| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 1 May 2024 16:23:28 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Yang Weijiang <weijiang.yang@...el.com>
Cc: pbonzini@...hat.com, dave.hansen@...el.com, x86@...nel.org,
kvm@...r.kernel.org, linux-kernel@...r.kernel.org, peterz@...radead.org,
chao.gao@...el.com, rick.p.edgecombe@...el.com, mlevitsk@...hat.com,
john.allen@....com
Subject: Re: [PATCH v10 26/27] KVM: nVMX: Enable CET support for nested guest
On Sun, Feb 18, 2024, Yang Weijiang wrote:
> @@ -2438,6 +2460,30 @@ static void prepare_vmcs02_early(struct vcpu_vmx *vmx, struct loaded_vmcs *vmcs0
> }
> }
>
> +static inline void cet_vmcs_fields_get(struct kvm_vcpu *vcpu, u64 *ssp,
> + u64 *s_cet, u64 *ssp_tbl)
> +{
> + if (guest_can_use(vcpu, X86_FEATURE_SHSTK)) {
> + *ssp = vmcs_readl(GUEST_SSP);
> + *s_cet = vmcs_readl(GUEST_S_CET);
> + *ssp_tbl = vmcs_readl(GUEST_INTR_SSP_TABLE);
> + } else if (guest_can_use(vcpu, X86_FEATURE_IBT)) {
> + *s_cet = vmcs_readl(GUEST_S_CET);
> + }
Same comments about accessing S_CET, please do so in a dedicated path.
> +}
> +
> +static inline void cet_vmcs_fields_put(struct kvm_vcpu *vcpu, u64 ssp,
> + u64 s_cet, u64 ssp_tbl)
This should probably use "set" instead of "put". I can't think of a single case
where KVM uses "put" to describe writing state, e.g. "put" is always used when
putting a reference or unloading state.
> +{
> + if (guest_can_use(vcpu, X86_FEATURE_SHSTK)) {
> + vmcs_writel(GUEST_SSP, ssp);
> + vmcs_writel(GUEST_S_CET, s_cet);
> + vmcs_writel(GUEST_INTR_SSP_TABLE, ssp_tbl);
> + } else if (guest_can_use(vcpu, X86_FEATURE_IBT)) {
> + vmcs_writel(GUEST_S_CET, s_cet);
> + }
And here.
Powered by blists - more mailing lists