lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aMs40gVA4DAHex6A@google.com>
Date: Wed, 17 Sep 2025 15:40:18 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Xin Li <xin@...or.com>
Cc: Arjan van de Ven <arjan@...ux.intel.com>, linux-kernel@...r.kernel.org, 
	kvm@...r.kernel.org, linux-pm@...r.kernel.org, pbonzini@...hat.com, 
	tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, 
	dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com, rafael@...nel.org, 
	pavel@...nel.org, brgerst@...il.com, david.kaplan@....com, 
	peterz@...radead.org, andrew.cooper3@...rix.com, kprateek.nayak@....com, 
	chao.gao@...el.com, rick.p.edgecombe@...el.com, dan.j.williams@...el.com, 
	"adrian.hunter@...el.com" <adrian.hunter@...el.com>
Subject: Re: [RFC PATCH v1 0/5] x86/boot, KVM: Move VMXON/VMXOFF handling from
 KVM to CPU lifecycle

On Wed, Sep 17, 2025, Xin Li wrote:
> On 9/16/2025 10:54 AM, Sean Christopherson wrote:
> > On Thu, Sep 11, 2025, Arjan van de Ven wrote:
> > > Hi,
> > > > I also want to keep the code as a module, both to avoid doing VMXON unconditionally,
> > > 
> > > can you expand on what the problem is with having VMXON unconditionally enabled?
> > 
> > Unlike say EFER.SVME, VMXON fundamentally changes CPU behavior.  E.g. blocks INIT,
> > activates VMCS caches (which aren't cleared by VMXOFF on pre-SPR CPUs, and AFAIK
> > Intel hasn't even publicly committed to that behavior for SPR+), restricts allowed
> > CR0 and CR4 values, raises questions about ucode patch updates, triggers unique
> > flows in SMI/RSM, prevents Intel PT from tracing on certain CPUs, and probably a
> > few other things I'm forgetting.
> 
> Regarding Intel PT, if VMXON/VMXOFF are moved to CPU startup/shutdown, as
> Intel PT is initialized during arch_initcall() stage, entering and leaving
> VMX operation no longer happen while Intel PT is _active_, thus
> intel_pt_handle_vmx() no longer needs to "handles" VMX state transitions.

The issue isn't handling transitions, it's that some CPUs don't support Intel PT
post-VMXON:

  If bit 14 is read as 1, Intel® Processor Trace (Intel PT) can be used in VMX
  operation. If the processor supports Intel PT but does not allow it to be used
  in VMX operation, execution of VMXON clears IA32_RTIT_CTL.TraceEn (see
  “VMXON—Enter VMX Operation” in Chapter 32); any attempt to write IA32_RTIT_CTL
  while in VMX operation (including VMX root operation) causes a general-protection
  exception.

And again, unconditionally doing VMXON is a minor objection in all of this.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ