| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <af19b9bb-02f0-7e6f-6555-7a6d0ce30ef7@redhat.com>
Date: Wed, 18 Oct 2017 16:34:04 +0200
From: Auger Eric <eric.auger@...hat.com>
To: Christoffer Dall <cdall@...aro.org>
Cc: eric.auger.pro@...il.com, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org, kvmarm@...ts.cs.columbia.edu,
marc.zyngier@....com, peter.maydell@...aro.org,
andre.przywara@....com, wanghaibin.wang@...wei.com,
wu.wubin@...wei.com, drjones@...hat.com, wei@...hat.com
Subject: Re: [PATCH v4 06/11] KVM: arm/arm64: vgic-its: Check GITS_CBASER
validity before processing commands
Hi Christoffer,
On 18/10/2017 00:10, Christoffer Dall wrote:
> On Tue, Oct 17, 2017 at 09:10:04AM +0200, Eric Auger wrote:
>> At the moment vgic_its_process_commands() does not
>> check the CBASER is valid before processing any command.
>> Let's fix that.
>>
>> Also rename cbaser local variable into cbaser_pa to avoid
>> any confusion with the full register.
>>
>> Signed-off-by: Eric Auger <eric.auger@...hat.com>
>> ---
>> virt/kvm/arm/vgic/vgic-its.c | 13 ++++++++-----
>> 1 file changed, 8 insertions(+), 5 deletions(-)
>>
>> diff --git a/virt/kvm/arm/vgic/vgic-its.c b/virt/kvm/arm/vgic/vgic-its.c
>> index 3b539d4..e18f1e4 100644
>> --- a/virt/kvm/arm/vgic/vgic-its.c
>> +++ b/virt/kvm/arm/vgic/vgic-its.c
>> @@ -1301,17 +1301,20 @@ static void vgic_mmio_write_its_cbaser(struct kvm *kvm, struct vgic_its *its,
>> /* Must be called with the cmd_lock held. */
>> static void vgic_its_process_commands(struct kvm *kvm, struct vgic_its *its)
>> {
>> - gpa_t cbaser;
>> + gpa_t cbaser_pa;
>> u64 cmd_buf[4];
>>
>> - /* Commands are only processed when the ITS is enabled. */
>> - if (!its->enabled)
>> + /*
>> + * Commands are only processed when the ITS is enabled and
>> + * CBASER is valid
>> + */
>> + if (!its->enabled || (!(its->cbaser & GITS_CBASER_VALID)))
>
> Is it valid to clear the CBASER valid bit after having enabled the ITS?
> If not, I think you should check changes to CBASER and then this
> shouldn't be necessary.
Yes you're right. the spec says:
When GITS_CTLR.Enable == 1 or GITS_CTLR.Quiescent == 0, writing this
register (CBASER) is UNPREDICTABLE .
Given we already check its->enabled in vgic_mmio_write_its_cbaser, I
think it is safe to remove this patch.
Thanks
Eric
>
>
>
>> return;
>>
>> - cbaser = CBASER_ADDRESS(its->cbaser);
>> + cbaser_pa = CBASER_ADDRESS(its->cbaser);
>>
>> while (its->cwriter != its->creadr) {
>> - int ret = kvm_read_guest(kvm, cbaser + its->creadr,
>> + int ret = kvm_read_guest(kvm, cbaser_pa + its->creadr,
>> cmd_buf, ITS_CMD_SIZE);
>> /*
>> * If kvm_read_guest() fails, this could be due to the guest
>> --
>> 2.5.5
>>
>
> Otherwise, this looks fine.
>
> Thanks,
> -Christoffer
>
Powered by blists - more mailing lists