lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 28 Jun 2019 13:23:31 +0200
From:   Vitaly Kuznetsov <vkuznets@...hat.com>
To:     kvm@...r.kernel.org
Cc:     linux-kernel@...r.kernel.org, Paolo Bonzini <pbonzini@...hat.com>,
        Radim Krčmář <rkrcmar@...hat.com>,
        Liran Alon <liran.alon@...cle.com>
Subject: [PATCH v2 0/2] x86/kvm/nVMX: fix Enlightened VMCLEAR

VMCLEAR implementation for Enlightened VMCS is not entirely correct
when something else than the currently active eVMCS on the calling vCPU
is targeted. In case there's no currently active eVMCS on the calling vCPU
we are corrupting the targeted area by writing to the non-existent
launch_state field.

Fix the logic by always treating the targeted area as 'enlightened' in case
Enlightened VMEntry is enabled on the calling vCPU.

Changes since v1:
- 'evmcs_vmptr' -> 'evmcs_gpa' [Paolo Bonzini]
- avoid nested_release_evmcs() in handle_vmclear even for the currently
  active eVMCS on the calling vCPU [Liran Alon], PATCH1 added to support
  the change.

Vitaly Kuznetsov (2):
  x86/KVM/nVMX: don't use clean fields data on enlightened VMLAUNCH
  x86/kvm/nVMX: fix VMCLEAR when Enlightened VMCS is in use

 arch/x86/kvm/vmx/evmcs.c  | 18 ++++++++++++++
 arch/x86/kvm/vmx/evmcs.h  |  1 +
 arch/x86/kvm/vmx/nested.c | 52 ++++++++++++++++++++++-----------------
 3 files changed, 49 insertions(+), 22 deletions(-)

-- 
2.20.1

Powered by blists - more mailing lists