Re: [PATCH] KVM: PPC: Book3S: Provide information about hardware/firmware CVE workarounds

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2018-01-17 08:51+1100, Paul Mackerras:
> On Tue, Jan 16, 2018 at 03:45:11PM +0100, Paolo Bonzini wrote:
> > On 16/01/2018 01:59, Paul Mackerras wrote:
> > > This adds a new ioctl, KVM_PPC_GET_CPU_CHAR, that gives userspace
> > > information about the underlying machine's level of vulnerability
> > > to the recently announced vulnerabilities CVE-2017-5715,
> > > CVE-2017-5753 and CVE-2017-5754, and whether the machine provides
> > > instructions to assist software to work around the vulnerabilities.
> > > 
> > > The ioctl returns two u64 words describing characteristics of the
> > > CPU and required software behaviour respectively, plus two mask
> > > words which indicate which bits have been filled in by the kernel,
> > > for extensibility.  The bit definitions are the same as for the
> > > new H_GET_CPU_CHARACTERISTICS hypercall.
> > > 
> > > There is also a new capability, KVM_CAP_PPC_GET_CPU_CHAR, which
> > > indicates whether the new ioctl is available.
> > > 
> > > Signed-off-by: Paul Mackerras <paulus@xxxxxxxxxx>
> > > ---
> > 
> > Thanks, looks good.  Would you like this in 4.15?
> 
> Yes please.  Will you just apply the patch, or do you want me to put
> it in a branch for you to pull?

I can apply it directly.

Do I understand correctly that the interface is a KVM hypercall because
we need to forward this information into guests and other userspace can
do nothing with the information?

Thanks.



[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux