Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 7/9/20 9:07 AM, Andy Lutomirski wrote:
> On Thu, Jul 9, 2020 at 8:56 AM Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
>> On 7/9/20 8:44 AM, Andersen, John wrote:
>>>         Bits which are allowed to be pinned default to WP for CR0 and SMEP,
>>>         SMAP, and UMIP for CR4.
>> I think it also makes sense to have FSGSBASE in this set.
>>
>> I know it hasn't been tested, but I think we should do the legwork to
>> test it.  If not in this set, can we agree that it's a logical next step?
> I have no objection to pinning FSGSBASE, but is there a clear
> description of the threat model that this whole series is meant to
> address?  The idea is to provide a degree of protection against an
> attacker who is able to convince a guest kernel to write something
> inappropriate to CR4, right?  How realistic is this?

If a quick search can find this:

> https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html

I'd pretty confident that the guys doing actual bad things have it in
their toolbox too.




[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux