lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 06 Jul 2022 21:50:39 +0300 From: Maxim Levitsky <mlevitsk@...hat.com> To: Sean Christopherson <seanjc@...gle.com> Cc: Paolo Bonzini <pbonzini@...hat.com>, Vitaly Kuznetsov <vkuznets@...hat.com>, Wanpeng Li <wanpengli@...cent.com>, Jim Mattson <jmattson@...gle.com>, Joerg Roedel <joro@...tes.org>, kvm@...r.kernel.org, linux-kernel@...r.kernel.org, Oliver Upton <oupton@...gle.com>, Peter Shier <pshier@...gle.com> Subject: Re: [PATCH v2 02/21] KVM: VMX: Drop bits 31:16 when shoving exception error code into VMCS On Wed, 2022-07-06 at 16:12 +0000, Sean Christopherson wrote: > On Wed, Jul 06, 2022, Maxim Levitsky wrote: > > On Tue, 2022-06-14 at 20:47 +0000, Sean Christopherson wrote: > > > Deliberately truncate the exception error code when shoving it into the > > > VMCS (VM-Entry field for vmcs01 and vmcs02, VM-Exit field for vmcs12). > > > Intel CPUs are incapable of handling 32-bit error codes and will never > > > generate an error code with bits 31:16, but userspace can provide an > > > arbitrary error code via KVM_SET_VCPU_EVENTS. Failure to drop the bits > > > on exception injection results in failed VM-Entry, as VMX disallows > > > setting bits 31:16. Setting the bits on VM-Exit would at best confuse > > > L1, and at worse induce a nested VM-Entry failure, e.g. if L1 decided to > > > reinject the exception back into L2. > > > > Wouldn't it be better to fail KVM_SET_VCPU_EVENTS instead if it tries > > to set error code with uppper 16 bits set? > > No, because AMD CPUs generate error codes with bits 31:16 set. KVM "supports" > cross-vendor live migration, so outright rejecting is not an option. > > > Or if that is considered ABI breakage, then KVM_SET_VCPU_EVENTS code > > can truncate the user given value to 16 bit. > > Again, AMD, and more specifically SVM, allows bits 31:16 to be non-zero, so > truncation is only correct for VMX. I say "VMX" instead of "Intel" because > architecturally the Intel CPUs do have 32-bit error codes, it's just the VMX > architecture that doesn't allow injection of 32-bit values. > Oh, I see AMD uses bit 31 for RMP (from SEV-SNP) page fault, Thanks for the explanation! You might want to add this piece of info somewhere as a comment if you wish. Thanks, Best regards, Maxim Levitsky
Powered by blists - more mailing lists