lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 8 Jul 2021 19:40:11 +0200
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     Vitaly Kuznetsov <vkuznets@...hat.com>, kvm@...r.kernel.org
Cc:     Sean Christopherson <seanjc@...gle.com>,
        Wanpeng Li <wanpengli@...cent.com>,
        Jim Mattson <jmattson@...gle.com>,
        Maxim Levitsky <mlevitsk@...hat.com>,
        Cathy Avery <cavery@...hat.com>,
        Emanuele Giuseppe Esposito <eesposit@...hat.com>,
        Tom Lendacky <thomas.lendacky@....com>,
        Michael Roth <mdroth@...ux.vnet.ibm.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/6] KVM: nSVM: Fix issues when SMM is entered from L2

On 28/06/21 12:44, Vitaly Kuznetsov wrote:
> This is a continuation of "[PATCH RFC] KVM: nSVM: Fix L1 state corruption
> upon return from SMM".
> 
> VMCB split commit 4995a3685f1b ("KVM: SVM: Use a separate vmcb for the
> nested L2 guest") broke return from SMM when we entered there from guest
> (L2) mode. Gen2 WS2016/Hyper-V is known to do this on boot. The problem
> appears to be that VMCB01 gets irreversibly destroyed during SMM execution.
> Previously, we used to have 'hsave' VMCB where regular (pre-SMM) L1's state
> was saved upon nested_svm_vmexit() but now we just switch to VMCB01 from
> VMCB02.
> 
> While writing a selftest for the issue, I've noticed that 'svm->nested.ctl'
> doesn't get restored after KVM_GET_NESTED_STATE/KVM_SET_NESTED_STATE cycle
> when guest happens to be in SMM triggered from L2. "KVM: nSVM: Restore
> nested control upon leaving SMM" is aimed to fix that.
> 
> First two patches of the series add missing sanity checks for
> MSR_VM_HSAVE_PA which has to be page aligned and not zero.
> 
> Vitaly Kuznetsov (6):
>    KVM: nSVM: Check the value written to MSR_VM_HSAVE_PA
>    KVM: nSVM: Check that VM_HSAVE_PA MSR was set before VMRUN
>    KVM: nSVM: Introduce svm_copy_nonvmloadsave_state()
>    KVM: nSVM: Fix L1 state corruption upon return from SMM
>    KVM: nSVM: Restore nested control upon leaving SMM
>    KVM: selftests: smm_test: Test SMM enter from L2
> 
>   arch/x86/kvm/svm/nested.c                     | 45 +++++++-----
>   arch/x86/kvm/svm/svm.c                        | 51 +++++++++++++-
>   arch/x86/kvm/svm/svm.h                        |  4 ++
>   tools/testing/selftests/kvm/x86_64/smm_test.c | 70 +++++++++++++++++--
>   4 files changed, 144 insertions(+), 26 deletions(-)
> 

Queued, thanks.

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ