lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 11 Jun 2024 18:42:11 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Ravi Bangoria <ravi.bangoria@....com>
Cc: tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, 
	dave.hansen@...ux.intel.com, pbonzini@...hat.com, thomas.lendacky@....com, 
	hpa@...or.com, rmk+kernel@...linux.org.uk, peterz@...radead.org, 
	james.morse@....com, lukas.bulwahn@...il.com, arjan@...ux.intel.com, 
	j.granados@...sung.com, sibs@...natelecom.cn, nik.borisov@...e.com, 
	michael.roth@....com, nikunj.dadhania@....com, babu.moger@....com, 
	x86@...nel.org, kvm@...r.kernel.org, linux-kernel@...r.kernel.org, 
	santosh.shukla@....com, ananth.narayan@....com, sandipan.das@....com
Subject: Re: [PATCH 3/3] KVM SVM: Add Bus Lock Detect support

On Wed, Jun 05, 2024, Ravi Bangoria wrote:
> On 6/5/2024 8:38 PM, Sean Christopherson wrote:
> > Some of the problems on Intel were due to the awful FMS-based feature detection,
> > but those weren't the only hiccups.  E.g. IIRC, we never sorted out what should
> > happen if both the host and guest want bus-lock #DBs.
> 
> I've to check about vcpu->guest_debug part, but keeping that aside, host and
> guest can use Bus Lock Detect in parallel because, DEBUG_CTL MSR and DR6
> register are save/restored in VMCB, hardware cause a VMEXIT_EXCEPTION_1 for
> guest #DB(when intercepted) and hardware raises #DB on host when it's for the
> host.

I'm talking about the case where the host wants to do something in response to
bus locks that occurred in the guest.  E.g. if the host is taking punitive action,
say by stalling the vCPU, then the guest kernel could bypass that behavior by
enabling bus lock detect itself.

Maybe it's moot point in practice, since it sounds like Bus Lock Threshold will
be available at the same time.

Ugh, and if we wanted to let the host handle guest-induced #DBs, we'd need code
to keep Bus Lock Detect enabled in the guest since it resides in DEBUG_CTL.  Bah.

So I guess if the vcpu->guest_debug part is fairly straightforward, it probably
makes to virtualize Bus Lock Detect because the only reason not to virtualize it
would actually require more work/code in KVM.

I'd still love to see Bus Lock Threshold support sooner than later though :-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ