lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4C8534ED.7060302@redhat.com>
Date:	Mon, 06 Sep 2010 21:37:33 +0300
From:	Avi Kivity <avi@...hat.com>
To:	Joerg Roedel <joerg.roedel@....com>
CC:	Marcelo Tosatti <mtosatti@...hat.com>,
	Alexander Graf <agraf@...e.de>, joro@...tes.org,
	kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/27] Nested Paging Virtualization for KVM v3 (now with
 fixed Cc-List)

  On 09/06/2010 06:55 PM, Joerg Roedel wrote:
> (Now with correct Cc-list. I accidentially copied the wrong line from
>   MAINTAINERS in the first post of this. Sorry for the double-post)
>
> Hi Avi, Marcelo,
>
> here is finally the third round of my NPT virtualization patches for KVM. It
> took a while to get everything running (including KVM itself) on 32 bit again
> to actually test it. But testing on 32 bit host and with a 32 bit hypervisor
> was a very good idea. I found some serious bugs and shortcomings in my code
> that are fixed now in v3.
>

<snip>

> This patchset applies on todays avi/master + the three patches I sent end of
> last week. These patches are necessary for some of the tests above to run.
>
> For the curious and impatient user I put everything in a branch on kernel.org.
> If you want to test it you can pull the tree from
>
> 	git://git.kernel.org/pub/scm/linux/kernel/git/joro/linux-2.6-kvm.git npt-virt-v3
>
> Please review and/or apply these patches if considered good enough. Otherwise I
> appreciate your feedback.

Very impressive patchset.  It's broken out so finely that the careful 
reader gets the feeling he understands every little detail, without 
noticing you've introduced recursion into the kvm mmu.

The little nit regarding patch 10 can be addressed in a follow-on patch.

Reviewed-by: Avi Kivity <avi@...hat.com>

Please also post a unit test that checks that nested page faults for l1 
ptes with bad NX, U, W, or reserved bits set are correctly intercepted 
and reported.  W should work already if you tested nested vga, but the 
rest are untested during normal operation and pose a security problem if 
they are incorrect.

-- 
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ