lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <cd56c99f-a266-dc04-41d7-62f35165a39b@redhat.com>
Date:   Thu, 26 Apr 2018 11:56:10 +0200
From:   Auger Eric <eric.auger@...hat.com>
To:     Christoffer Dall <christoffer.dall@....com>
Cc:     eric.auger.pro@...il.com, linux-kernel@...r.kernel.org,
        kvm@...r.kernel.org, kvmarm@...ts.cs.columbia.edu,
        marc.zyngier@....com, cdall@...nel.org, peter.maydell@...aro.org,
        andre.przywara@....com, drjones@...hat.com, wei@...hat.com
Subject: Re: [PATCH v3 09/12] KVM: arm/arm64: Check all vcpu redistributors
 are set on map_resources



On 04/24/2018 11:08 PM, Christoffer Dall wrote:
> On Fri, Apr 13, 2018 at 10:20:55AM +0200, Eric Auger wrote:
>> On vcpu first run, we eventually know the actual number of vcpus.
>> This is a synchronization point to check all redistributors regions
>> were assigned.
> 
> Isn't it the other way around?  We want to check that all redistributors
> (one for every VCPU) has its base address set?  (I don't suppose we care
> about unused redistributor regions).
Yes I meant "to check all redistributors were assigned"
> 
>> On kvm_vgic_map_resources() we check both dist and
>> redist were set, eventually check potential base address inconsistencies.
> 
> Do we need to check that again?  Didn't we check that at
> creation/register time?
Yes we need to, to handle the case where the userspace does not provide
sufficient rdist region space

create 8 vcpus (no iodev registered)
define a redist region for 4 (4 iodevs registered)
start the vcpus
> 
>>
>> Signed-off-by: Eric Auger <eric.auger@...hat.com>
>> ---
>>  virt/kvm/arm/vgic/vgic-v3.c | 19 ++++++++++++++-----
>>  1 file changed, 14 insertions(+), 5 deletions(-)
>>
>> diff --git a/virt/kvm/arm/vgic/vgic-v3.c b/virt/kvm/arm/vgic/vgic-v3.c
>> index b80f650..feabc24 100644
>> --- a/virt/kvm/arm/vgic/vgic-v3.c
>> +++ b/virt/kvm/arm/vgic/vgic-v3.c
>> @@ -484,16 +484,25 @@ struct vgic_redist_region *vgic_v3_rdist_region_from_index(struct kvm *kvm,
>>  
>>  int vgic_v3_map_resources(struct kvm *kvm)
>>  {
>> -	int ret = 0;
>>  	struct vgic_dist *dist = &kvm->arch.vgic;
>> -	struct vgic_redist_region *rdreg =
>> -		list_first_entry(&dist->rd_regions,
>> -				 struct vgic_redist_region, list);
>> +	struct kvm_vcpu *vcpu;
>> +	int ret = 0;
>> +	int c;
>>  
>>  	if (vgic_ready(kvm))
>>  		goto out;
>>  
>> -	if (IS_VGIC_ADDR_UNDEF(dist->vgic_dist_base) || !rdreg) {
>> +	kvm_for_each_vcpu(c, vcpu, kvm) {
>> +		struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
>> +
>> +		if (IS_VGIC_ADDR_UNDEF(vgic_cpu->rd_iodev.base_addr)) {
>> +			kvm_err("vcpu %d redistributor base not set\n", c);
> 
> Shouldn't this be a kvm_debug instead?  I think the user can just
> provoke this by failing to register enough redistributor regions.
yes indeed.
> 
> I'm also wondering if we could check this on vgic_init time for gicv3,
> which should have a defined vgic init ordering requirement.  That would
> make debugging it slightly easier to debug than "my machine isn't
> starting, and I get -ENXIO, and it can mean anything".

Well at vgic_init time, vcpus are frozen but dist and redist regions are
not forced to be set, hence the late check we do in map_resources, on
1st VCPU run. Not sure I get this one?

Thanks

Eric
> 
>> +			ret = -ENXIO;
>> +			goto out;
>> +		}
>> +	}
>> +
>> +	if (IS_VGIC_ADDR_UNDEF(dist->vgic_dist_base)) {
>>  		kvm_err("Need to set vgic distributor addresses first\n");
>>  		ret = -ENXIO;
>>  		goto out;
>> -- 
>> 2.5.5
>>
> 
> Thanks,
> -Christoffer
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ