lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5550C7BD.5020400@redhat.com>
Date:	Mon, 11 May 2015 17:16:13 +0200
From:	Paolo Bonzini <pbonzini@...hat.com>
To:	Xiao Guangrong <guangrong.xiao@...ux.intel.com>
CC:	gleb@...nel.org, mtosatti@...hat.com, kvm@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] KVM: MMU: document smap_andnot_wp



On 11/05/2015 16:55, Xiao Guangrong wrote:
> Document this new role field
> 
> Signed-off-by: Xiao Guangrong <guangrong.xiao@...ux.intel.com>
> ---
>  Documentation/virtual/kvm/mmu.txt | 18 ++++++++++++++----
>  1 file changed, 14 insertions(+), 4 deletions(-)
> 
> diff --git a/Documentation/virtual/kvm/mmu.txt b/Documentation/virtual/kvm/mmu.txt
> index 53838d9..c59bd9b 100644
> --- a/Documentation/virtual/kvm/mmu.txt
> +++ b/Documentation/virtual/kvm/mmu.txt
> @@ -169,6 +169,10 @@ Shadow pages contain the following information:
>      Contains the value of cr4.smep && !cr0.wp for which the page is valid
>      (pages for which this is true are different from other pages; see the
>      treatment of cr0.wp=0 below).
> +  role.smap_andnot_wp:
> +    Contains the value of cr4.smap && !cr0.wp for which the page is valid
> +    (pages for which this is true are different from other pages; see the
> +    treatment of cr0.wp=0 below).
>    gfn:
>      Either the guest page table containing the translations shadowed by this
>      page, or the base page frame for linear translations.  See role.direct.
> @@ -344,10 +348,16 @@ on fault type:
>  
>  (user write faults generate a #PF)
>  
> -In the first case there is an additional complication if CR4.SMEP is
> -enabled: since we've turned the page into a kernel page, the kernel may now
> -execute it.  We handle this by also setting spte.nx.  If we get a user
> -fetch or read fault, we'll change spte.u=1 and spte.nx=gpte.nx back.
> +In the first case there are two additional complications:
> +- if CR4.SMEP is enabled: since we've turned the page into a kernel page,
> +  the kernel may now execute it.  We handle this by also setting spte.nx.
> +  If we get a user fetch or read fault, we'll change spte.u=1 and
> +  spte.nx=gpte.nx back.
> +- if CR4.SMAP is disabled: since the page has been changed to a kernel
> +  page, it can not be reused when CR4.SMAP is enabled. We set
> +  CR4.SMAP && !CR0.WP into shadow page's role to avoid this case. Note,
> +  here we do not care the case that CR4.SMAP is enabled since KVM will
> +  directly inject #PF to guest due to failed permission check.
>  
>  To prevent an spte that was converted into a kernel page with cr0.wp=0
>  from being written by the kernel after cr0.wp has changed to 1, we make
> 

Thanks, squashed with 1/2 and both applied.

Paolo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ