Re: [RFC][PATCH v2 00/21] x86/pti: Defer CR3 switch to C code

From: Alexandre Chartre
Date: Wed Nov 18 2020 - 02:07:33 EST

Next message: Guennadi Liakhovetski: "Re: [PATCH v5 8/8] rpmsg: Turn name service into a stand alone driver"
Previous message: penghao: "[PATCH] Changes since v1 - Change subject form "ALSA" to "USB:" - Adjust to approoriate line"
In reply to: Borislav Petkov: "Re: [RFC][PATCH v2 00/21] x86/pti: Defer CR3 switch to C code"
Next in thread: Borislav Petkov: "Re: [RFC][PATCH v2 00/21] x86/pti: Defer CR3 switch to C code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/17/20 10:23 PM, Borislav Petkov wrote:

On Tue, Nov 17, 2020 at 08:02:51PM +0100, Alexandre Chartre wrote:

No. This prevents the guest VM from gathering data from the host
kernel on the same cpu-thread. But there's no mitigation for a guest
VM running on a cpu-thread attacking another cpu-thread (which can be
running another guest VM or the host kernel) from the same cpu-core.
You cannot use flush/clear barriers because the two cpu-threads are
running in parallel.

Now there's your justification for why you're doing this. It took a
while...

The "why" should always be part of the 0th message to provide
reviewers/maintainers with answers to the question, what this pile of
patches is all about. Please always add this rationale to your patchset
in the future.

Sorry about that, I will definitively try to do better next time. :-}

Thanks,

alex.

Next message: Guennadi Liakhovetski: "Re: [PATCH v5 8/8] rpmsg: Turn name service into a stand alone driver"
Previous message: penghao: "[PATCH] Changes since v1 - Change subject form "ALSA" to "USB:" - Adjust to approoriate line"
In reply to: Borislav Petkov: "Re: [RFC][PATCH v2 00/21] x86/pti: Defer CR3 switch to C code"
Next in thread: Borislav Petkov: "Re: [RFC][PATCH v2 00/21] x86/pti: Defer CR3 switch to C code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]