lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <b89b59753ee4439c8b9ea7413dab66c0@AcuMS.aculab.com>
Date:   Sat, 26 Mar 2022 22:16:03 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Joerg Roedel' <joro@...tes.org>, "x86@...nel.org" <x86@...nel.org>
CC:     Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        "hpa@...or.com" <hpa@...or.com>,
        Tom Lendacky <thomas.lendacky@....com>,
        Brijesh Singh <brijesh.singh@....com>,
        Joerg Roedel <jroedel@...e.de>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "stable@...r.kernel.org" <stable@...r.kernel.org>
Subject: RE: [PATCH v3] x86/sev: Unroll string mmio with
 CC_ATTR_GUEST_UNROLL_STRING_IO

From: Joerg Roedel <joro@...tes.org>
> Sent: 26 March 2022 14:41
> 
> The io specific memcpy/memset functions use string mmio accesses to do
> their work. Under SEV the hypervisor can't emulate these instructions,
> because they read/write directly from/to encrypted memory.
> 
> KVM will inject a page fault exception into the guest when it is asked
> to emulate string mmio instructions for an SEV guest:
> 
> 	BUG: unable to handle page fault for address: ffffc90000065068
> 	#PF: supervisor read access in kernel mode
> 	#PF: error_code(0x0000) - not-present page
> 	PGD 8000100000067 P4D 8000100000067 PUD 80001000fb067 PMD 80001000fc067 PTE 80000000fed40173
> 	Oops: 0000 [#1] PREEMPT SMP NOPTI
> 	CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.17.0-rc7 #3
> 
> As string mmio for an SEV guest can not be supported by the
> hypervisor, unroll the instructions for CC_ATTR_GUEST_UNROLL_STRING_IO
> enabled kernels.
> 
> This issue appears when kernels are launched in recent libvirt-managed
> SEV virtual machines, because libvirt started to add a tpm-crb device
> to the guest by default.
> 
> The kernel driver for tpm-crb uses memcpy_to/from_io() functions to
> access MMIO memory, resulting in a page-fault injected by KVM and
> crashing the kernel at boot.
> 
> Cc: stable@...r.kernel.org #4.15+
> Fixes: d8aa7eea78a1 ('x86/mm: Add Secure Encrypted Virtualization (SEV) support')
> Reviewed-by: Tom Lendacky <thomas.lendacky@....com>
> Signed-off-by: Joerg Roedel <jroedel@...e.de>
> ---
> Changes v2->v3:
> 	- Fix sparse warnings introduced by v2
> 
>  arch/x86/lib/iomem.c | 65 ++++++++++++++++++++++++++++++++++++++------
>  1 file changed, 57 insertions(+), 8 deletions(-)
> 
> diff --git a/arch/x86/lib/iomem.c b/arch/x86/lib/iomem.c
> index df50451d94ef..3e2f33fc33de 100644
> --- a/arch/x86/lib/iomem.c
> +++ b/arch/x86/lib/iomem.c
> @@ -22,7 +22,7 @@ static __always_inline void rep_movs(void *to, const void *from, size_t n)
>  		     : "memory");
>  }
> 
> -void memcpy_fromio(void *to, const volatile void __iomem *from, size_t n)
> +static void string_memcpy_fromio(void *to, const volatile void __iomem *from, size_t n)
>  {
>  	if (unlikely(!n))
>  		return;
> @@ -38,9 +38,8 @@ void memcpy_fromio(void *to, const volatile void __iomem *from, size_t n)
>  	}
>  	rep_movs(to, (const void *)from, n);
>  }
> -EXPORT_SYMBOL(memcpy_fromio);
> 
> -void memcpy_toio(volatile void __iomem *to, const void *from, size_t n)
> +static void string_memcpy_toio(volatile void __iomem *to, const void *from, size_t n)
>  {
>  	if (unlikely(!n))
>  		return;
> @@ -56,14 +55,64 @@ void memcpy_toio(volatile void __iomem *to, const void *from, size_t n)
>  	}
>  	rep_movs((void *)to, (const void *) from, n);
>  }
> +
> +static void unrolled_memcpy_fromio(void *to, const volatile void __iomem *from, size_t n)
> +{
> +	const volatile char __iomem *in = from;
> +	char *out = to;
> +	int i;
> +
> +	for (i = 0; i < n; ++i)
> +		out[i] = readb(&in[i]);
> +}

Wait a minute....
Aren't these functions supposed to be doing 'memory' copies?
In which case they need to be using 64bit IO accesses where
appropriate - otherwise the performance is horrid.

I thought the x86 memcpy_to/from_io() had been changed to
always use a software loop rather than using whatever memcpy()
ended up using.
In particular the 'rep movsb' ERMS (EMRS?) copy that is fast
(on some cpu) for memory-memory copies is always a byte copy
on uncached locations typical for io addresses.

PIO reads from PCIe can be spectacularly slow.
You really do want to use the largest register available.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ