lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <6e8a071e-0d5a-45d2-b2ef-4f6172ef4cff@redhat.com>
Date:   Thu, 2 Nov 2017 18:35:44 +0100
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     Jim Mattson <jmattson@...gle.com>, Wanpeng Li <kernellwp@...il.com>
Cc:     LKML <linux-kernel@...r.kernel.org>,
        kvm list <kvm@...r.kernel.org>,
        Radim Krčmář <rkrcmar@...hat.com>,
        Wanpeng Li <wanpeng.li@...mail.com>
Subject: Re: [PATCH v2] KVM: X86: #GP when guest attempts to write MCi_STATUS
 register w/o 0

On 19/10/2017 20:09, Jim Mattson wrote:
> "(offset & 0x3) == 1" seems like an obfuscated way of writing the
> predicate, is_mci_status_msr(msr). But other than that, this change
> looks fine to me.
> 
> I'm a little more concerned about the code above. At the very least,
> it needs to let the host set an arbitrary value for save/restore to
> work.

Why?  The guest cannot have written anything but the three allowed
values, userspace cannot write anything else either outside save/restore
without KVM_SET_MSR failing, and KVM itself (specifically
kvm_vcpu_ioctl_x86_setup_mce) only ever initializes IA32_MCi_CTL to all
ones.  So save will only ever find those three values, and restore's
KVM_SET_MSR restore should never fail either.

Thanks,

Paolo

> Reviewed-by: Jim Mattson <jmattson@...gle.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ