| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1a0dfd2bc950cb84e7344973657c6b23@kernel.org>
Date: Mon, 23 Aug 2021 22:51:48 +0100
From: Marc Zyngier <maz@...nel.org>
To: Raghavendra Rao Ananta <rananta@...gle.com>
Cc: Alexandru Elisei <alexandru.elisei@....com>,
Suzuki K Poulose <suzuki.poulose@....com>,
Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will@...nel.org>, Peter Shier <pshier@...gle.com>,
Ricardo Koller <ricarkol@...gle.com>,
Oliver Upton <oupton@...gle.com>,
Reiji Watanabe <reijiw@...gle.com>,
Jing Zhang <jingzhangos@...gle.com>,
linux-arm-kernel@...ts.infradead.org, kvmarm@...ts.cs.columbia.edu,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] KVM: arm64: Ratelimit error log during guest debug
exception
On 2021-08-23 19:13, Raghavendra Rao Ananta wrote:
> On Sat, Aug 21, 2021 at 3:56 AM Marc Zyngier <maz@...nel.org> wrote:
>>
>> On Sat, 21 Aug 2021 00:01:24 +0100,
>> Raghavendra Rao Ananta <rananta@...gle.com> wrote:
>> >
>> > [1 <text/plain; UTF-8 (7bit)>]
>> > On Fri, Aug 20, 2021 at 2:29 AM Marc Zyngier <maz@...nel.org> wrote:
>> > >
>> > > On Thu, 19 Aug 2021 23:34:06 +0100,
>> > > Raghavendra Rao Ananta <rananta@...gle.com> wrote:
>> > > >
>> > > > Potentially, the guests could trigger a debug exception that's
>> > > > outside the exception class range.
>> > >
>> > > How? All the exception classes that lead to this functions are already
>> > > handled in the switch/case statement.
>> > >
>> > I guess I didn't think this through. Landing into kvm_handle_guest_debug()
>> > itself is not possible :)
>>
>> Exactly.
>>
>> > > My take on this is that this code isn't reachable, and that it could
>> > > be better rewritten as:
>> > >
>> > > diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
>> > > index 6f48336b1d86..ae7ec086827b 100644
>> > > --- a/arch/arm64/kvm/handle_exit.c
>> > > +++ b/arch/arm64/kvm/handle_exit.c
>> > > @@ -119,28 +119,14 @@ static int kvm_handle_guest_debug(struct kvm_vcpu
>> > *vcpu)
>> > > {
>> > > struct kvm_run *run = vcpu->run;
>> > > u32 esr = kvm_vcpu_get_esr(vcpu);
>> > > - int ret = 0;
>> > >
>> > > run->exit_reason = KVM_EXIT_DEBUG;
>> > > run->debug.arch.hsr = esr;
>> > >
>> > > - switch (ESR_ELx_EC(esr)) {
>> > > - case ESR_ELx_EC_WATCHPT_LOW:
>> > > + if (ESR_ELx_EC(esr) == ESR_ELx_EC_WATCHPT_LOW)
>> > > run->debug.arch.far = vcpu->arch.fault.far_el2;
>> > > - fallthrough;
>> > > - case ESR_ELx_EC_SOFTSTP_LOW:
>> > > - case ESR_ELx_EC_BREAKPT_LOW:
>> > > - case ESR_ELx_EC_BKPT32:
>> > > - case ESR_ELx_EC_BRK64:
>> > > - break;
>> > > - default:
>> > > - kvm_err("%s: un-handled case esr: %#08x\n",
>> > > - __func__, (unsigned int) esr);
>> > > - ret = -1;
>> > > - break;
>> > > - }
>> > >
>> > > - return ret;
>> > > + return 0;
>> > > }
>> > >
>> > This looks better, but do you think we would be compromising on readability?
>>
>> I don't think so. The exit handler table is, on its own, pretty
>> explicit about what we route to this handler, and the comment above
>> the function clearly states that we exit to userspace for all the
>> debug ECs.
>
> Sounds great. I'm happy to send out a patch with you as 'Suggested-by'
> , if you
> are okay with it.
Fire away!
M.
--
Jazz is not dead. It just smells funny...
Powered by blists - more mailing lists