lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1506346478-1631-1-git-send-email-eric.auger@redhat.com>
Date:   Mon, 25 Sep 2017 15:34:29 +0200
From:   Eric Auger <eric.auger@...hat.com>
To:     eric.auger.pro@...il.com, eric.auger@...hat.com,
        linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
        marc.zyngier@....com, cdall@...aro.org, peter.maydell@...aro.org,
        andre.przywara@....com, wanghaibin.wang@...wei.com
Cc:     wu.wubin@...wei.com
Subject: [PATCH 0/9] vITS Migration fixes and reset

This series fixes various bugs observed when saving/restoring the
ITS state before the guest writes the ITS registers (on first boot or
after reset/reboot).

This is a follow up of Wanghaibin's series [1] plus additional
patches following additional code review. It also proposes one
ITS reset implementation. I dared to include 2 Wanghaibin patches,
taking into account the discussions held on the ML but obviously
they can live separately.

On guest reset or when shutdown -r is initiated from guest, the ITS
caches are not saved into guest RAM. However currently the ITS is not
resettable, meaning the ITS will contain previously set values in
its registers. If we initiate a state backup before the guest
re-writes the ITS registers, we use the old register values to restore
the ITS tables. And since they may have never been written they
may contain invalid entries. This leads to inconsistencies detected
by the save/restore code and causes save/restore failure.

Patches [1-5] should be cc'ed stable I think:
- KVM: arm/arm64: vgic-its: fix return value for restore (Wanghaibin)
  happens on restore whenever the device or ITT tables contain
  only invalid data
- Always allow clearing GITS_CREADR/CWRITER
  On first boot, if GITS_CBASER queue size is 0 and if we save at
  this moment, restore fails on CREAD write.
- if GITS_BASER<n> point to invalid tables we currently return -EINVAL
  on state save. QEMU aborts on this error whereas it forgives -EFAULT
  as we considered we should not abort on guest bad programming.
- Then we should never attempt to use GITS_BASER<n> and GITS_CBASER
  if they are not valid. Patches 4 and 5 fix that.

Patches [6-9] implement a new ITS reset IOCTL
  - maybe patch "free caches when GITS_BASER Valid bit is cleared" can
    be omitted if we consider the caches should not be cleared when
    GITS_BASER<n>.Valid is cleared.

Best Regards

Eric

Git: complete series available at
https://github.com/eauger/linux/tree/v4.14-rc2-its-reset-v1

* Testing:
- on Cavium using a virtio-net-pci guest and various sequences of
  guest shutdown -r now, virsh reset, virsh suspend/resume,
  virsh reboot, virsh save.restore, virsh shutdown

References:
[1] [RFC PATCH 0/3] fix migrate failed when vm is in booting
https://www.spinics.net/lists/kvm-arm/msg27121.html

History:
PATCH v1
- series including 2 modified patches of Wanghaibin


Eric Auger (7):
  KVM: arm/arm64: vgic-its: Always allow clearing GITS_CREADR/CWRITER
  KVM: arm/arm64: vgic-its: Improve error reporting on device table save
  KVM: arm/arm64: vgic-its: Check GITS_BASER Valid bit before saving
    tables
  KVM: arm/arm64: vgic-its: Check GITS_CBASER validity before processing
    commands
  KVM: arm/arm64: vgic-its: free caches when GITS_BASER Valid bit is
    cleared
  KVM: arm/arm64: Document KVM_DEV_ARM_ITS_CTRL_RESET
  KVM: arm/arm64: vgic-its: Implement KVM_DEV_ARM_ITS_CTRL_RESET

wanghaibin (2):
  KVM: arm/arm64: vgic-its: fix return value for restore
  KVM: arm/arm64: vgic-its: new helper functions to free the caches

 Documentation/virtual/kvm/devices/arm-vgic-its.txt |  16 ++
 arch/arm/include/uapi/asm/kvm.h                    |   1 +
 arch/arm64/include/uapi/asm/kvm.h                  |   1 +
 virt/kvm/arm/vgic/vgic-its.c                       | 211 +++++++++++++--------
 4 files changed, 155 insertions(+), 74 deletions(-)

-- 
2.5.5

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ