lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 29 Apr 2015 08:55:48 -0400
From:	Bandan Das <bsd@...hat.com>
To:	Jan Kiszka <jan.kiszka@...mens.com>
Cc:	kvm@...r.kernel.org, Paolo Bonzini <pbonzini@...hat.com>,
	Wincy Van <fanwenyi0529@...il.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] KVM: nVMX: Don't return error on nested bitmap memory allocation failure

Jan Kiszka <jan.kiszka@...mens.com> writes:

> Am 2015-04-28 um 21:55 schrieb Bandan Das:
>> 
>> If get_free_page() fails for nested bitmap area, it's evident that
>> we are gonna get screwed anyway but returning failure because we failed
>> allocating memory for a nested structure seems like an unnecessary big
>> hammer. Also, save the call for later; after we are done with other
>> non-nested allocations.
>
> Frankly, I prefer failures over automatic degradations. And, as you
> noted, the whole system will probably explode anyway if allocation of a
> single page already fails. So what does this buy us?

Yeah... I hear you. Ok, let me put it this way - Assume that we can
defer this allocation up until the point that the nested subsystem is
actually used i.e L1 tries running a guest and we try to allocate this
area. If get_free_page() failed in that case, would we still want to
kill L1 too ? I guess no.

Also, assume we had a printk in there - "Failed allocating memory for
nested bitmap", the novice user is going to get confused why he's
getting an error about nested virtualization (for the not so distant
future when nested is enabled by default :))

> What could makes sense is making the allocation of the vmread/write
> bitmap depend on enable_shadow_vmcs, and that again depend on nested.

Thanks for the suggestion. I will take a look at this one.

> Jan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ