lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YUtEraihPxsytaJc@google.com>
Date:   Wed, 22 Sep 2021 14:58:53 +0000
From:   Sean Christopherson <seanjc@...gle.com>
To:     Xiaoyao Li <xiaoyao.li@...el.com>
Cc:     Paolo Bonzini <pbonzini@...hat.com>,
        Hao Xiang <hao.xiang@...ux.alibaba.com>, kvm@...r.kernel.org,
        linux-kernel@...r.kernel.org, chenyi.qiang@...el.com,
        shannon.zhao@...ux.alibaba.com
Subject: Re: [PATCH] KVM: VMX: Check if bus lock vmexit was preempted

On Wed, Sep 22, 2021, Xiaoyao Li wrote:
> On 9/22/2021 6:02 PM, Paolo Bonzini wrote:
> > On 18/09/21 13:30, Hao Xiang wrote:
> > > exit_reason.bus_lock_detected is not only set when bus lock VM exit
> > > was preempted, in fact, this bit is always set if bus locks are
> > > detected no matter what the exit_reason.basic is.
> > > 
> > > So the bus_lock_vmexit handling in vmx_handle_exit should be duplicated
> > > when exit_reason.basic is EXIT_REASON_BUS_LOCK(74). We can avoid it by
> > > checking if bus lock vmexit was preempted in vmx_handle_exit.
> > 
> > I don't understand, does this mean that bus_lock_detected=1 if
> > basic=EXIT_REASON_BUS_LOCK?  If so, can we instead replace the contents
> > of handle_bus_lock_vmexit with
> > 
> >      /* Do nothing and let vmx_handle_exit exit to userspace.  */
> >      WARN_ON(!to_vmx(vcpu)->exit_reason.bus_lock_detected);
> >      return 0;
> > 
> > ?
> > 
> > That would be doable only if this is architectural behavior and not a
> > processor erratum, of course.
> 
> EXIT_REASON.bus_lock_detected may or may not be set when exit reason ==
> EXIT_REASON_BUS_LOCK. Intel will update ISE or SDM to state it.
> 
> Maybe we can do below in handle_bus_lock_vmexit handler:
> 
> 	if (!to_vmx(vcpu)->exit_reason.bus_lock_detected)
> 		to_vmx(vcpu)->exit_reason.bus_lock_detected = 1;
> 
> But is manually changing the hardware reported value for software purpose a
> good thing?

In this case, I'd say yes.  Hardware having non-deterministic behavior is the not
good thing, KVM would simply be correctly the not-technically-an-erratum erratum.

Set it unconditionally and then handle everything in common path.  This has the
added advantage of having only one site that deals with KVM_RUN_X86_BUS_LOCK.

diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 33f92febe3ce..aa9372452e49 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -5561,9 +5561,9 @@ static int handle_encls(struct kvm_vcpu *vcpu)

 static int handle_bus_lock_vmexit(struct kvm_vcpu *vcpu)
 {
-       vcpu->run->exit_reason = KVM_EXIT_X86_BUS_LOCK;
-       vcpu->run->flags |= KVM_RUN_X86_BUS_LOCK;
-       return 0;
+       /* The dedicated flag may or may not be set by hardware.  /facepalm. */
+       vcpu->exit_reason.bus_lock_detected = true;
+       return 1;
 }

 /*
@@ -6050,9 +6050,8 @@ static int vmx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath)
        int ret = __vmx_handle_exit(vcpu, exit_fastpath);

        /*
-        * Even when current exit reason is handled by KVM internally, we
-        * still need to exit to user space when bus lock detected to inform
-        * that there is a bus lock in guest.
+        * Exit to user space when bus lock detected to inform that there is a
+        * bus lock in guest.
         */
        if (to_vmx(vcpu)->exit_reason.bus_lock_detected) {
                if (ret > 0)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ