lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4973feca-4eee-7139-26e6-1b926c017263@linux.ibm.com>
Date:   Fri, 26 Mar 2021 09:25:14 -0400
From:   Tony Krowiak <akrowiak@...ux.ibm.com>
To:     Halil Pasic <pasic@...ux.ibm.com>
Cc:     linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
        kvm@...r.kernel.org, stable@...r.kernel.org,
        borntraeger@...ibm.com, cohuck@...hat.com, kwankhede@...dia.com,
        pbonzini@...hat.com, alex.williamson@...hat.com,
        pasic@...ux.vnet.ibm.com
Subject: Re: [PATCH v5 1/1] s390/vfio-ap: fix circular lockdep when
 setting/clearing crypto masks



On 3/25/21 4:32 PM, Halil Pasic wrote:
> On Thu, 25 Mar 2021 08:46:40 -0400
> Tony Krowiak <akrowiak@...ux.ibm.com> wrote:
>
>> This patch fixes a lockdep splat introduced by commit f21916ec4826
>> ("s390/vfio-ap: clean up vfio_ap resources when KVM pointer invalidated").
>> The lockdep splat only occurs when starting a Secure Execution guest.
>> Crypto virtualization (vfio_ap) is not yet supported for SE guests;
>> however, in order to avoid this problem when support becomes available,
>> this fix is being provided.
>>
>> The circular locking dependency was introduced when the setting of the
>> masks in the guest's APCB was executed while holding the matrix_dev->lock.
>> While the lock is definitely needed to protect the setting/unsetting of the
>> matrix_mdev->kvm pointer, it is not necessarily critical for setting the
>> masks; so, the matrix_dev->lock will be released while the masks are being
>> set or cleared.
>>
>> Keep in mind, however, that another process that takes the matrix_dev->lock
>> can get control while the masks in the guest's APCB are being set or
>> cleared as a result of the driver being notified that the KVM pointer
>> has been set or unset. This could result in invalid access to the
>> matrix_mdev->kvm pointer by the intervening process. To avoid this
>> scenario, two new fields are being added to the ap_matrix_mdev struct:
>>
>> struct ap_matrix_mdev {
>> 	...
>> 	bool kvm_busy;
>> 	wait_queue_head_t wait_for_kvm;
>>     ...
>> };
>>
>> The functions that handle notification that the KVM pointer value has
>> been set or cleared will set the kvm_busy flag to true until they are done
>> processing at which time they will set it to false and wake up the tasks on
>> the matrix_mdev->wait_for_kvm wait queue. Functions that require
>> access to matrix_mdev->kvm will sleep on the wait queue until they are
>> awakened at which time they can safely access the matrix_mdev->kvm
>> field.
>>
>> Fixes: f21916ec4826 ("s390/vfio-ap: clean up vfio_ap resources when KVM pointer invalidated")
>> Cc: stable@...r.kernel.org
>> Signed-off-by: Tony Krowiak <akrowiak@...ux.ibm.com>
> Reviewed-by: Halil Pasic <pasic@...ux.ibm.com>
>
> I intend to give a couple of work-days to others, and if nobody objects
> merge this. (I will wait till Tuesday.)

Thanks Halil.

>
> I've tested it and it does silence the lockdep splat.
>
> Regards,
> Halil

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ