lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Sep 2020 00:10:21 +0300 From: Maxim Levitsky <mlevitsk@...hat.com> To: kvm@...r.kernel.org Cc: "H. Peter Anvin" <hpa@...or.com>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, Vitaly Kuznetsov <vkuznets@...hat.com>, Sean Christopherson <sean.j.christopherson@...el.com>, Joerg Roedel <joro@...tes.org>, Paolo Bonzini <pbonzini@...hat.com>, Wanpeng Li <wanpengli@...cent.com>, Thomas Gleixner <tglx@...utronix.de>, linux-kernel@...r.kernel.org, Jim Mattson <jmattson@...gle.com>, x86@...nel.org (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)), Maxim Levitsky <mlevitsk@...hat.com> Subject: [PATCH v6 0/4] KVM: nSVM: ondemand nested state allocation This is the next version of this patch series. In V5 I adopted Sean Christopherson's suggestion to make .set_efer return a negative error (-ENOMEM in this case) which in most cases in kvm propagates to the userspace. I noticed though that wrmsr emulation code doesn't do this and instead it injects #GP to the guest on _any_ error. So I fixed the wrmsr code to behave in a similar way to the rest of the kvm code. (#GP only on a positive error value, and forward the negative error to the userspace) I had to adjust one wrmsr handler (xen_hvm_config) to stop it from returning negative values so that new WRMSR emulation behavior doesn't break it. This patch was only compile tested. The memory allocation failure was tested by always returning -ENOMEM from svm_allocate_nested. The nested allocation itself was tested by countless attempts to run nested guests, do nested migration on both my AMD and Intel machines. I wasn't able to break it. Changes from V5: addressed Sean Christopherson's review feedback. Best regards, Maxim Levitsky Maxim Levitsky (4): KVM: x86: xen_hvm_config: cleanup return values KVM: x86: report negative values from wrmsr emulation to userspace KVM: x86: allow kvm_x86_ops.set_efer to return an error value KVM: nSVM: implement on demand allocation of the nested state arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/emulate.c | 7 ++-- arch/x86/kvm/svm/nested.c | 42 ++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 58 +++++++++++++++++++-------------- arch/x86/kvm/svm/svm.h | 8 ++++- arch/x86/kvm/vmx/vmx.c | 6 ++-- arch/x86/kvm/x86.c | 37 ++++++++++++--------- 7 files changed, 113 insertions(+), 47 deletions(-) -- 2.26.2
Powered by blists - more mailing lists