lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon,  8 Nov 2021 18:10:21 +0000
From:   Marc Zyngier <maz@...nel.org>
To:     Mark Rutland <mark.rutland@....com>, Will Deacon <will@...nel.org>,
        linux-kernel@...r.kernel.org, kvmarm@...ts.cs.columbia.edu,
        James Morse <james.morse@....com>,
        Catalin Marinas <catalin.marinas@....com>,
        Suzuki K Poulose <suzuki.poulose@....com>,
        linux-arm-kernel@...ts.infradead.org,
        Quentin Perret <qperret@...gle.com>,
        Fuad Tabba <tabba@...gle.com>,
        Alexandru Elisei <alexandru.elisei@....com>
Cc:     dbrazdil@...gle.com, kernel-team@...roid.com
Subject: Re: [PATCH] KVM: arm64: Fix host stage-2 finalization

On Mon, 8 Nov 2021 15:46:32 +0000, Quentin Perret wrote:
> We currently walk the hypervisor stage-1 page-table towards the end of
> hyp init in nVHE protected mode and adjust the host page ownership
> attributes in its stage-2 in order to get a consistent state from both
> point of views. The walk is done on the entire hyp VA space, and expects
> to only ever find page-level mappings. While this expectation is
> reasonable in the half of hyp VA space that maps memory with a fixed
> offset (see the loop in pkvm_create_mappings_locked()), it can be
> incorrect in the other half where nothing prevents the usage of block
> mappings. For instance, on systems where memory is physically aligned at
> an address that happens to maps to a PMD aligned VA in the hyp_vmemmap,
> kvm_pgtable_hyp_map() will install block mappings when backing the
> hyp_vmemmap, which will later cause finalize_host_mappings() to fail.
> Furthermore, it should be noted that all pages backing the hyp_vmemmap
> are also mapped in the 'fixed offset range' of the hypervisor, which
> implies that finalize_host_mappings() will walk both aliases and update
> the host stage-2 attributes twice. The order in which this happens is
> unpredictable, though, since the hyp VA layout is highly dependent on
> the position of the idmap page, hence resulting in a fragile mess at
> best.
> 
> [...]

Applied to next, thanks!

[1/1] KVM: arm64: Fix host stage-2 finalization
      commit: 50a8d3315960c74095c59e204db44abd937d4b5d

Cheers,

	M.
-- 
Without deviation from the norm, progress is not possible.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ