[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 0/4] x86: Drop cross-vendor support
- To: Alejandro Vallejo <alejandro.garciavallejo@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Thu, 22 Jan 2026 18:19:12 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CxWeTEFuMzuKeWWjvbQ9SgcNKKg8lO+lVkE8QGD6n9w=; b=fmmNV9adyfCJlbNQXCPgkpt42SVDaetchZzH2kRs2AsDxGzNkSnjG7hKQmHEzZnvw+tjCl+vJenzgw2j6Rl+WbqY2L+T7uI3E5oKfitjmiuCl8j9CPJZT3qSvx8pY5m0jS60P8OTpFos+bUgKj1j34FRWqRum4aOSlyHbjwq++KgDz7AAYAnM3/7+n1SlRxjqlew/Q3tSLrKkWnXD+xJyAHaIR2TX1n/B1fGyTCFPw2+IXzNAJRmfZpz1c0PL/CjM8StxW72ZirpX/9TWUgy/GfNj2irQ1ZwrtqKxWizXoVJs2wW3gyeKhb/XgMnJHlKY3piJPbzYPwCz6tmoFpShA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=v13M2o3Djim5y1tvys3+kvBGqmRD8niad0fvlJgsBeSBeNsxDeVQkf8wQBng++px4o7udDvqFbGCeT4ivrZ4H942/JwwydYpQ9A92Fu+RvBBXbyVjI5djOjGF9JX5VhW9sx87BvXQY5Ph4gqM4IHtkO46NWcz7GL8HzG54kR+C/tgC9V5rCKemz/LV55ruakn5GnjsLFMKZnYWZA/Fjl7dOtaeU0ULBuc/ZXOZWZhhmC5BvfnJDRmRywtk8G9J0lPF4EPoACSbQcCQPctUTY+zrGSC+JEcOBYPTTt1ug9cYu1yhqRdRhgk+ZxL5Qtog72A/RXrd2Zj3JoxHEN24BQg==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Oleksii Kurochko <oleksii.kurochko@xxxxxxxxx>, Community Manager <community.manager@xxxxxxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Jason Andryuk <jason.andryuk@xxxxxxx>
- Delivery-date: Thu, 22 Jan 2026 18:19:25 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 22/01/2026 5:42 pm, Alejandro Vallejo wrote:
> On Thu Jan 22, 2026 at 6:10 PM CET, Andrew Cooper wrote:
>> On 22/01/2026 4:49 pm, Alejandro Vallejo wrote:
>>> Open question unrelated to the series: Does it make sense to conditionalise
>>> the
>>> MSR handlers for non intercepted MSRs on HVM_FEP?
>> I'm not quite sure what you're asking here.
>>
>> ~Andrew
> The handlers for LSTAR and the like are dead code with !CONFIG_HVM_FEP as far
> as I can tell. The question I'm asking is whether there is another code path
> that might invoke MSR handlers for non-intercepted MSRs. I can't see it, but
> I'm not sure.
>
> If there isn't I'm considering (conditionally) getting rid of them.
Introspection can (and HVMI does) hook them. Changes to LSTAR during
runtime is usually an exploit in progress.
Nested virt also makes it far more complicated to reason about
"intercepted or not", given that there are multiple opinions merged
together.
~Andrew
|
