| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250411001702.p5g2gjtundwjtbwy@desk> Date: Thu, 10 Apr 2025 17:17:02 -0700 From: Pawan Gupta <pawan.kumar.gupta@...ux.intel.com> To: Sean Christopherson <seanjc@...gle.com> Cc: Josh Poimboeuf <jpoimboe@...nel.org>, x86@...nel.org, Paolo Bonzini <pbonzini@...hat.com>, linux-kernel@...r.kernel.org, kvm@...r.kernel.org Subject: Re: [PATCH] x86/bugs/mmio: Rename mmio_stale_data_clear to cpu_buf_vm_clear On Thu, Apr 10, 2025 at 04:35:58PM -0700, Sean Christopherson wrote: > > > I like the idea of tying the static key back to X86_FEATURE_CLEAR_CPU_BUF, but > > > when looking at just the usage in KVM, "cpu_buf_vm_clear" doesn't provide any > > > hints as to when/why KVM needs to clear buffers. > > > > Thats fair, can we cover that with a comment like below: > > > > --- > > diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c > > index c79720aad3df..cddad4a6eb46 100644 > > --- a/arch/x86/kvm/vmx/vmx.c > > +++ b/arch/x86/kvm/vmx/vmx.c > > @@ -7358,6 +7358,10 @@ static noinstr void vmx_vcpu_enter_exit(struct kvm_vcpu *vcpu, > > * mitigation for MDS is done late in VMentry and is still > > * executed in spite of L1D Flush. This is because an extra VERW > > * should not matter much after the big hammer L1D Flush. > > + * > > + * cpu_buf_vm_clear is used when system is not vulnerable to MDS/TAA, > > + * but is affected by MMIO Stale Data that only needs mitigation > > + * against a rogue guest. > > Would this be accurate? I believe this is accurate as things stand today. But, when Attack Vector Control series leverages cpu_buf_vm_clear, the comment also needs to be updated.
Powered by blists - more mailing lists