lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 23 Jan 2020 10:45:13 +0100
From:   Vitaly Kuznetsov <vkuznets@...hat.com>
To:     Paolo Bonzini <pbonzini@...hat.com>,
        linmiaohe <linmiaohe@...wei.com>
Cc:     kvm@...r.kernel.org, linux-kernel@...r.kernel.org, x86@...nel.org,
        rkrcmar@...hat.com, sean.j.christopherson@...el.com,
        wanpengli@...cent.com, jmattson@...gle.com, joro@...tes.org,
        tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, hpa@...or.com
Subject: Re: [PATCH] KVM: nVMX: set rflags to specify success in handle_invvpid() default case

Paolo Bonzini <pbonzini@...hat.com> writes:

> On 23/01/20 09:55, Vitaly Kuznetsov wrote:
>>> diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
>>> index 7608924ee8c1..985d3307ec56 100644
>>> --- a/arch/x86/kvm/vmx/nested.c
>>> +++ b/arch/x86/kvm/vmx/nested.c
>>> @@ -5165,7 +5165,7 @@ static int handle_invvpid(struct kvm_vcpu *vcpu)
>>>  		break;
>>>  	default:
>>>  		WARN_ON_ONCE(1);
>>> -		return kvm_skip_emulated_instruction(vcpu);
>>> +		break;
>>>  	}
>>>  
>>>  	return nested_vmx_succeed(vcpu);
>> Your patch seems to do the right thing, however, I started wondering if
>> WARN_ON_ONCE() is the right thing to do. SDM says that "If an
>> unsupported INVVPID type is specified, the instruction fails." and this
>> is similar to INVEPT and I decided to check what handle_invept()
>> does. Well, it does BUG_ON(). 
>> 
>> Are we doing the right thing in any of these cases?
>
> Yes, both INVEPT and INVVPID catch this earlier.
>
> For INVEPT:
>
>         types = (vmx->nested.msrs.ept_caps >> VMX_EPT_EXTENT_SHIFT) & 6;
>
>         if (type >= 32 || !(types & (1 << type)))
>                 return nested_vmx_failValid(vcpu,
>                                 VMXERR_INVALID_OPERAND_TO_INVEPT_INVVPID);
>
>
>
> For INVVPID:
>
>         types = (vmx->nested.msrs.vpid_caps &
>                         VMX_VPID_EXTENT_SUPPORTED_MASK) >> 8;
>
>         if (type >= 32 || !(types & (1 << type)))
>                 return nested_vmx_failValid(vcpu,
>                         VMXERR_INVALID_OPERAND_TO_INVEPT_INVVPID);
>

Ah, true, thanks for checking!

> So I'm leaning towards not applying Miaohe's patch.

Well, we may at least want to converge on BUG_ON() for both
handle_invvpid()/handle_invept(), there's no need for them to differ.

-- 
Vitaly

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ