lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 6 May 2024 17:05:56 +0000
From: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
To: "Yang, Weijiang" <weijiang.yang@...el.com>, "seanjc@...gle.com"
	<seanjc@...gle.com>
CC: "Gao, Chao" <chao.gao@...el.com>, "Hansen, Dave" <dave.hansen@...el.com>,
	"x86@...nel.org" <x86@...nel.org>, "peterz@...radead.org"
	<peterz@...radead.org>, "john.allen@....com" <john.allen@....com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"mlevitsk@...hat.com" <mlevitsk@...hat.com>, "kvm@...r.kernel.org"
	<kvm@...r.kernel.org>, "pbonzini@...hat.com" <pbonzini@...hat.com>
Subject: Re: [PATCH v10 24/27] KVM: x86: Enable CET virtualization for VMX and
 advertise to userspace

On Mon, 2024-05-06 at 17:19 +0800, Yang, Weijiang wrote:
> On 5/2/2024 7:15 AM, Sean Christopherson wrote:
> > On Sun, Feb 18, 2024, Yang Weijiang wrote:
> > > @@ -696,6 +697,20 @@ void kvm_set_cpu_caps(void)
> > >                 kvm_cpu_cap_set(X86_FEATURE_INTEL_STIBP);
> > >         if (boot_cpu_has(X86_FEATURE_AMD_SSBD))
> > >                 kvm_cpu_cap_set(X86_FEATURE_SPEC_CTRL_SSBD);
> > > +       /*
> > > +        * Don't use boot_cpu_has() to check availability of IBT because
> > > the
> > > +        * feature bit is cleared in boot_cpu_data when ibt=off is applied
> > > +        * in host cmdline.
> > I'm not convinced this is a good reason to diverge from the host kernel. 
> > E.g.
> > PCID and many other features honor the host setup, I don't see what makes
> > IBT
> > special.
> 
> This is mostly based on our user experience and the hypothesis for cloud
> computing:
> When we evolve host kernels, we constantly encounter issues when kernel IBT is
> on,
> so we have to disable kernel IBT by adding ibt=off. But we need to test the
> CET features
> in VM, if we just simply refer to host boot cpuid data, then IBT cannot be
> enabled in
> VM which makes CET features incomplete in guest.
> 
> I guess in cloud computing, it could run into similar dilemma. In this case,
> the tenant
> cannot benefit the feature just because of host SW problem. I know currently
> KVM
> except LA57 always honors host feature configurations, but in CET case, there
> could be
> divergence wrt honoring host configuration as long as there's no quirk for the
> feature.
> 
> But I think the issue is still open for discussion...

I think the back and forth I remembered was actually around SGX IBT, but I did
find this thread:
https://lore.kernel.org/lkml/20231128085025.GA3818@noisy.programming.kicks-ass.net/

Disabling kernel IBT enforcement without disabling KVM IBT seems worthwhile. But
the solution is to not to not honor host support. It is to have kernel IBT not
clear the feature flag and instead clear something else. This can be done
independently of the KVM series.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ