| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <9EF391B5-71E8-4A9C-BD55-B78B5DEE5638@zytor.com>
Date: Thu, 6 Nov 2025 09:35:13 -0800
From: Xin Li <xin@...or.com>
To: linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
linux-doc@...r.kernel.org
Cc: pbonzini@...hat.com, seanjc@...gle.com, corbet@....net, tglx@...utronix.de,
mingo@...hat.com, bp@...en8.de, dave.hansen@...ux.intel.com,
x86@...nel.org, hpa@...or.com, luto@...nel.org, peterz@...radead.org,
andrew.cooper3@...rix.com, chao.gao@...el.com, hch@...radead.org,
sohil.mehta@...el.com
Subject: Re: [PATCH v9 00/22] Enable FRED with KVM VMX
> On Oct 26, 2025, at 1:18 PM, Xin Li (Intel) <xin@...or.com> wrote:
>
> This patch set enables the Intel flexible return and event delivery
> (FRED) architecture with KVM VMX to allow guests to utilize FRED.
>
> The FRED architecture defines simple new transitions that change
> privilege level (ring transitions). The FRED architecture was
> designed with the following goals:
>
> 1) Improve overall performance and response time by replacing event
> delivery through the interrupt descriptor table (IDT event
> delivery) and event return by the IRET instruction with lower
> latency transitions.
>
> 2) Improve software robustness by ensuring that event delivery
> establishes the full supervisor context and that event return
> establishes the full user context.
>
> The new transitions defined by the FRED architecture are FRED event
> delivery and, for returning from events, two FRED return instructions.
> FRED event delivery can effect a transition from ring 3 to ring 0, but
> it is used also to deliver events incident to ring 0. One FRED
> instruction (ERETU) effects a return from ring 0 to ring 3, while the
> other (ERETS) returns while remaining in ring 0. Collectively, FRED
> event delivery and the FRED return instructions are FRED transitions.
>
>
> Intel VMX architecture is extended to run FRED guests, and the major
> changes are:
>
> 1) New VMCS fields for FRED context management, which includes two new
> event data VMCS fields, eight new guest FRED context VMCS fields and
> eight new host FRED context VMCS fields.
>
> 2) VMX nested-exception support for proper virtualization of stack
> levels introduced with FRED architecture.
>
> Search for the latest FRED spec in most search engines with this search
> pattern:
>
> site:intel.com FRED (flexible return and event delivery) specification
>
>
> Although FRED and CET supervisor shadow stacks are independent CPU
> features, FRED unconditionally includes FRED shadow stack pointer
> MSRs IA32_FRED_SSP[0123], and IA32_FRED_SSP0 is just an alias of the
> CET MSR IA32_PL0_SSP. IOW, the state management of MSR IA32_PL0_SSP
> becomes an overlap area, and Sean requested that FRED virtualization
> to land after CET virtualization [1].
>
> With CET virtualization now merged in v6.18, the path is clear to submit
> the FRED virtualization patch series :).
Sean, what is the plan for the FRED patch series?
A good news is that we have got acks on all 3 common x86 patches.
Thanks!
Xin
>
> Changes in v9:
> * Rebased to the latest kvm-x86/next branch, tag kvm-x86-next-2025.10.20-2.
> * Guard FRED state save/restore with guest_cpu_cap_has(vcpu, X86_FEATURE_FRED)
> in patch 19 (syzbot & Chao).
> * Use array indexing for exception stack access, eliminating the need for
> the ESTACKS_MEMBERS() macro in struct cea_exception_stacks, and then
> exported __this_cpu_ist_top_va() in a subsequent patch (Dave Hansen).
> * Rewrote some of the change logs.
Powered by blists - more mailing lists