On Fri, Jul 21, 2023 at 11:37:42AM +0800, Chao Gao wrote: > On Thu, Jul 20, 2023 at 10:52:44AM -0700, Jim Mattson wrote: > >> And is it fair to good citizens that won't set reserved bits but will > >> suffer performance drop caused by the fix? > > > >Is it fair to other tenants of the host to have their data exfiltrated > >by a bad citizen, because KVM didn't control access to the MSR? > > To be clear, I agree to intercept IA32_SPEC_CTRL MSR if allowing guests > to clear some bits puts host or other tenents at risk. > > >> >As your colleague pointed out earlier, IA32_SPEC_CTRL.STIBP[bit 1] is > >> >such a bit. If the host has this bit set and you allow the guest to > >> >clear it, then you have compromised host security. > > ... > > >> > >> If guest can compromise host security, I definitly agree to intercept > >> IA32_SPEC_CTRL MSR. > > > >I believe that when the decision was made to pass through this MSR for > >write, the assumption was that the host wouldn't ever use it (hence > >the host value would be zero). That assumption has not stood the test > >of time. > > Could you elaborate on the security risk of guests' clearing > IA32_SPEC_CTRL.STIBP[bit 1] (or any other bit)? +Pawan Please note that clearing STIBP bit on one thread does not disable STIBP protection if the sibling has it set: Setting bit 1 (STIBP) of the IA32_SPEC_CTRL MSR on a logical processor prevents the predicted targets of indirect branches on any logical processor of that core from being controlled by software that executes (or executed previously) on another logical processor of the same core [1]. Also IBRS on Intel parts automatically provides STIBP protection: Section 2.4.1.2. IBRS: Support Based on Software Enabling [2]: when IA32_SPEC_CTRL.IBRS is set to 1 on any logical processors of that core, the predicted targets of indirect branches cannot be controlled by software that executes (or executed previously) on another logical processor of the same core. Section 2.4.2. Single Thread Indirect Branch Predictors (STIBP)[2]: Enabling IBRS prevents software operating on one logical processor from controlling the predicted targets of indirect branches executed on another logical processor. For that reason, it is not necessary to enable STIBP when IBRS is enabled. So a guest disabling STIBP on one thread does not pose a security risk to the sibling if the sibling has either STIBP or IBRS set. Note that sensitive applications can always choose to have STIBP set for them via the prctl() interface. [1] https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/single-thread-indirect-branch-predictors.html [2] https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/speculative-execution-side-channel-mitigations.html#IBRS
