lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <SA1PR11MB67340002B67910588EE335B1A8722@SA1PR11MB6734.namprd11.prod.outlook.com>
Date: Wed, 17 Jan 2024 16:34:49 +0000
From: "Li, Xin3" <xin3.li@...el.com>
To: "Gao, Chao" <chao.gao@...el.com>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"kvm@...r.kernel.org" <kvm@...r.kernel.org>, "seanjc@...gle.com"
	<seanjc@...gle.com>, "pbonzini@...hat.com" <pbonzini@...hat.com>,
	"tglx@...utronix.de" <tglx@...utronix.de>, "mingo@...hat.com"
	<mingo@...hat.com>, "bp@...en8.de" <bp@...en8.de>,
	"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>, "x86@...nel.org"
	<x86@...nel.org>, "hpa@...or.com" <hpa@...or.com>, "Yang, Weijiang"
	<weijiang.yang@...el.com>, "Huang, Kai" <kai.huang@...el.com>
Subject: RE: [PATCH v4 1/2] KVM: VMX: Cleanup VMX basic information defines
 and usages

> >+#define VMX_BASIC_FEATURES_MASK			\
> >+	(VMX_BASIC_DUAL_MONITOR_TREATMENT |	\
> >+	 VMX_BASIC_INOUT |			\
> >+	 VMX_BASIC_TRUE_CTLS)
> >+
> >+#define VMX_BASIC_RESERVED_BITS			\
> >+	(GENMASK_ULL(63, 56) | GENMASK_ULL(47, 45) | BIT_ULL(31))
> 
> When we add a new feature (e.g., in CET series, bit 56 is added), the above
> two macros need to be modified.
> 
> Would it be better to use a macro for bits exempt from the bitwise check below
> e.g.,
> 
> #define VMX_BASIC_MULTI_BITS_FEATURES_MASK
> 
> 	(GENMASK_ULL(53, 50) | GENMASK_ULL(44, 32) | GENMASK_ULL(30, 0))
> 
> and do
> 	if (!is_bitwise_subset(vmx_basic, data,
> 			       ~VMX_BASIC_MULTI_BITS_FEATURES_MASK)
> 
> then we don't need to change the macro when adding new features.

Sounds a good idea to me, and just need to add comments about why.

> 
> >+
> > static int vmx_restore_vmx_basic(struct vcpu_vmx *vmx, u64 data)
> > {
> >-	const u64 feature_and_reserved =
> >-		/* feature (except bit 48; see below) */
> >-		BIT_ULL(49) | BIT_ULL(54) | BIT_ULL(55) |
> >-		/* reserved */
> >-		BIT_ULL(31) | GENMASK_ULL(47, 45) | GENMASK_ULL(63, 56);
> > 	u64 vmx_basic = vmcs_config.nested.basic;
> >
> >-	if (!is_bitwise_subset(vmx_basic, data, feature_and_reserved))
> >+	static_assert(!(VMX_BASIC_FEATURES_MASK &
> VMX_BASIC_RESERVED_BITS));
> >+
> >+	if (!is_bitwise_subset(vmx_basic, data,
> >+			       VMX_BASIC_FEATURES_MASK |
> VMX_BASIC_RESERVED_BITS))
> > 		return -EINVAL;
> >
> > 	/*
> > 	 * KVM does not emulate a version of VMX that constrains physical
> > 	 * addresses of VMX structures (e.g. VMCS) to 32-bits.
> > 	 */
> >-	if (data & BIT_ULL(48))
> >+	if (data & VMX_BASIC_32BIT_PHYS_ADDR_ONLY)
> > 		return -EINVAL;
> 
> Side topic:
> 
> Actually, there is no need to handle bit 48 as a special case. If we add bit 48
> to VMX_BASIC_FEATURES_MASK, the bitwise check will fail if bit 48 of @data is 1.

Good point!  This is also what you suggested above.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ