lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240531044644.768-1-ravi.bangoria@amd.com>
Date: Fri, 31 May 2024 04:46:41 +0000
From: Ravi Bangoria <ravi.bangoria@....com>
To: <seanjc@...gle.com>, <pbonzini@...hat.com>, <nikunj.dadhania@....com>
CC: <ravi.bangoria@....com>, <thomas.lendacky@....com>, <tglx@...utronix.de>,
	<mingo@...hat.com>, <bp@...en8.de>, <dave.hansen@...ux.intel.com>,
	<x86@...nel.org>, <hpa@...or.com>, <michael.roth@....com>,
	<pankaj.gupta@....com>, <kvm@...r.kernel.org>,
	<linux-kernel@...r.kernel.org>, <santosh.shukla@....com>
Subject: [PATCH v4 0/3] KVM: SEV-ES: Fix KVM_{GET|SET}_MSRS and LBRV handling

Fix couple of interrelated issues:

o KVM currently allows userspace to access MSRs even after the VMSA is
  encrypted. This can result into issues if MSR update has side effects on
  VM configuration. Patch 1 fixes that by preventing KVM_{GET|SET}_MSRS
  for SEV-ES guests once VMSA is encrypted.

o As documented in APM, LBR Virtualization must be enabled for SEV-ES
  guests. However, KVM currently enables LBRV unconditionally without
  checking feature bit, which is wrong. Patch 2 prevents SEV-ES guests
  when LBRV support is missing.

o Although LBRV is enabled for SEV-ES guests, MSR_IA32_DEBUGCTLMSR was
  still intercepted. This can crash SEV-ES guest if used inadvertently.
  Patch 3 fixes it.

Patches prepared on kvm/next (6f627b425378)

v3: https://lore.kernel.org/r/20240523121828.808-1-ravi.bangoria@amd.com
v3->v4:
 - Return -EINVAL instead of 0 while preventing MSR accesses post VMSA
   encryption.
 - Make 'lbrv' a global variable instead of passing it as function
   argument, this follows the pattern used by other variables.

Nikunj A Dadhania (1):
  KVM: SEV-ES: Prevent MSR access post VMSA encryption

Ravi Bangoria (2):
  KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent
  KVM: SEV-ES: Fix LBRV code

 arch/x86/kvm/svm/sev.c | 19 ++++++++++++++-----
 arch/x86/kvm/svm/svm.c | 42 ++++++++++++++++++++++++++++++++----------
 arch/x86/kvm/svm/svm.h |  4 +++-
 3 files changed, 49 insertions(+), 16 deletions(-)

-- 
2.45.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ