lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 15 Jan 2021 17:18:21 +0000
From:   Elena Petrova <lenaptr@...gle.com>
To:     kvmarm@...ts.cs.columbia.edu
Cc:     Elena Petrova <lenaptr@...gle.com>,
        linux-arm-kernel@...ts.infradead.org,
        open list <linux-kernel@...r.kernel.org>,
        Marc Zyngier <maz@...nel.org>,
        James Morse <james.morse@....com>,
        Julien Thierry <julien.thierry.kdev@...il.com>,
        Suzuki K Poulose <suzuki.poulose@....com>,
        George Popescu <george.apopescu97@...il.com>
Subject: [PATCH v3 0/9] UBSan Enablement for hyp/nVHE code

Respin of George's patch series enabling UBSAN for hyp/nVHE code.

Updates in v3:
  * rebased onto v5.11-rc3
  * added base commit info

Updates in v2:
  * CONFIG_KVM_ARM_DEBUG_BUFFER removed; __kvm_check_ubsan_buffer is
    called directly instead of via __kvm_arm_check_debug_buffer.
  * Bugfixing commits removed as these are already upstream.
  * Some code brought up to date, i.e. moved from entry.S to host.S.
  * Merged "Add support for creating and checking a buffer" and
    "Add a buffer that can pass UBSan data from hyp/nVHE" into
    one commit as these changes don't work without each other.

George Popescu (9):
  KVM: arm64: Enable UBSan instrumentation in nVHE hyp code
  KVM: arm64: Add a buffer that can pass UBSan data from hyp/nVHE to
    kernel
  KVM: arm64: Enable UBSAN_BOUNDS for the both the kernel and hyp/nVHE
  KVM: arm64: Enable UBsan check for unreachable code inside hyp/nVHE
    code
  KVM: arm64: Enable shift out of bounds undefined behaviour check for
    hyp/nVHE
  KVM: arm64: __ubsan_handle_load_invalid_value EL2 implementation.
  KVM: arm64: Detect type mismatch undefined behaviour from hyp/nVHE
    code
  KVM: arm64: Detect arithmetic overflow is inside hyp/nVHE.
  KVM: arm64: Add UBSan tests for PKVM.

 arch/arm64/include/asm/assembler.h          |  10 ++
 arch/arm64/include/asm/kvm_debug_buffer.h   |  34 ++++
 arch/arm64/include/asm/kvm_host.h           |   8 +-
 arch/arm64/include/asm/kvm_ubsan.h          |  50 ++++++
 arch/arm64/kvm/Makefile                     |   2 +
 arch/arm64/kvm/arm.c                        |   9 ++
 arch/arm64/kvm/hyp/include/hyp/test_ubsan.h | 112 +++++++++++++
 arch/arm64/kvm/hyp/nvhe/Makefile            |   3 +-
 arch/arm64/kvm/hyp/nvhe/host.S              |   4 +
 arch/arm64/kvm/hyp/nvhe/hyp-main.c          |   3 +
 arch/arm64/kvm/hyp/nvhe/ubsan.c             | 164 ++++++++++++++++++++
 arch/arm64/kvm/kvm_ubsan_buffer.c           |  81 ++++++++++
 12 files changed, 478 insertions(+), 2 deletions(-)
 create mode 100644 arch/arm64/include/asm/kvm_debug_buffer.h
 create mode 100644 arch/arm64/include/asm/kvm_ubsan.h
 create mode 100644 arch/arm64/kvm/hyp/include/hyp/test_ubsan.h
 create mode 100644 arch/arm64/kvm/hyp/nvhe/ubsan.c
 create mode 100644 arch/arm64/kvm/kvm_ubsan_buffer.c


base-commit: 5ee88057889bbca5f5bb96031b62b3756b33e164
-- 
2.30.0.296.g2bfb1c46d8-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ