lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aW-eWcj5GBZfGerc@google.com>
Date: Tue, 20 Jan 2026 07:25:13 -0800
From: Sean Christopherson <seanjc@...gle.com>
To: Binbin Wu <binbin.wu@...ux.intel.com>
Cc: Xin Li <xin@...or.com>, Chao Gao <chao.gao@...el.com>, linux-kernel@...r.kernel.org, 
	kvm@...r.kernel.org, linux-doc@...r.kernel.org, pbonzini@...hat.com, 
	corbet@....net, tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, 
	dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com, luto@...nel.org, 
	peterz@...radead.org, andrew.cooper3@...rix.com, hch@...radead.org, 
	sohil.mehta@...el.com
Subject: Re: [PATCH v9 17/22] KVM: x86: Advertise support for FRED

On Tue, Jan 20, 2026, Binbin Wu wrote:
> On 1/20/2026 5:09 PM, Xin Li wrote:
> >> On Jan 20, 2026, at 12:07 AM, Chao Gao <chao.gao@...el.com> wrote:
> >>
> >> On Mon, Jan 19, 2026 at 10:56:29PM -0800, Xin Li wrote:
> >>>
> >>>
> >>>> On Nov 11, 2025, at 11:30 PM, Chao Gao <chao.gao@...el.com> wrote:
> >>>>
> >>>> I'm not sure if AMD CPUs support FRED, but just in case, we can clear FRED
> >>>> i.e., kvm_cpu_cap_clear(X86_FEATURE_FRED) in svm_set_cpu_caps().
> >>>
> >>> AMD will support FRED, with ISA level compatibility:
> >>>
> >>> https://www.amd.com/en/blogs/2025/amd-and-intel-celebrate-first-anniversary-of-x86-ecosys.html
> >>>
> >>> Thus we don’t need to clear the bit.
> >>
> >> In this case, we need to clear FRED for AMD.
> >>
> >> The concern is that before AMD's FRED KVM support is implemented, FRED will be
> >> exposed to userspace on AMD FRED-capable hardware. This may cause issues.
> > 
> > Hmm, I think it’s Qemu does that.
> > 
> > We have 2 filters, one in Qemu and one in KVM, only both are set a feature is enabled.
> > 
> > What I have missed?

The userspace VMM, e.g. QEMU, is completely irrelevant.  KVM must not advertise
support for features it doesn't actually implement, and more importantly must not
internally treat such features as supported.

> If a newer QEMU (with AMD's FRED support patch) + an older KVM (without AMD's
> FRED support, but KVM advertises it), it may cause issues.

Yep.

> I guess it's no safety issue for host though,

Maybe.  Without fully analyzing the SVM implementation for FRED and its interaction
with KVM, I don't think we can confidently say that incorrectly treating FRED as
supported is benign for the host.  It's a moot point, I just want to emphasize
how it important it is that KVM doesn't over-report features.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ