lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Mar 2020 11:26:41 +0100 From: Laurent Dufour <ldufour@...ux.ibm.com> To: linuxppc-dev@...ts.ozlabs.org, linux-kernel@...r.kernel.org, kvm-ppc@...r.kernel.org Subject: [PATCH 0/2] Fix SVM hang at startup This series is fixing a SVM hang occurring when starting a SVM requiring more secure memory than available. The hang happens in the SVM when calling UV_ESM. The following is happening: 1. SVM calls UV_ESM 2. Ultravisor (UV) calls H_SVM_INIT_START 3. Hypervisor (HV) calls UV_REGISTER_MEM_SLOT 4. UV returns error because there is not enough free secure memory 5. HV enter the error path in kvmppc_h_svm_init_start() 6. In the return path, since kvm->arch.secure_guest is not yet set hrfid is called 7. As the HV doesn't know the SVM calling context hrfid is jumping to unknown address in the SVM leading to various expections. This series fixes the setting of kvm->arch.secure_guest in kvmppc_h_svm_init_start() to ensure that UV_RETURN is called on the return path to get back to the UV. In addition to ensure that a malicious VM will not call UV reserved Hcall, a check of the Secure bit in the calling MSR is addded to reject such a call. It is assumed that the UV will filtered out such Hcalls made by a malicious SVM. Laurent Dufour (2): KVM: PPC: Book3S HV: check caller of H_SVM_* Hcalls KVM: PPC: Book3S HV: H_SVM_INIT_START must call UV_RETURN arch/powerpc/kvm/book3s_hv.c | 32 ++++++++++++++++++++---------- arch/powerpc/kvm/book3s_hv_uvmem.c | 3 ++- 2 files changed, 23 insertions(+), 12 deletions(-) -- 2.25.2
Powered by blists - more mailing lists