lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CABgObfa_mkk-c3NZ623WzYDxw59NcYB_tEQ8tFX4CECHW3JxQQ@mail.gmail.com>
Date: Thu, 11 Apr 2024 17:20:30 +0200
From: Paolo Bonzini <pbonzini@...hat.com>
To: Alexandre Chartre <alexandre.chartre@...cle.com>
Cc: Andrew Cooper <andrew.cooper3@...rix.com>, x86@...nel.org, kvm@...r.kernel.org, 
	linux-kernel@...r.kernel.org, daniel.sneddon@...ux.intel.com, 
	pawan.kumar.gupta@...ux.intel.com, tglx@...utronix.de, konrad.wilk@...cle.com, 
	peterz@...radead.org, gregkh@...uxfoundation.org, seanjc@...gle.com, 
	dave.hansen@...ux.intel.com, nik.borisov@...e.com, kpsingh@...nel.org, 
	longman@...hat.com, bp@...en8.de
Subject: Re: [PATCH] KVM: x86: Set BHI_NO in guest when host is not affected
 by BHI

On Thu, Apr 11, 2024 at 5:13 PM Alexandre Chartre
<alexandre.chartre@...cle.com> wrote:
> I think that Andrew's concern is that if there is no eIBRS on the host then
> we do not set X86_BUG_BHI on the host because we know the kernel which is
> running and this kernel has some mitigations (other than the explicit BHI
> mitigations) and these mitigations are enough to prevent BHI. But still
> the cpu is affected by BHI.

Hmm, then I'm confused. It's what I wrote before: "The (Linux or
otherwise) guest will make its own determinations as to whether BHI
mitigations are necessary. If the guest uses eIBRS, it will run with
mitigations" but you said machines without eIBRS are fine.

If instead they are only fine _with Linux_, then yeah we cannot set
BHI_NO in general. What we can do is define a new bit that is in the
KVM leaves. The new bit is effectively !eIBRS, except that it is
defined in such a way that, in a mixed migration pool, both eIBRS and
the new bit will be 0.

Paolo


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ