Re: [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest

From: David Woodhouse
Date: Wed Jan 10 2018 - 12:07:46 EST

Next message: Robin Murphy: "Re: [PATCH 21/22] arm64: replace ZONE_DMA with ZONE_DMA32"
Previous message: Shuah Khan: "Re: [PATCH] selftests: seccomp: fix compile error seccomp_bpf"
In reply to: Liran Alon: "Re: [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2018-01-10 at 08:51 -0800, Liran Alon wrote:
>
> Hmm... This is exactly how Google Project-Zero PoC leaks kvm-
> intel.ko, kvm.ko & vmlinux...
> See section "Locating the host kernel" here:
> https://googleprojectzero.blogspot.co.il/2018/01/reading-privileged-m
> emory-with-side.html
>
> This was an important primitive in order for them to actually launch
> the attack of reading host's memory pages. As they needed the
> hypervisor addresses such that they will be able to later poison the
> BTB/BHB to gadgets residing in known host addresses.

Ah, joy. I'm not sure that leak is being plugged. Even setting IBRS=1
when entering the guest isn't guaranteed to plug it, as it's only
defined to prevent predictions from affecting a *more* privileged
prediction mode than they were 'learned' in.

Maybe IBPB would suffice? I'm not sure.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Next message: Robin Murphy: "Re: [PATCH 21/22] arm64: replace ZONE_DMA with ZONE_DMA32"
Previous message: Shuah Khan: "Re: [PATCH] selftests: seccomp: fix compile error seccomp_bpf"
In reply to: Liran Alon: "Re: [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]