Re: Intel's "virtualize IA32_SPEC_CTRL" VM-execution control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Sep 06, 2022 at 04:41:26PM -0700, Jim Mattson wrote:
>This looks like a souped-up version of AMD's X86_FEATURE_V_SPEC_CTRL.
>From https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html:
>
>When “virtualize IA32_SPEC_CTRL” VM-execution control is enabled, the
>processor supports virtualizing MSR writes and reads to
>IA32_SPEC_CTRL. This VM-execution control is enabled when the tertiary
>processor-based VM-execution control bit 7 is set and the tertiary
>controls are enabled. The support for this VM-execution control is
>enumerated by bit 7 of the IA32_VMX_PROCBASED_CTLS3 MSR (0x492).
>
>Is anyone working on kvm support for this yet? (Intel?)

Chen is working on it. He has some patches already and is working on the
testing and review with security experts. The plan is to post patches in
ww40 or ww41. Do you have any questions/concerns about enabling
"virtualize IA32_SPEC_CTRL" in KVM?



[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux