From: Takahiro Itazuri <itazur@amazon.com>
To: <seanjc@google.com>
Cc: <itazur@amazon.com>, <jmattson@google.com>, <kvm@vger.kernel.org>,
<linux-kernel@vger.kernel.org>, <pbonzini@redhat.com>,
<x86@kernel.org>, <zulinx86@gmail.com>
Subject: Re: [PATCH 1/1] KVM: pass through CPUID(0x80000006)
Date: Wed, 12 Jul 2023 18:02:58 +0100 [thread overview]
Message-ID: <20230712170258.75355-1-itazur@amazon.com> (raw)
In-Reply-To: <ZK7NmfKI9xur/Mop@google.com>
On Wed, 12 Jul 2023, Sean Christopherson wrote:
> Trimmed the Cc to remove folks that no longer directly work on any of this stuff.
I apologize for it and appreciate your reply on this.
> > Regard security aspect, I'm a bit concerned that it could help malicious
> > guests to know something to allow cache side channel attacks. However,
> > CPUID 0x80000006 has already passed through L2 Cache and TLB and L3
> > Cache Information. If passing through CPUID 0x80000006 is really fine,
> > I'm guessing it is the case with CPUID 0x80000005 as well.
>
> It's definitely harmless from a security perspective. Userspace already has
> access to this information as CPUID is NOT a priveleged instructions. And the
> kernel also publishes this information in sysfs, e.g. /sys/devices/system/cpu/cpuN/cache,
> and AFAIK that's not typically restricted.
I'm releaved to hear that.
> I'm mildly tempted to remove 0x80000006, for similar reasons as commit 45e966fcca03
> ("KVM: x86: Do not return host topology information from KVM_GET_SUPPORTED_CPUID"),
> but I suspect that would do more harm than good, e.g. Linux falls back to
> 0x80000005 and 0x80000006 when running on AMD without extended topology info.
Actually I also saw the commit and I was a bit confused about which
leaves to pass through. As you mentioned, CPUID is accessible from
userspace and VMM can query it if they want.
> I think it makes sense to enumerate 0x80000005. Reporting 0x80000006 but not
> 0x80000005 seems to be the *worst* behavior, so as I see it, the decision is
> really between adding 0x80000005 and removing 0x80000006. Adding 0x80000005
> appears to be the least risky choice given that KVM has reported 0x80000006 for
> over three years.
I'm on the same page that either reporting both or none of them is
better. I'll create a patch for the least risky one.
Best regards,
Takahiro Itazuri
prev parent reply other threads:[~2023-07-12 17:03 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-15 1:23 [PATCH 1/1] KVM: pass through CPUID(0x80000006) Jon Cargille
2020-04-15 2:37 ` Sean Christopherson
2020-04-15 2:51 ` Sean Christopherson
2020-04-15 5:27 ` Eric Northup
2020-04-15 14:52 ` Paolo Bonzini
2020-04-15 17:27 ` Jon Cargille
[not found] ` <CANxmayh4P5hhbJPxAnA2nvbzZC9EwFPeVCxDrkHzu8h6Y7JPPQ@mail.gmail.com>
2020-04-15 17:32 ` Sean Christopherson
2023-07-07 11:41 ` Takahiro Itazuri
2023-07-12 15:58 ` Sean Christopherson
2023-07-12 17:02 ` Takahiro Itazuri [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230712170258.75355-1-itazur@amazon.com \
--to=itazur@amazon.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=x86@kernel.org \
--cc=zulinx86@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.