| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Jul 2010 21:24:39 +0800
From: Xiao Guangrong <xiaoguangrong@...fujitsu.com>
To: Avi Kivity <avi@...hat.com>
CC: LKML <linux-kernel@...r.kernel.org>,
KVM list <kvm@...r.kernel.org>,
Marcelo Tosatti <mtosatti@...hat.com>
Subject: Re: [PATCH 1/4] KVM: MMU: fix forgot reserved bits check in speculative
path
Avi Kivity wrote:
>> +
>> + if (!!is_pae(vcpu) != sp->role.cr4_pae ||
>> + is_nx(vcpu) != sp->role.nxe)
>> + continue;
>> +
>>
>
> Do we also need to check cr0.wp? I think so.
I think it's not too bad since we just decrease the access right, for example,
we mark the mapping readonly for cr0.wp=0's page, the later write-access will
cause #PF, and the read-access is OK.
>
>> if (gentry)
>> mmu_pte_write_new_pte(vcpu, sp, spte,&gentry);
>>
>
> Please move the checks to mmu_pte_write_new_pte(), it's a more logical
> place.
>
> It means the reserved bits check happens multiple times, but that's ok.
>
OK
> Also, you can use arch.mmu.base_role to compare:
>
> static const kvm_mmu_page_role mask = { .level = -1U, .cr4_pae = 1,
> ... };
>
> if ((sp->role.word ^ base_role.word) & mask.word)
> return;
OK, will update it :-)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists