lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 21 Feb 2019 17:20:32 +0100
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Joerg Roedel <jroedel@...e.de>
Cc:     Joerg Roedel <joro@...tes.org>, stable@...r.kernel.org,
        Ben Hutchings <ben.hutchings@...ethink.co.uk>,
        David Woodhouse <dwmw@...zon.co.uk>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Jim Mattson <jmattson@...gle.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH stable-4.4.y] KVM: VMX: Fix x2apic check in
 vmx_msr_bitmap_mode()

On Thu, Feb 21, 2019 at 03:47:01PM +0100, Joerg Roedel wrote:
> On Thu, Feb 21, 2019 at 03:15:30PM +0100, Greg Kroah-Hartman wrote:
> > Ugh, good catch!
> > 
> > Any hint as to what type of testing that you did that caught this?  I
> > keep asking people to run some kvm tests, but so far no one is :(
> 
> We caught this at SUSE while testing candidate kernel updates for one of
> our service packs using a 4.4-based kernel and debugging turned
> out that this is issue came in via stable-updates. We also build a
> vanilla-flavour of the kernel which is nearly identical to the upstream
> stable tree, but what usually ends up in testing is the full tree with
> other backports.
> 
> This particular issue was found by updating some openstack machines with
> the candidate kernel, which then triggered the problem in some guests.
> It is also a very special one, since I was only able to trigger the
> problem on Westmere-based machines with a specific guest-config.

Nice work.  Any chance that "test" could be added to the kvm testing
scripts that I think are being worked on somewhere?  Ideally we would
have caught this before it ever hit the stable tree.  Due to the lack of
good KVM testing, that's one of the areas I am always most worried about
:(

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ