lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4C2BE672.7030703@cn.fujitsu.com>
Date:	Thu, 01 Jul 2010 08:50:58 +0800
From:	Xiao Guangrong <xiaoguangrong@...fujitsu.com>
To:	Marcelo Tosatti <mtosatti@...hat.com>
CC:	Avi Kivity <avi@...hat.com>, LKML <linux-kernel@...r.kernel.org>,
	KVM list <kvm@...r.kernel.org>
Subject: Re: [PATCH v3 3/11] KVM: MMU: fix direct sp's access corruptted



Marcelo Tosatti wrote:

>> -		if (is_shadow_present_pte(*sptep) && !is_large_pte(*sptep))
>> -			continue;
>> +		if (is_shadow_present_pte(*sptep) && !is_large_pte(*sptep)) {
>> +			struct kvm_mmu_page *child;
>> +			unsigned direct_access;
>> +
>> +			if (level != gw->level)
>> +				continue;
> 
> This will skip the check for the sp at level 1 when emulating 1GB pages
> with 4k host pages (where there are direct sp's at level 2 and 1).
> Should be > instead of !=.
> 

Marcelo,

I think the patch is right.

Every level's direct sp has the same access in the mapping since while we setup the
mapping we find the direct sp with the same access.
(Note: we have encode the D bit to the sp->role.access)

Consider guest 1G writable clean pages and host 4K pages, the shadow pages mapping
is like this:

indirect L4 --> indirect L3 --> direct ReadOnly L2 --> direct ReadOnly L1

When change guest pte to dirty, we update L3' spte and find the direct writable L2 sp,
assume it's A, then we can sure that A's children sps should also writable, the final
mapping is like this:

indirect L4 --> indirect L3 --> direct Writable L2 --> direct Writable L1.

So, i think we not broken anything in this patch :-)






 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ