[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] xen/arm64: Hide FEAT_SME
- To: Julien Grall <julien@xxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Michal Orzel <michal.orzel@xxxxxxx>
- Date: Fri, 16 Aug 2024 09:15:26 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=xen.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=V8/B28iADeTcy5vexkMVL7Ck4XrfaH1ucAq2Vs70CK0=; b=GHA6ls7cEQTE6rB8SXLQbzyT2089dat+OIGZET2YvAqyMQIxJ9ZqE637HHfYy5KL2LGxlJ0C5pBWIu9lLmTDU5qEMPKpTv3wIm8Mbx72RQT2gjVSBtEyeAnzQo/430VJVyV+xRrYV/h9ec70JK+p6i4BahINO05Y9s8UgIZASCGVYD+RrV8AgdiICVO0CxyagXDASAxEcQw7fQvYRX51/F64udkZbiMXpv3jl/G/ohr+EZt1pb6qP1amh55hTKEOzV/xmZPMkuJFuvzIedZxbENIie6sN+oZPIkBHkhAfoKqdIYsuA3U3ZS1GNXrQoAby+sKo1oz9Hh8DdXkNpVzqw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=SnxE28zwlMCFeQxuRrqGMWJ63ikBd0YKLCDiYxwGhVivdXUdNYUyQO3YqkN1IhlhY7xjZqbU/vn6H+yWYCukGbpm9KVUUGuzZugGVdrNJWf4jWJMMKYw94anEyWe4rPEdU8InjH0ZLgpCIBYp5bkVFnSE7EkLKMid5cEPiVIVflZ2q2d/1eXFk8mFvO/3tcXp+/FrMrsFGhQiSEi8wWZqiqnghiKbX2QcQPdkzONFPNHPOcPzY8T7nHOZtfLfe1oUvogJstZ8GD2FfE3QDj30NKaQkhn/LI6pFq1a/uaszwW+cFJTj+lk0oqaPuMz7hXXqII5nHEZNRyyeGEuPNPDA==
- Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
- Delivery-date: Fri, 16 Aug 2024 07:15:41 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Hi Julien,
On 14/08/2024 23:00, Julien Grall wrote:
>
>
> Newer hardware may support FEAT_SME. Xen doesn't have any knowledge but
> it will still expose the feature to the VM. If the OS is trying to use
> SME, then it will crash.
>
> Solve by hiding FEAT_SME.
>
> Signed-off-by: Julien Grall <julien@xxxxxxx>
Acked-by: Michal Orzel <michal.orzel@xxxxxxx>
>
> ---
>
> The current approach used to create the domain cpuinfo is to hide
> (i.e. a denylist) what we know Xen is not supporting. The drawback
> with this approach is for newly introduced feature, Xen will expose it
> by default.
>
> If a kernel is trying to use it then it will crash. I can't really
> make my mind whether it would be better to expose only what we support
> (i.e. use an allowlist).
>
> AFAICT, there is no security concerns with the current approach because
> ID_* registers are not a way to tell the kernel which features are
> supported. A guest kernel could still try to access the new registers.
I agree with the security aspect but the part of the sentence in the middle is
a bit misleading.
ID_ registers *are* a way of informing the kernel about implemented PE
features. It's just that
the kernel could still access the features. That said, it should be considered
an incorrect behavior
and definitely not something we should worry about.
~Michal
|