| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <288eaa68-7d4d-4c1b-ae70-419554d1d8f2@intel.com> Date: Fri, 9 Jan 2026 22:08:59 +0800 From: Xiaoyao Li <xiaoyao.li@...el.com> To: Sean Christopherson <seanjc@...gle.com>, Paolo Bonzini <pbonzini@...hat.com> Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org, Chao Gao <chao.gao@...el.com>, Xin Li <xin@...or.com>, Yosry Ahmed <yosry.ahmed@...ux.dev> Subject: Re: [PATCH v3 3/4] KVM: nVMX: Disallow access to vmcs12 fields that aren't supported by "hardware" On 1/9/2026 12:15 PM, Sean Christopherson wrote: > diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c > index 61113ead3d7b..ac7a17560c8f 100644 > --- a/arch/x86/kvm/vmx/nested.c > +++ b/arch/x86/kvm/vmx/nested.c > @@ -111,6 +111,9 @@ static void init_vmcs_shadow_fields(void) > field <= GUEST_TR_AR_BYTES, > "Update vmcs12_write_any() to drop reserved bits from AR_BYTES"); > > + if (get_vmcs12_field_offset(field) < 0) > + continue; > + why shadow_read_only_fields[] doesn't need such guard? IIUC, copy_vmcs12_to_shadow() will VMWRITE shadowed readonly field even if it doesn't exist on the hardware?
Powered by blists - more mailing lists