| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+EHjTwhpjDDnKRU3QrJysgMhYH7eTi2_LrWpxCArLoP-1-BrQ@mail.gmail.com>
Date: Thu, 24 Feb 2022 12:26:33 +0000
From: Fuad Tabba <tabba@...gle.com>
To: Kalesh Singh <kaleshsingh@...gle.com>
Cc: will@...nel.org, maz@...nel.org, qperret@...gle.com,
surenb@...gle.com, kernel-team@...roid.com,
James Morse <james.morse@....com>,
Alexandru Elisei <alexandru.elisei@....com>,
Suzuki K Poulose <suzuki.poulose@....com>,
Catalin Marinas <catalin.marinas@....com>,
Mark Rutland <mark.rutland@....com>,
Mark Brown <broonie@...nel.org>,
Masami Hiramatsu <mhiramat@...nel.org>,
Peter Collingbourne <pcc@...gle.com>,
"Madhavan T. Venkataraman" <madvenka@...ux.microsoft.com>,
Andrew Walbran <qwandor@...gle.com>,
Andrew Scull <ascull@...gle.com>,
Zenghui Yu <yuzenghui@...wei.com>,
Ard Biesheuvel <ardb@...nel.org>,
Paolo Bonzini <pbonzini@...hat.com>,
linux-arm-kernel@...ts.infradead.org, kvmarm@...ts.cs.columbia.edu,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 6/8] KVM: arm64: Add hypervisor overflow stack
Hi Kalesh,
On Thu, Feb 24, 2022 at 5:21 AM Kalesh Singh <kaleshsingh@...gle.com> wrote:
>
> Allocate and switch to 16-byte aligned secondary stack on overflow. This
> provides us stack space to better handle overflows; and is used in
> a subsequent patch to dump the hypervisor stacktrace. The overflow stack
> is only allocated if CONFIG_NVHE_EL2_DEBUG is enabled, as hypervisor
> stacktraces is a debug feature dependent on CONFIG_NVHE_EL2_DEBUG.
>
> Signed-off-by: Kalesh Singh <kaleshsingh@...gle.com>
> ---
> arch/arm64/kvm/hyp/nvhe/host.S | 5 +++++
> arch/arm64/kvm/hyp/nvhe/switch.c | 5 +++++
> 2 files changed, 10 insertions(+)
>
> diff --git a/arch/arm64/kvm/hyp/nvhe/host.S b/arch/arm64/kvm/hyp/nvhe/host.S
> index 749961bfa5ba..367a01e8abed 100644
> --- a/arch/arm64/kvm/hyp/nvhe/host.S
> +++ b/arch/arm64/kvm/hyp/nvhe/host.S
> @@ -179,6 +179,10 @@ SYM_FUNC_END(__host_hvc)
> b hyp_panic
>
> .L__hyp_sp_overflow\@:
> +#ifdef CONFIG_NVHE_EL2_DEBUG
> + /* Switch to the overflow stack */
> + adr_this_cpu sp, hyp_overflow_stack + PAGE_SIZE, x0
> +#else
> /*
> * Reset SP to the top of the stack, to allow handling the hyp_panic.
> * This corrupts the stack but is ok, since we won't be attempting
> @@ -186,6 +190,7 @@ SYM_FUNC_END(__host_hvc)
> */
Nit: Maybe you should update this comment as well, since whether it
corrupts the stack or not depends on what happens above with
CONFIG_NVHE_EL2_DEBUG.
Thanks,
/fuad
> ldr_this_cpu x0, kvm_init_params + NVHE_INIT_STACK_HYP_VA, x1
> mov sp, x0
> +#endif
>
> bl hyp_panic_bad_stack
> ASM_BUG()
> diff --git a/arch/arm64/kvm/hyp/nvhe/switch.c b/arch/arm64/kvm/hyp/nvhe/switch.c
> index 703a5d3f611b..efc20273a352 100644
> --- a/arch/arm64/kvm/hyp/nvhe/switch.c
> +++ b/arch/arm64/kvm/hyp/nvhe/switch.c
> @@ -34,6 +34,11 @@ DEFINE_PER_CPU(struct kvm_host_data, kvm_host_data);
> DEFINE_PER_CPU(struct kvm_cpu_context, kvm_hyp_ctxt);
> DEFINE_PER_CPU(unsigned long, kvm_hyp_vector);
>
> +#ifdef CONFIG_NVHE_EL2_DEBUG
> +DEFINE_PER_CPU(unsigned long [PAGE_SIZE/sizeof(long)], hyp_overflow_stack)
> + __aligned(16);
> +#endif
> +
> static void __activate_traps(struct kvm_vcpu *vcpu)
> {
> u64 val;
> --
> 2.35.1.473.g83b2b277ed-goog
>
Powered by blists - more mailing lists