lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 27 Jun 2018 14:28:27 +0100
From:   Will Deacon <will.deacon@....com>
To:     Wei Xu <xuwei5@...ilicon.com>
Cc:     James Morse <james.morse@....com>, mark.rutland@....com,
        catalin.marinas@....com, Linuxarm <linuxarm@...wei.com>,
        Zhangyi ac <zhangyi.ac@...wei.com>, suzuki.poulose@....com,
        marc.zyngier@....com,
        "Xiongfanggou (James)" <james.xiong@...wei.com>,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
        dave.martin@....com,
        "Liyuan (Larry, Turing Solution)" <Larry.T@...wei.com>,
        libeijian@...ilicon.com, zhangxiquan@...ilicon.com,
        wxf.wang@...ilicon.com, dingshuai1@...wei.com,
        Hanjun Guo <guohanjun@...wei.com>,
        "Liguozhu (Kenneth)" <liguozhu@...ilicon.com>
Subject: Re: KVM guest sometimes failed to boot because of kernel stack
 overflow if KPTI is enabled on a hisilicon ARM64 platform.

On Wed, Jun 27, 2018 at 02:22:03PM +0100, Wei Xu wrote:
> On 2018/6/26 18:47, Will Deacon wrote:
> > If you look at the __idmap_kpti_put_pgtable_ent_ng asm macro, can you try
> > replacing:
> > 
> > 	dc      civac, cur_\()\type\()p
> > 
> > with:
> > 
> > 	dc      ivac, cur_\()\type\()p
> > 
> > please? Only do this for the guest kernel, not the host. KVM will upgrade
> > the clean to a clean+invalidate, so it's interesting to see if this has
> > an effect on the behaviour.
> 
> Only changed the guest kernel, the guest still failed to boot and the log
> is same with the last mail.
> 
> But if I changed to cvac as below for the guest, it is kind of stable.
> 	dc      cvac, cur_\()\type\()p
> 
> I have synced with our SoC guys about this and hope we can find the reason.
> Do you have any more suggestion?

Unfortunately, not. It looks like somehow clean+invalidate is behaving
just as an invalidate, and we're corrupting the page table as a result.

Hopefully the SoC guys will figure it out.

Will

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ