| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 6 Aug 2021 11:32:44 +0200
From: Claudio Imbrenda <imbrenda@...ux.ibm.com>
To: David Hildenbrand <david@...hat.com>
Cc: kvm@...r.kernel.org, cohuck@...hat.com, borntraeger@...ibm.com,
frankja@...ux.ibm.com, thuth@...hat.com, pasic@...ux.ibm.com,
linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
Ulrich.Weigand@...ibm.com
Subject: Re: [PATCH v3 03/14] KVM: s390: pv: leak the ASCE page when destroy
fails
On Fri, 6 Aug 2021 09:31:54 +0200
David Hildenbrand <david@...hat.com> wrote:
> On 04.08.21 17:40, Claudio Imbrenda wrote:
> > When a protected VM is created, the topmost level of page tables of
> > its ASCE is marked by the Ultravisor; any attempt to use that
> > memory for protected virtualization will result in failure.
> >
> > Only a successful Destroy Configuration UVC will remove the marking.
> >
> > When the Destroy Configuration UVC fails, the topmost level of page
> > tables of the VM does not get its marking cleared; to avoid issues
> > it must not be used again.
> >
> > Since the page becomes in practice unusable, we set it aside and
> > leak it.
>
> Instead of leaking, can't we add it to some list and try again later?
> Or do we only expect permanent errors?
once the secure VM has been destroyed unsuccessfully, there is nothing
that can be done, this is a permanent error
> Also, we really should bail out loud (pr_warn) to tell the admin that
> something really nasty is going on.
when a destroy secure VM UVC fails, there are already other warnings
printed, no need to add one more
Powered by blists - more mailing lists