| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 May 2022 10:52:40 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
luto@...nel.org, peterz@...radead.org
Cc: ak@...ux.intel.com, dan.j.williams@...el.com, david@...hat.com,
hpa@...or.com, linux-kernel@...r.kernel.org,
sathyanarayanan.kuppuswamy@...ux.intel.com, seanjc@...gle.com,
thomas.lendacky@....com, x86@...nel.org
Subject: Re: [PATCHv2 2/3] x86/tdx: Clarify RIP adjustments in #VE handler
On 5/19/22 20:13, Kirill A. Shutemov wrote:
> + /*
> + * If the #VE happened due to instruction execution, GET_VEINFO
> + * provides info on the instruction in out.r10.
> + *
> + * For #VE due to EPT violation, info in out.r10 is not usable and
> + * kernel has to decode instruction manually to find out its length.
> + */
> + if (ve->exit_reason != EXIT_REASON_EPT_VIOLATION) {
> + ve->instr_len = lower_32_bits(out.r10);
> + ve->instr_info = upper_32_bits(out.r10);
> + } else {
> + ve->instr_len = 0;
> + ve->instr_info = 0;
> + }
> }
This is _better_, but I still don't like it. It still hides the magic
down in here and if someone screws it up, they'll silently get a loop of
#VE's. If we stick the logic a helper like:
int ve_instr_len(struct ve_info *ve)
{
if (WARN_ON_ONCE(ve->exit_reason != EXIT_REASON_EPT_VIOLATION))
return 0;
return ve->instr_len;
}
and then folks consume the instruction length with that, we get a splat
right where and when it goes wrong.
BTW, how do we know that all non-EPT_VIOLATION exits reasons are
instruction execution?
Powered by blists - more mailing lists