| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Apr 2017 13:10:47 +0800
From: Paolo Bonzini <pbonzini@...hat.com>
To: Radim Krčmář <rkrcmar@...hat.com>,
linux-kernel@...r.kernel.org, kvm@...r.kernel.org
Subject: Re: [PATCH] KVM: nVMX: fix AD condition when handling EPT violation
On 14/04/2017 00:39, Radim Krčmář wrote:
> I have introduced this bug when applying and simplifying Paolo's patch
> as we agreed on the list. The original was "x &= ~y; if (z) x |= y;".
>
> Here is the story of a bad workflow:
>
> A maintainer was already testing with the intended change, but it was
> applied only to a testing repo on a different machine. When the time
> to push tested patches to kvm/next came, he realized that this change
> was missing and quickly added it to the maintenance repo, didn't test
> again (because the change is trivial, right), and pushed the world to
> fire.
>
> Fixes: ae1e2d1082ae ("kvm: nVMX: support EPT accessed/dirty bits")
> Signed-off-by: Radim Krčmář <rkrcmar@...hat.com>
> ---
> arch/x86/kvm/vmx.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index cfdb0d9389d1..837f6dd1ae9c 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -6221,7 +6221,7 @@ static int handle_ept_violation(struct kvm_vcpu *vcpu)
> * page table accesses are reads or writes.
> */
> u64 eptp = nested_ept_get_cr3(vcpu);
> - if (eptp & VMX_EPT_AD_ENABLE_BIT)
> + if (!(eptp & VMX_EPT_AD_ENABLE_BIT))
> exit_qualification &= ~EPT_VIOLATION_ACC_WRITE;
> }
>
>
I have done this as well, so you're forgiven. :)
More important: did kvm-unit-test catch the bug?
Paolo
Powered by blists - more mailing lists