| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 11 Jan 2022 19:48:39 +0000
From: Sean Christopherson <seanjc@...gle.com>
To: "Tian, Kevin" <kevin.tian@...el.com>
Cc: "Gao, Chao" <chao.gao@...el.com>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>,
"pbonzini@...hat.com" <pbonzini@...hat.com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Jim Mattson <jmattson@...gle.com>,
Joerg Roedel <joro@...tes.org>, Ingo Molnar <mingo@...hat.com>,
Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>,
"x86@...nel.org" <x86@...nel.org>,
"H. Peter Anvin" <hpa@...or.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 5/6] KVM: x86: Remove WARN_ON in
kvm_arch_check_processor_compat
On Tue, Jan 11, 2022, Tian, Kevin wrote:
> > From: Sean Christopherson <seanjc@...gle.com>
> > Sent: Tuesday, January 11, 2022 7:00 AM
> >
> > On Mon, Dec 27, 2021, Chao Gao wrote:
> > > kvm_arch_check_processor_compat() needn't be called with interrupt
> > > disabled, as it only reads some CRs/MSRs which won't be clobbered
> > > by interrupt handlers or softirq.
> > >
> > > What really needed is disabling preemption. No additional check is
> > > added because if CONFIG_DEBUG_PREEMPT is enabled, smp_processor_id()
> > > (right above the WARN_ON()) can help to detect any violation.
> >
> > Hrm, IIRC, the assertion that IRQs are disabled was more about detecting
> > improper usage with respect to KVM doing hardware enabling than it was
> > about ensuring the current task isn't migrated. E.g. as exhibited by patch
> > 06, extra protections (disabling of hotplug in that case) are needed if
> > this helper is called outside of the core KVM hardware enabling flow since
> > hardware_enable_all() does its thing via SMP function call.
>
> Looks the WARN_ON() was added by you. 😊
Yeah, past me owes current me a beer.
> commit f1cdecf5807b1a91829a2dc4f254bfe6bafd4776
> Author: Sean Christopherson <sean.j.christopherson@...el.com>
> Date: Tue Dec 10 14:44:14 2019 -0800
>
> KVM: x86: Ensure all logical CPUs have consistent reserved cr4 bits
>
> Check the current CPU's reserved cr4 bits against the mask calculated
> for the boot CPU to ensure consistent behavior across all CPUs.
>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@...el.com>
> Signed-off-by: Paolo Bonzini <pbonzini@...hat.com>
>
> But it's unclear to me how this WARN_ON() is related to what the commit
> msg tries to explain.
Ya, the changelog and lack of a comment is awful.
> When I read this code it's more like a sanity check on the assumption that it
> is currently called in SMP function call which runs the said function with
> interrupt disabled.
Yes, and as above, that assertion was more about the helper not really being safe
for general usage as opposed to wanting to detect use from preemptible context.
If we end up keeping the WARN_ON, I'll happily write a comment explaining the
point of the assertion.
Powered by blists - more mailing lists