| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 May 2020 22:24:16 +0300
From: Maxim Levitsky <mlevitsk@...hat.com>
To: Paolo Bonzini <pbonzini@...hat.com>, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org
Cc: vkuznets@...hat.com, Joerg Roedel <jroedel@...e.de>
Subject: Re: [PATCH 00/24] KVM: nSVM: event fixes and migration support
On Wed, 2020-05-20 at 13:21 -0400, Paolo Bonzini wrote:
> Large parts of this series were posted before (patches 1, 3-4-5 and
> 6-7-8-12-13-14). This is basically what I'd like to get into 5.8 as
> far as nested SVM is concerned; the fix for exception vmexits is related
> to migration support, because it gets rid of the exit_required flag
> and therefore consolidates the SVM migration format.
>
> There are a couple more bugfixes (2 and 21), the latter of which actually
> affects VMX as well.
>
> The SVM migration data consists of:
>
> - the GIF state
>
> - the guest mode and nested-run-pending flags
>
> - the host state from before VMRUN
>
> - the nested VMCB control state
>
> The last two items are conveniently packaged in VMCB format. Compared
> to the previous prototype, HF_HIF_MASK is removed since it is part of
> "the host state from before VMRUN".
>
> The patch has been tested with the QEMU changes after my signature,
> where it also fixes system_reset while x86/svm.flat runs.
>
> Paolo
>
> Paolo Bonzini (24):
> KVM: nSVM: fix condition for filtering async PF
> KVM: nSVM: leave ASID aside in copy_vmcb_control_area
> KVM: nSVM: inject exceptions via svm_check_nested_events
> KVM: nSVM: remove exit_required
> KVM: nSVM: correctly inject INIT vmexits
> KVM: nSVM: move map argument out of enter_svm_guest_mode
> KVM: nSVM: extract load_nested_vmcb_control
> KVM: nSVM: extract preparation of VMCB for nested run
> KVM: nSVM: clean up tsc_offset update
> KVM: nSVM: pass vmcb_control_area to copy_vmcb_control_area
> KVM: nSVM: remove trailing padding for struct vmcb_control_area
> KVM: nSVM: save all control fields in svm->nested
> KVM: nSVM: do not reload pause filter fields from VMCB
> KVM: nSVM: remove HF_VINTR_MASK
> KVM: nSVM: remove HF_HIF_MASK
> KVM: nSVM: split nested_vmcb_check_controls
> KVM: nSVM: do all MMU switch work in init/uninit functions
> KVM: nSVM: leave guest mode when clearing EFER.SVME
> KVM: nSVM: extract svm_set_gif
> KVM: MMU: pass arbitrary CR0/CR4/EFER to kvm_init_shadow_mmu
> KVM: x86: always update CR3 in VMCB
> uaccess: add memzero_user
> selftests: kvm: add a SVM version of state-test
> KVM: nSVM: implement KVM_GET_NESTED_STATE and KVM_SET_NESTED_STATE
>
> arch/x86/include/asm/kvm_host.h | 2 -
> arch/x86/include/asm/svm.h | 9 +-
> arch/x86/include/uapi/asm/kvm.h | 17 +-
> arch/x86/kvm/cpuid.h | 5 +
> arch/x86/kvm/irq.c | 1 +
> arch/x86/kvm/mmu.h | 2 +-
> arch/x86/kvm/mmu/mmu.c | 14 +-
> arch/x86/kvm/svm/nested.c | 525 +++++++++++-------
> arch/x86/kvm/svm/svm.c | 107 ++--
> arch/x86/kvm/svm/svm.h | 32 +-
> arch/x86/kvm/vmx/nested.c | 5 -
> arch/x86/kvm/vmx/vmx.c | 5 +-
> arch/x86/kvm/x86.c | 3 +-
> include/linux/uaccess.h | 1 +
> lib/usercopy.c | 63 +++
> .../testing/selftests/kvm/x86_64/state_test.c | 65 ++-
> 16 files changed, 549 insertions(+), 307 deletions(-)
>
I just smoke-tested this patch series on my system.
Patch 24 doesn't apply cleanly on top of kvm/queue, I appplied it manually,
due to missing KVM_STATE_NESTED_MTF_PENDING bit
Also patch 22 needes ALIGN_UP which is not on mainline.
Probably in linux-next?
With these fixes, I don't see #DE exceptions on a nested guest I try to run
however it still hangs, right around the time it tries to access PS/2 keyboard/mouse.
Best regards,
Maxim Levitsky
Powered by blists - more mailing lists