lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 26 May 2022 23:13:54 +0300
From:   "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
To:     Dave Hansen <dave.hansen@...el.com>
Cc:     tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
        luto@...nel.org, peterz@...radead.org, ak@...ux.intel.com,
        dan.j.williams@...el.com, david@...hat.com, hpa@...or.com,
        linux-kernel@...r.kernel.org,
        sathyanarayanan.kuppuswamy@...ux.intel.com, seanjc@...gle.com,
        thomas.lendacky@....com, x86@...nel.org
Subject: Re: [PATCHv3 2/3] x86/tdx: Clarify RIP adjustments in #VE handler

On Wed, May 25, 2022 at 09:02:48AM -0700, Dave Hansen wrote:
> On 5/24/22 15:10, Kirill A. Shutemov wrote:
> > +static int ve_instr_len(struct ve_info *ve)
> > +{
> > +	/*
> > +	 * If the #VE happened due to instruction execution, GET_VEINFO
> > +	 * provides info on the instruction.
> > +	 *
> > +	 * For #VE due to EPT violation, info provided by GET_VEINFO not usable
> > +	 * and kernel has to decode instruction manually to find out its
> > +	 * length. Catch such cases.
> > +	 */
> > +	if (WARN_ON_ONCE(ve->exit_reason == EXIT_REASON_EPT_VIOLATION))
> > +		return 0;
> > +
> > +	return ve->instr_len;
> > +}
> 
> I'm not super happy with how this comment ended up.  First, let's put
> the comment next to the code to which it applies, like:
> 
> 	/*
> 	 * ve->instr_len is not defined for EPT violations.  For those,
> 	 * the kernel must decode instructions manually and should not
> 	 * be using this function.
> 	 */
> 	if (WARN_ON_ONCE(ve->exit_reason == EXIT_REASON_EPT_VIOLATION))
> 		return 0;
> 
> 	/*
> 	 * Assume that the #VE occurred due to instruction execution.
> 	 */
> 	return ve->instr_len;

Would it be helpful if the function has a whitelist of exit resons where
using ve->instr_len is safe? WARN_ONCE() and return 0 otherwise.

-- 
 Kirill A. Shutemov

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ