lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+EHjTyjVMw5CtEiLoZzvnnano94UGx_URhFBd7BRYm89K+XmQ@mail.gmail.com>
Date: Fri, 6 Sep 2024 17:14:09 +0100
From: Fuad Tabba <tabba@...gle.com>
To: Mark Brown <broonie@...nel.org>
Cc: Dave Martin <Dave.Martin@....com>, Marc Zyngier <maz@...nel.org>, 
	Catalin Marinas <catalin.marinas@....com>, Will Deacon <will@...nel.org>, 
	Oliver Upton <oliver.upton@...ux.dev>, James Morse <james.morse@....com>, 
	Suzuki K Poulose <suzuki.poulose@....com>, linux-arm-kernel@...ts.infradead.org, 
	linux-kernel@...r.kernel.org, kvmarm@...ts.linux.dev
Subject: Re: [PATCH v4 0/4] KVM: arm64: Fix underallocation of storage for SVE state

On Fri, 6 Sept 2024 at 17:10, Mark Brown <broonie@...nel.org> wrote:
>
> On Fri, Sep 06, 2024 at 04:35:29PM +0100, Fuad Tabba wrote:
>
> > > > Can't pKVM just hide the non symmetrically supported VLs using ZCR_EL2,
> > > > just as regular KVM does for the guest?
>
> > > > (I may be making bad assumptions about pKVM's relationship with the host
> > > > kernel.)
>
> > > That's one for the pKVM people.
>
> > Yes, but that's not really the issue here, unless I'm missing
> > something else. The issue is that pKVM needs to store the host's SVE
> > state too, to be able to restore it. So hiding non-symmetrically
> > supported VLs for the guests shouldn't be relevant.
>
> If the host kernel is also running at EL1 and it's only the hypervisor
> running at EL2 then the hypervisor can control the VLs that the host
> kernel is able to access?

Yes it can. But do we want to impose limits on host VLs when running
pKVM that might not exist without pKVM?

Although AFAIK, such hardware doesn't exist in practice, the reason we
went down this rabbit hole from the beginning was to ensure that we
wouldn't run into problems if it were to happen.

Thanks,
/fuad

Powered by blists - more mailing lists