lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 21 Aug 2017 12:12:58 +0200
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     Yu Zhang <yu.c.zhang@...ux.intel.com>, kvm@...r.kernel.org
Cc:     linux-kernel@...r.kernel.org, rkrcmar@...hat.com,
        tglx@...utronix.de, mingo@...hat.com, hpa@...or.com,
        xiaoguangrong@...cent.com, joro@...tes.org
Subject: Re: [PATCH v1 4/4] KVM: MMU: Expose the LA57 feature to VM.

On 21/08/2017 09:27, Yu Zhang wrote:
> 
> 
> On 8/18/2017 8:50 PM, Paolo Bonzini wrote:
>> On 18/08/2017 10:28, Yu Zhang wrote:
>>>
>>> On 8/17/2017 10:29 PM, Paolo Bonzini wrote:
>>>> On 17/08/2017 13:53, Yu Zhang wrote:
>>>>> On 8/17/2017 7:57 PM, Paolo Bonzini wrote:
>>>>>> On 12/08/2017 15:35, Yu Zhang wrote:
>>>>>>> index a98b88a..50107ae 100644
>>>>>>> --- a/arch/x86/kvm/emulate.c
>>>>>>> +++ b/arch/x86/kvm/emulate.c
>>>>>>> @@ -694,7 +694,7 @@ static __always_inline int __linearize(struct
>>>>>>> x86_emulate_ctxt *ctxt,
>>>>>>>         switch (mode) {
>>>>>>>         case X86EMUL_MODE_PROT64:
>>>>>>>             *linear = la;
>>>>>>> -        if (is_noncanonical_address(la))
>>>>>>> +        if (emul_is_noncanonical_address(la, ctxt))
>>>>>>>                 goto bad;
>>>>>>>               *max_size = min_t(u64, ~0u, (1ull << 48) - la);
>>>>>> Oops, you missed one here.  Probably best to use ctxt_virt_addr_bits
>>>>>> and
>>>>>> then "inline" emul_is_noncanonical_address as "get_canonical(la,
>>>>>> va_bits) != la".
>>>>> Sorry, I just sent out the v2 patch set without noticing this
>>>>> reply. :-)
>>>>>
>>>>> The emul_is_noncanonical() is defined in x86.h so that no
>>>>> ctxt_virt_addr_bits needed in emulate.c, are you
>>>>> suggesting to use ctx_virt_addr_bits in this file each time before
>>>>> emul_is_noncanonical_address() is called?
>>>> No, only in this instance which uses "48" after the call to
>>>> emul_is_noncanonical_address.
>>> Sorry, Paolo. I still do not quite get it.
>>> Do you mean the
>>>   *max_size = min_t(u64, ~0u, (1ull << 48) - la);
>>> also need to be changed?
>>>
>>> But I do not understand why this statement is used like this. My
>>> understanding is that
>>> for 64 bit scenario, the *max_size is calculated to guarantee la +
>>> *max_size still falls in
>>> the canonical address space.
>>>
>>> And if above understanding is correct, I think it should be something
>>> like below:
>>>    *max_size = min_t(u64, ~0u - la, (1ull << 48) - la);
>> The "~0u" part is simply because max_size has 32-bit size (it's an
>> unsigned int variable), while (1ull << 48) - la has 64-bit size.  It
>> protects from the overflow.
> 
> But what if value of "la" falls in between 0xFFFFFFFFFFFFFFFF and
> 0xFFFF000000000000? (1ull << 48) - la may result in something between
> 0x1000000000001 and> 0x2000000000000, and the *max_size would be 4G - 1
> in this scenario.  For instance, when "la" is 0xFFFFFFFFFFFFFFF0 (unlikely
> in practice though), the *max_size we are expecting should be 15, instead
> of 4G - 1.

No, it is possible to wrap a memory access from the top half of the
address space to the bottom half, so there's no limit at 0xFFFFFFFFFFFFFFF0.

Paolo

Powered by blists - more mailing lists