lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <D4E24A7A-8F95-4DD5-B7CF-8081BB9D7984@nutanix.com>
Date: Tue, 23 Dec 2025 04:15:51 +0000
From: Jon Kohler <jon@...anix.com>
To: Sean Christopherson <seanjc@...gle.com>
CC: "pbonzini@...hat.com" <pbonzini@...hat.com>,
        "tglx@...utronix.de"
	<tglx@...utronix.de>,
        "mingo@...hat.com" <mingo@...hat.com>, "bp@...en8.de"
	<bp@...en8.de>,
        "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
        "x86@...nel.org" <x86@...nel.org>, "hpa@...or.com" <hpa@...or.com>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>
Subject: Re: [RFC PATCH 13/18] KVM: x86/mmu: Adjust SPTE_MMIO_ALLOWED_MASK to
 understand MBEC



> On May 12, 2025, at 3:37 PM, Sean Christopherson <seanjc@...gle.com> wrote:
> 
> Please be more precise with the shortlogs.  "Understand MBEC" is extremely vague.

Ack/Done - fixed across the board in v1 series, though this one in v1 is still
a bit skinny. I have narrowed down this specific patch to *just* focus on this
MMIO generation mask bit, because MBEC can be used as a present bit according to
the SDM, so it seems like it is necessary to carve out of the MMIO mask.

Looking back on this, it seems (correct me if I’m wrong) that this is in line with
the original work on commit 8bad460 ("KVM: x86/mmu: Add sanity check that MMIO
SPTE mask doesn't overlap gen")

> On Thu, Mar 13, 2025, Jon Kohler wrote:
>> Adjust the SPTE_MMIO_ALLOWED_MASK and associated values to make these
>> masks aware of PTE Bit 10, to be used by Intel MBEC.
> 
> Same thing here.  "aware of PTE bit 10" doesn't describe the change in a way that
> allows for quick review of the patch.  E.g. 
> 
>  KVM: x86/mmu: Exclude EPT MBEC's user-executable bit from the MMIO generation
> 
> The changelogs also need to explain *why*.  If you actually tried to write out
> justification for why KVM can't use bit 10 for the MMIO generation, then unless
> you start making stuff up (or Chao and I are missing something), you'll come to
> same conclusion that Chao and I came to: this patch is unnecessary.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ