lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 25 Jan 2020 10:32:02 +0100 From: Paolo Bonzini <pbonzini@...hat.com> To: Sean Christopherson <sean.j.christopherson@...el.com> Cc: Vitaly Kuznetsov <vkuznets@...hat.com>, Wanpeng Li <wanpengli@...cent.com>, Jim Mattson <jmattson@...gle.com>, Joerg Roedel <joro@...tes.org>, kvm@...r.kernel.org, linux-kernel@...r.kernel.org, Krish Sadhukhan <krish.sadhukhan@...cle.com>, Randy Dunlap <rdunlap@...radead.org> Subject: Re: [PATCH] KVM: x86: Take a u64 when checking for a valid dr7 value On 25/01/20 00:07, Sean Christopherson wrote: > Take a u64 instead of an unsigned long in kvm_dr7_valid() to fix a build > warning on i386 due to right-shifting a 32-bit value by 32 when checking > for bits being set in dr7[63:32]. > > Alternatively, the warning could be resolved by rewriting the check to > use an i386-friendly method, but taking a u64 fixes another oddity on > 32-bit KVM. Beause KVM implements natural width VMCS fields as u64s to > avoid layout issues between 32-bit and 64-bit, a devious guest can stuff > vmcs12->guest_dr7 with a 64-bit value even when both the guest and host > are 32-bit kernels. KVM eventually drops vmcs12->guest_dr7[63:32] when > propagating vmcs12->guest_dr7 to vmcs02, but ideally KVM would not rely > on that behavior for correctness. > > Cc: Jim Mattson <jmattson@...gle.com> > Cc: Krish Sadhukhan <krish.sadhukhan@...cle.com> > Fixes: ecb697d10f70 ("KVM: nVMX: Check GUEST_DR7 on vmentry of nested guests") > Reported-by: Randy Dunlap <rdunlap@...radead.org> > Signed-off-by: Sean Christopherson <sean.j.christopherson@...el.com> > --- > arch/x86/kvm/x86.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h > index 2d2ff855773b..3624665acee4 100644 > --- a/arch/x86/kvm/x86.h > +++ b/arch/x86/kvm/x86.h > @@ -357,7 +357,7 @@ static inline bool kvm_pat_valid(u64 data) > return (data | ((data & 0x0202020202020202ull) << 1)) == data; > } > > -static inline bool kvm_dr7_valid(unsigned long data) > +static inline bool kvm_dr7_valid(u64 data) > { > /* Bits [63:32] are reserved */ > return !(data >> 32); > Queued, thanks. Paolo
Powered by blists - more mailing lists