lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230811101456.GDZNYKIHs1k7ri8hrI@fat_crate.local>
Date:   Fri, 11 Aug 2023 12:14:56 +0200
From:   Borislav Petkov <bp@...en8.de>
To:     Nathan Chancellor <nathan@...nel.org>
Cc:     x86@...nel.org, linux-kernel@...r.kernel.org, llvm@...ts.linux.dev
Subject: Re: Hang when booting guest kernels compiled with clang after SRSO
 mitigations

On Thu, Aug 10, 2023 at 09:14:14AM -0700, Nathan Chancellor wrote:
> Not sure how helpful that will be...

Yeah, not really. More wild guesses: if you uncomment the UNTRAIN_RET in
__svm_vcpu_run() on the host, does that have any effect? Diff below.

Also, can you send me the host and guest .configs and the compilers
you've used so that I can try to reproduce here exactly what you have?

Thx.

---
diff --git a/arch/x86/kvm/svm/vmenter.S b/arch/x86/kvm/svm/vmenter.S
index 265452fc9ebe..b5871259a973 100644
--- a/arch/x86/kvm/svm/vmenter.S
+++ b/arch/x86/kvm/svm/vmenter.S
@@ -222,7 +222,7 @@ SYM_FUNC_START(__svm_vcpu_run)
 	 * because interrupt handlers won't sanitize 'ret' if the return is
 	 * from the kernel.
 	 */
-	UNTRAIN_RET
+//	UNTRAIN_RET
 
 	/* SRSO */
 	ALTERNATIVE "", "call entry_ibpb", X86_FEATURE_IBPB_ON_VMEXIT


-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ