lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260211161723.GDaYyrk9gZfONLoARz@fat_crate.local>
Date: Wed, 11 Feb 2026 17:17:23 +0100
From: Borislav Petkov <bp@...en8.de>
To: Sean Christopherson <seanjc@...gle.com>
Cc: Carlos López <clopez@...e.de>,
	Jim Mattson <jmattson@...gle.com>, kvm@...r.kernel.org,
	Paolo Bonzini <pbonzini@...hat.com>,
	Thomas Gleixner <tglx@...nel.org>, Ingo Molnar <mingo@...hat.com>,
	Dave Hansen <dave.hansen@...ux.intel.com>,
	"maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@...nel.org>,
	"H. Peter Anvin" <hpa@...or.com>,
	"open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <linux-kernel@...r.kernel.org>,
	Babu Moger <bmoger@....com>
Subject: Re: [PATCH] KVM: x86: synthesize TSA CPUID bits via SCATTERED_F()

On Wed, Feb 11, 2026 at 07:54:30AM -0800, Sean Christopherson wrote:
> Those problems are _entirely_ limited to the fact that the kernel's feature tracking
> isn't 100% comprehensive.

Thus the rewrite. :)

> If the kernel tracks both raw CPUID *and* kernel caps, then KVM can use the
> table without having to (re)do CPUID when configuring KVM's feature set.  But
> KVM would still need to have processing for SYNTHESIZED_F, PASSTHROUGH_F, and F,
> to derive the correct state from the raw+kernel tables.

That's what I meant - the macros and the confusion which one to use would go
away.

> Because from my perspective, centralizing *everything* is all pain, no gain.  It
> would bleed KVM details into the broader kernel, unnecessarily limit KVM's ability
> to change how KVM emulates/virtualizes features, and require querying a lookaside
> table to understand KVM's rules/handling.  No thanks.

The point is not to limit KVM's ability but *augment* the internal
representation so that it *accomodates* KVM fully. But ok, your call.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ