, "x86@...nel.org" <x86@...nel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "thomas.lendacky@....com" <thomas.lendacky@....com>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "pbonzini@...hat.com" <pbonzini@...hat.com>,
        "andrew.cooper3@...rix.com" <andrew.cooper3@...rix.com>
Subject: Re: [RFC PATCH v2 6/6] KVM: SVM: Add CET features to supported_xss

On Fri, 2023-06-09 at 10:34 -0500, John Allen wrote:
> > Is setting XFEATURE_MASK_CET_KERNEL here ok? The host kernel will
> > not
> > support XFEATURE_MASK_CET_KERNEL. I guess after this there is a
> > small
> > window of time where host IA32_XSS could have non-host supported
> > supervisor state.
> > 
> > Sort of separately, how does SVM work with respect to saving and
> > restoring guest supervisor CET state (I mean the CET_S stuff)?
> 
> Apart from a minor exception involving SEV-ES, we are piggybacking on
> the state saving/restoring in Yang Weijiang's x86/VMX series. So by
> inspection, it looks like guest supervisor support is broken as the
> supervisor XSAVES state and MSRs are not included in that series. I
> currently don't have a way to test this case, but I think there are
> operating systems that support it. I'll work on getting a guest set
> up
> that can actually test this and hopefully have working guest
> supervisor
> support in the next version of the series.

Hmm, interesting. VMX has some separate non-xsaves thing to save and
restore the guests supervisor CET state, so Weijiang's series doesn't
use the xsaves supervisor CET support. Also, since the host might have
CR4.CET set for its own reasons, if the host handled an exit with the
the guests MSR_IA32_S_CET set it could suddenly be subjected to CET
enforcement that it doesn't expect. Waiting to restore it until
returning to the guest is too late.

At least that's the reasoning on the VMX side as I understand it. If
you need to add XFEATURE_CET_KERNEL generally, we'll have to think
about how it works with host IBT. Probably easiest to leave it disabled
on the Intel side.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ