| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <71585b6bfd584bf01b09d898c5702a8ab54b5308.camel@redhat.com>
Date: Mon, 18 Jul 2022 12:38:47 +0300
From: Maxim Levitsky <mlevitsk@...hat.com>
To: Suravee Suthikulpanit <suravee.suthikulpanit@....com>,
linux-kernel@...r.kernel.org, kvm@...r.kernel.org
Cc: pbonzini@...hat.com, seanjc@...gle.com, jon.grimm@....com
Subject: Re: [PATCH] KVM: SVM: Fix x2APIC MSRs interception
On Mon, 2022-07-18 at 03:38 -0500, Suravee Suthikulpanit wrote:
> The index for svm_direct_access_msrs was incorrectly initialized with
> the APIC MMIO register macros. Fix by introducing a macro for calculating
> x2APIC MSRs.
>
> Fixes: 5c127c85472c ("KVM: SVM: Adding support for configuring x2APIC MSRs interception")
> Cc: Maxim Levitsky <mlevitsk@...hat.com>
> Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@....com>
> ---
> arch/x86/kvm/svm/svm.c | 52 ++++++++++++++++++++++--------------------
> 1 file changed, 27 insertions(+), 25 deletions(-)
>
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index ba81a7e58f75..aef63aae922d 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -74,6 +74,8 @@ static uint64_t osvw_len = 4, osvw_status;
>
> static DEFINE_PER_CPU(u64, current_tsc_ratio);
>
> +#define X2APIC_MSR(x) (APIC_BASE_MSR + (x >> 4))
> +
> static const struct svm_direct_access_msrs {
> u32 index; /* Index of the MSR */
> bool always; /* True if intercept is initially cleared */
> @@ -100,31 +102,31 @@ static const struct svm_direct_access_msrs {
> { .index = MSR_IA32_CR_PAT, .always = false },
> { .index = MSR_AMD64_SEV_ES_GHCB, .always = true },
> { .index = MSR_TSC_AUX, .always = false },
> - { .index = (APIC_BASE_MSR + APIC_ID), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_LVR), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_TASKPRI), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_ARBPRI), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_PROCPRI), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_EOI), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_RRR), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_LDR), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_DFR), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_SPIV), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_ISR), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_TMR), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_IRR), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_ESR), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_ICR), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_ICR2), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_LVTT), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_LVTTHMR), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_LVTPC), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_LVT0), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_LVT1), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_LVTERR), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_TMICT), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_TMCCT), .always = false },
> - { .index = (APIC_BASE_MSR + APIC_TDCR), .always = false },
> + { .index = X2APIC_MSR(APIC_ID), .always = false },
> + { .index = X2APIC_MSR(APIC_LVR), .always = false },
> + { .index = X2APIC_MSR(APIC_TASKPRI), .always = false },
> + { .index = X2APIC_MSR(APIC_ARBPRI), .always = false },
> + { .index = X2APIC_MSR(APIC_PROCPRI), .always = false },
> + { .index = X2APIC_MSR(APIC_EOI), .always = false },
> + { .index = X2APIC_MSR(APIC_RRR), .always = false },
> + { .index = X2APIC_MSR(APIC_LDR), .always = false },
> + { .index = X2APIC_MSR(APIC_DFR), .always = false },
> + { .index = X2APIC_MSR(APIC_SPIV), .always = false },
> + { .index = X2APIC_MSR(APIC_ISR), .always = false },
> + { .index = X2APIC_MSR(APIC_TMR), .always = false },
> + { .index = X2APIC_MSR(APIC_IRR), .always = false },
> + { .index = X2APIC_MSR(APIC_ESR), .always = false },
> + { .index = X2APIC_MSR(APIC_ICR), .always = false },
> + { .index = X2APIC_MSR(APIC_ICR2), .always = false },
> + { .index = X2APIC_MSR(APIC_LVTT), .always = false },
> + { .index = X2APIC_MSR(APIC_LVTTHMR), .always = false },
> + { .index = X2APIC_MSR(APIC_LVTPC), .always = false },
> + { .index = X2APIC_MSR(APIC_LVT0), .always = false },
> + { .index = X2APIC_MSR(APIC_LVT1), .always = false },
> + { .index = X2APIC_MSR(APIC_LVTERR), .always = false },
> + { .index = X2APIC_MSR(APIC_TMICT), .always = false },
> + { .index = X2APIC_MSR(APIC_TMCCT), .always = false },
> + { .index = X2APIC_MSR(APIC_TDCR), .always = false },
> { .index = MSR_INVALID, .always = false },
Ouch.
Reviewed-by: Maxim Levitsky <mlevitsk@...hat.com>
Best regards,
Maxim Levitsky
> };
>
Powered by blists - more mailing lists