[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] x86/VT-x: Don't activate VMCS Shadowing outside of nested vmx mode
> From: Andrew Cooper [mailto:andrew.cooper3@xxxxxxxxxx] > Sent: Saturday, December 8, 2018 4:07 AM > nested vmx mode > > By default on capable hardware, > SECONDARY_EXEC_ENABLE_VMCS_SHADOWING is > activated unilaterally. The VMCS Link pointer is initialised to ~0, but the > VMREAD/VMWRITE bitmap pointers are not. > > This causes the 16bit IVT and Bios Data Area get interpreted as the > read/write > permission bitmap for guests which blindly execute VMREAD/VMWRITE > instructions. > > This is not a security issue because the VMCS Link pointer being ~0 causes > VMREAD/VMWRITE to complete with VMFailInvalid (rather than modifying > a > potential shadow VMCS), and the contents of MFN 0 has already been > determined > not to contain any interesting data because of L1TF's ability to read that 4k > frame. > > Leave VMCS Shadowing disabled by default, and toggle it in > nvmx_{set,clear}_vmcs_pointer(). This isn't the most efficient course of > action, but it is the most simple way of leaving nested-virt working as it did > before. > > While editing construct_vmcs(), collect all default secondary_exec_control > modifications together. The disabling of PML is latently buggy because it > happens after secondary_exec_control are written into the VMCS, although > there > is an unconditional update later which writes the correct value into > hardware. > > Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Acked-by: Kevin Tian <kevin.tian@xxxxxxxxx> _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |