| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAJHc60wLPFZ5XFwWVyex5GXr=qm7QWc2yOmkECxLh=L2QnvgWg@mail.gmail.com>
Date: Mon, 23 Aug 2021 11:13:06 -0700
From: Raghavendra Rao Ananta <rananta@...gle.com>
To: Marc Zyngier <maz@...nel.org>
Cc: Alexandru Elisei <alexandru.elisei@....com>,
Suzuki K Poulose <suzuki.poulose@....com>,
Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will@...nel.org>, Peter Shier <pshier@...gle.com>,
Ricardo Koller <ricarkol@...gle.com>,
Oliver Upton <oupton@...gle.com>,
Reiji Watanabe <reijiw@...gle.com>,
Jing Zhang <jingzhangos@...gle.com>,
linux-arm-kernel@...ts.infradead.org, kvmarm@...ts.cs.columbia.edu,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] KVM: arm64: Ratelimit error log during guest debug exception
On Sat, Aug 21, 2021 at 3:56 AM Marc Zyngier <maz@...nel.org> wrote:
>
> On Sat, 21 Aug 2021 00:01:24 +0100,
> Raghavendra Rao Ananta <rananta@...gle.com> wrote:
> >
> > [1 <text/plain; UTF-8 (7bit)>]
> > On Fri, Aug 20, 2021 at 2:29 AM Marc Zyngier <maz@...nel.org> wrote:
> > >
> > > On Thu, 19 Aug 2021 23:34:06 +0100,
> > > Raghavendra Rao Ananta <rananta@...gle.com> wrote:
> > > >
> > > > Potentially, the guests could trigger a debug exception that's
> > > > outside the exception class range.
> > >
> > > How? All the exception classes that lead to this functions are already
> > > handled in the switch/case statement.
> > >
> > I guess I didn't think this through. Landing into kvm_handle_guest_debug()
> > itself is not possible :)
>
> Exactly.
>
> > > My take on this is that this code isn't reachable, and that it could
> > > be better rewritten as:
> > >
> > > diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
> > > index 6f48336b1d86..ae7ec086827b 100644
> > > --- a/arch/arm64/kvm/handle_exit.c
> > > +++ b/arch/arm64/kvm/handle_exit.c
> > > @@ -119,28 +119,14 @@ static int kvm_handle_guest_debug(struct kvm_vcpu
> > *vcpu)
> > > {
> > > struct kvm_run *run = vcpu->run;
> > > u32 esr = kvm_vcpu_get_esr(vcpu);
> > > - int ret = 0;
> > >
> > > run->exit_reason = KVM_EXIT_DEBUG;
> > > run->debug.arch.hsr = esr;
> > >
> > > - switch (ESR_ELx_EC(esr)) {
> > > - case ESR_ELx_EC_WATCHPT_LOW:
> > > + if (ESR_ELx_EC(esr) == ESR_ELx_EC_WATCHPT_LOW)
> > > run->debug.arch.far = vcpu->arch.fault.far_el2;
> > > - fallthrough;
> > > - case ESR_ELx_EC_SOFTSTP_LOW:
> > > - case ESR_ELx_EC_BREAKPT_LOW:
> > > - case ESR_ELx_EC_BKPT32:
> > > - case ESR_ELx_EC_BRK64:
> > > - break;
> > > - default:
> > > - kvm_err("%s: un-handled case esr: %#08x\n",
> > > - __func__, (unsigned int) esr);
> > > - ret = -1;
> > > - break;
> > > - }
> > >
> > > - return ret;
> > > + return 0;
> > > }
> > >
> > This looks better, but do you think we would be compromising on readability?
>
> I don't think so. The exit handler table is, on its own, pretty
> explicit about what we route to this handler, and the comment above
> the function clearly states that we exit to userspace for all the
> debug ECs.
Sounds great. I'm happy to send out a patch with you as 'Suggested-by' , if you
are okay with it.
Regards,
Raghavendra
>
> M.
>
> --
> Without deviation from the norm, progress is not possible.
Powered by blists - more mailing lists