lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 14 Oct 2021 10:05:35 -0700
From:   Jim Mattson <jmattson@...gle.com>
To:     Sean Christopherson <seanjc@...gle.com>
Cc:     Vipin Sharma <vipinsh@...gle.com>, pbonzini@...hat.com,
        dmatlack@...gle.com, kvm@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] KVM: VMX: Add a wrapper for reading INVPCID/INVEPT/INVVPID
 type

On Thu, Oct 14, 2021 at 9:54 AM Sean Christopherson <seanjc@...gle.com> wrote:
>
> On Mon, Oct 11, 2021, Jim Mattson wrote:
> > On Mon, Oct 11, 2021 at 1:23 PM Sean Christopherson <seanjc@...gle.com> wrote:
> > >
> > > On Mon, Oct 11, 2021, Vipin Sharma wrote:
> > > > -     if (type > 3) {
> > > > +     if (type > INVPCID_TYPE_MAX) {
> > >
> > > Hrm, I don't love this because it's not auto-updating in the unlikely chance that
> > > a new type is added.  I definitely don't like open coding '3' either.  What about
> > > going with a verbose option of
> > >
> > >         if (type != INVPCID_TYPE_INDIV_ADDR &&
> > >             type != INVPCID_TYPE_SINGLE_CTXT &&
> > >             type != INVPCID_TYPE_ALL_INCL_GLOBAL &&
> > >             type != INVPCID_TYPE_ALL_NON_GLOBAL) {
> > >                 kvm_inject_gp(vcpu, 0);
> > >                 return 1;
> > >         }
> >
> > Better, perhaps, to introduce a new function, valid_invpcid_type(),
> > and squirrel away the ugliness there?
>
> Oh, yeah, definitely.  I missed that SVM's invpcid_interception() has the same
> open-coded check.
>
> Alternatively, could we handle the invalid type in the main switch statement?  I
> don't see anything in the SDM or APM that architecturally _requires_ the type be
> checked before reading the INVPCID descriptor.  Hardware may operate that way,
> but that's uArch specific behavior unless there's explicit documentation.

Right. INVVPID and INVEPT are explicitly documented to check the type
first, but INVPCID is not.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ