| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <208429ae-d9c5-4b73-86ff-a9b31e68f7eb@zytor.com>
Date: Fri, 27 Sep 2024 10:48:55 -0700
From: Xin Li <xin@...or.com>
To: Sean Christopherson <seanjc@...gle.com>
Cc: Chao Gao <chao.gao@...el.com>, Xin Li <xin3.li@...el.com>,
linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
linux-doc@...r.kernel.org, linux-kselftest@...r.kernel.org,
pbonzini@...hat.com, corbet@....net, tglx@...utronix.de,
mingo@...hat.com, bp@...en8.de, dave.hansen@...ux.intel.com,
x86@...nel.org, hpa@...or.com, shuah@...nel.org, vkuznets@...hat.com,
peterz@...radead.org, ravi.v.shankar@...el.com
Subject: Re: [PATCH v2 07/25] KVM: VMX: Set intercept for FRED MSRs
>>> When FRED is advertised to a guest, KVM should allow FRED SSP MSRs
>>> accesses through disabling FRED SSP MSRs interception no matter whether
>>> supervisor shadow stacks are enabled or not.
>>
>> KVM doesn't necessarily need to disabling MSR interception, e.g. if
>> the expectation
>> is that the guest will rarely/never access the MSRs when CET is
>> unsupported, then
>> we're likely better off going with a trap-and-emulate model. KVM
>> needs to emulate
>> RDMSR and WRMSR no matter what, e.g. in case the guest triggers a
>> WRMSR when KVM
>> is emulating, and so that userspace can get/set MSR values.
>>
>> And this means that yes, FRED virtualization needs to land after CET
>> virtualization,
>> otherwise managing the conflicts/dependencies will be a nightmare.
>>
I still plan to send another iteration of the FRED patch set for review,
however I haven't seen your x86 KVM changes land into Linus' tree, it
will happen soon, right?
>
> No argument.
Powered by blists - more mailing lists