lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <12b84d17-94cc-6ee7-bde4-340b609c16d2@redhat.com>
Date:   Fri, 18 Feb 2022 12:20:08 +0100
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     Like Xu <like.xu.linux@...il.com>
Cc:     Sean Christopherson <seanjc@...gle.com>,
        Eric Hankland <ehankland@...gle.com>,
        Jim Mattson <jmattson@...gle.com>,
        Wanpeng Li <wanpengli@...cent.com>,
        Vitaly Kuznetsov <vkuznets@...hat.com>,
        Joerg Roedel <joro@...tes.org>, kvm@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] KVM: x86/pmu: Protect kvm->arch.pmu_event_filter with
 SRCU

On 2/17/22 09:36, Like Xu wrote:
> From: Like Xu<likexu@...cent.com>
> 
> Fix the following positive warning:
> 
>   =============================
>   WARNING: suspicious RCU usage
>   arch/x86/kvm/pmu.c:190 suspicious rcu_dereference_check() usage!
>   other info that might help us debug this:
>   rcu_scheduler_active = 2, debug_locks = 1
>   1 lock held by CPU 28/KVM/370841:
>   #0: ff11004089f280b8 (&vcpu->mutex){+.+.}-{3:3}, at: kvm_vcpu_ioctl+0x87/0x730 [kvm]
>   Call Trace:
>    <TASK>
>    dump_stack_lvl+0x59/0x73
>    reprogram_fixed_counter+0x15d/0x1a0 [kvm]
>    kvm_pmu_trigger_event+0x1a3/0x260 [kvm]
>    ? free_moved_vector+0x1b4/0x1e0
>    complete_fast_pio_in+0x8a/0xd0 [kvm]
>    [...]

I think the right fix is to add SRCU protection to complete_userspace_io 
in kvm_arch_vcpu_ioctl_run.  Most calls of complete_userspace_io can 
execute similar code to vmexits.

> Fixes: 66bb8a065f5a ("KVM: x86: PMU Event Filter")

It fixes 9cd803d496e7 ("KVM: x86: Update vPMCs when retiring 
instructions", 2022-01-07), actually.  That is when the PMU filter was 
added to kvm_skip_emulated_instruction (called by kvm_fast_pio_in).

Thanks,

Paolo

> It's possible to call KVM_SET_PMU_EVENT_FILTER ioctl with the vCPU running.
> Similar to "kvm->arch.msr_filter", KVM should guarantee that vCPUs will
> see either the previous filter or the new filter so that guest pmu events
> with identical settings in both the old and new filter have deterministic
> behavior.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ