[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] x2APIC MSR range (XSA-108 follow-up)

>>> On 13.10.14 at 11:26, <anthony@xxxxxxxxxxxxx> wrote:
> On Mon, Oct 13, 2014 at 8:45 AM, Jan Beulich <JBeulich@xxxxxxxx> wrote:
>> With what we currently do (kind of supported by their values at least
>> not differing across physical CPUs on the probed systems) their values
>> are getting passed through to guests. The alternative of forcing #GP
>> for accesses to them as one could imply from the spec seems
>> undesirable: Guests may imply their existence based on CPU model.
> This range is not documented publicly AFAIK so I think this risk is
> pretty low.  I think the risk of passing through reserved MSRs that
> may one day have security implications is something not to take
> lightly either.

Note that this has been standard behavior for all MSR reads that
don't get explicitly virtualized. Yes, it is known that this poses a
certain risk going forward. But changing from a black listing to a
white listing approach would (just like for some parts of CPUID
handling) be risking regressions if we failed to white list (no
matter whether to pass through the host value or to emulate)
everything needed by any kind of guest OS. Which I suppose is
the reason no-one dared to come up with a respective patch so


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.