From: Takahiro Itazuri <itazur@amazon.com>
To: <seanjc@google.com>
Cc: <itazur@amazon.com>, <jmattson@google.com>, <kvm@vger.kernel.org>,
<linux-kernel@vger.kernel.org>, <pbonzini@redhat.com>,
<x86@kernel.org>, <zulinx86@gmail.com>
Subject: Re: [PATCH 1/1] KVM: pass through CPUID(0x80000006)
Date: Wed, 12 Jul 2023 18:02:58 +0100 [thread overview]
Message-ID: <20230712170258.75355-1-itazur@amazon.com> (raw)
In-Reply-To: <ZK7NmfKI9xur/Mop@google.com>
On Wed, 12 Jul 2023, Sean Christopherson wrote:
> Trimmed the Cc to remove folks that no longer directly work on any of this stuff.
I apologize for it and appreciate your reply on this.
> > Regard security aspect, I'm a bit concerned that it could help malicious
> > guests to know something to allow cache side channel attacks. However,
> > CPUID 0x80000006 has already passed through L2 Cache and TLB and L3
> > Cache Information. If passing through CPUID 0x80000006 is really fine,
> > I'm guessing it is the case with CPUID 0x80000005 as well.
>
> It's definitely harmless from a security perspective. Userspace already has
> access to this information as CPUID is NOT a priveleged instructions. And the
> kernel also publishes this information in sysfs, e.g. /sys/devices/system/cpu/cpuN/cache,
> and AFAIK that's not typically restricted.
I'm releaved to hear that.
> I'm mildly tempted to remove 0x80000006, for similar reasons as commit 45e966fcca03
> ("KVM: x86: Do not return host topology information from KVM_GET_SUPPORTED_CPUID"),
> but I suspect that would do more harm than good, e.g. Linux falls back to
> 0x80000005 and 0x80000006 when running on AMD without extended topology info.
Actually I also saw the commit and I was a bit confused about which
leaves to pass through. As you mentioned, CPUID is accessible from
userspace and VMM can query it if they want.
> I think it makes sense to enumerate 0x80000005. Reporting 0x80000006 but not
> 0x80000005 seems to be the *worst* behavior, so as I see it, the decision is
> really between adding 0x80000005 and removing 0x80000006. Adding 0x80000005
> appears to be the least risky choice given that KVM has reported 0x80000006 for
> over three years.
I'm on the same page that either reporting both or none of them is
better. I'll create a patch for the least risky one.
Best regards,
Takahiro Itazuri
prev parent reply other threads:[~2023-07-12 17:03 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-15 1:23 [PATCH 1/1] KVM: pass through CPUID(0x80000006) Jon Cargille
2020-04-15 2:37 ` Sean Christopherson
2020-04-15 2:51 ` Sean Christopherson
2020-04-15 5:27 ` Eric Northup
2020-04-15 14:52 ` Paolo Bonzini
2020-04-15 17:27 ` Jon Cargille
[not found] ` <CANxmayh4P5hhbJPxAnA2nvbzZC9EwFPeVCxDrkHzu8h6Y7JPPQ@mail.gmail.com>
2020-04-15 17:32 ` Sean Christopherson
2023-07-07 11:41 ` Takahiro Itazuri
2023-07-12 15:58 ` Sean Christopherson
2023-07-12 17:02 ` Takahiro Itazuri [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230712170258.75355-1-itazur@amazon.com \
--to=itazur@amazon.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=x86@kernel.org \
--cc=zulinx86@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).