lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+EHjTza-fm0j5FU3n4huYTtiNTEDZ7qx10iYW7NSZ=eoUKYVQ@mail.gmail.com>
Date:   Thu, 21 Jul 2022 10:59:16 +0100
From:   Fuad Tabba <tabba@...gle.com>
To:     Kalesh Singh <kaleshsingh@...gle.com>
Cc:     maz@...nel.org, mark.rutland@....com, broonie@...nel.org,
        madvenka@...ux.microsoft.com, will@...nel.org, qperret@...gle.com,
        james.morse@....com, alexandru.elisei@....com,
        suzuki.poulose@....com, catalin.marinas@....com,
        andreyknvl@...il.com, vincenzo.frascino@....com,
        mhiramat@...nel.org, ast@...nel.org, wangkefeng.wang@...wei.com,
        elver@...gle.com, keirf@...gle.com, yuzenghui@...wei.com,
        ardb@...nel.org, oupton@...gle.com,
        linux-arm-kernel@...ts.infradead.org, kvmarm@...ts.cs.columbia.edu,
        linux-kernel@...r.kernel.org, kernel-team@...roid.com
Subject: Re: [PATCH v5 17/17] KVM: arm64: Introduce hyp_dump_backtrace()

Hi Kalesh,

On Thu, Jul 21, 2022 at 6:58 AM Kalesh Singh <kaleshsingh@...gle.com> wrote:
>
> In non-protected nVHE mode, unwinds and dumps the hypervisor backtrace
> from EL1. This is possible beacuase the host can directly access the
> hypervisor stack pages in non-proteced mode.

because and non-protected

>
> Signed-off-by: Kalesh Singh <kaleshsingh@...gle.com>
> ---
>
> Changes in v5:
>   - Move code out from nvhe.h header to handle_exit.c, per Marc
>   - Fix stacktrace symoblization when CONFIG_RAMDOMIZE_BASE is enabled,
>     per Fuad
>   - Use regular comments instead of doc comments, per Fuad
>
>  arch/arm64/kvm/handle_exit.c | 65 +++++++++++++++++++++++++++++++-----
>  1 file changed, 56 insertions(+), 9 deletions(-)
>
> diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
> index ad568da5c7d7..432b6b26f4ad 100644
> --- a/arch/arm64/kvm/handle_exit.c
> +++ b/arch/arm64/kvm/handle_exit.c
> @@ -17,6 +17,7 @@
>  #include <asm/kvm_emulate.h>
>  #include <asm/kvm_mmu.h>
>  #include <asm/debug-monitors.h>
> +#include <asm/stacktrace/nvhe.h>
>  #include <asm/traps.h>
>
>  #include <kvm/arm_hypercalls.h>
> @@ -318,6 +319,56 @@ void handle_exit_early(struct kvm_vcpu *vcpu, int exception_index)
>                 kvm_handle_guest_serror(vcpu, kvm_vcpu_get_esr(vcpu));
>  }
>
> +/*
> + * kvm_nvhe_print_backtrace_entry - Symbolizes and prints the HYP stack address
> + */
> +static void kvm_nvhe_print_backtrace_entry(unsigned long addr,
> +                                                 unsigned long hyp_offset)
> +{
> +       unsigned long va_mask = GENMASK_ULL(vabits_actual - 1, 0);
> +
> +       /* Mask tags and convert to kern addr */
> +       addr = (addr & va_mask) + hyp_offset;
> +       kvm_err(" [<%016lx>] %pB\n", addr, (void *)(addr + kaslr_offset()));
> +}
> +
> +/*
> + * hyp_dump_backtrace_entry - Dump an entry of the non-protected nVHE HYP stacktrace
> + *
> + * @arg    : the hypervisor offset, used for address translation
> + * @where  : the program counter corresponding to the stack frame
> + */
> +static bool hyp_dump_backtrace_entry(void *arg, unsigned long where)
> +{
> +       kvm_nvhe_print_backtrace_entry(where, (unsigned long)arg);
> +
> +       return true;
> +}
> +
> +/*
> + * hyp_dump_backtrace - Dump the non-proteced nVHE HYP backtrace.

non-protected

Reviewed-by: Fuad Tabba <tabba@...gle.com>

Cheers,
/fuad


> + *
> + * @hyp_offset: hypervisor offset, used for address translation.
> + *
> + * The host can directly access HYP stack pages in non-protected
> + * mode, so the unwinding is done directly from EL1. This removes
> + * the need for shared buffers between host and hypervisor for
> + * the stacktrace.
> + */
> +static void hyp_dump_backtrace(unsigned long hyp_offset)
> +{
> +       struct kvm_nvhe_stacktrace_info *stacktrace_info;
> +       struct unwind_state state;
> +
> +       stacktrace_info = this_cpu_ptr_nvhe_sym(kvm_stacktrace_info);
> +
> +       kvm_nvhe_unwind_init(&state, stacktrace_info->fp, stacktrace_info->pc);
> +
> +       kvm_err("Non-protected nVHE HYP call trace:\n");
> +       unwind(&state, hyp_dump_backtrace_entry, (void *)hyp_offset);
> +       kvm_err("---- End of Non-protected nVHE HYP call trace ----\n");
> +}
> +
>  #ifdef CONFIG_PROTECTED_NVHE_STACKTRACE
>  DECLARE_KVM_NVHE_PER_CPU(unsigned long [NVHE_STACKTRACE_SIZE/sizeof(long)],
>                          pkvm_stacktrace);
> @@ -336,18 +387,12 @@ static void pkvm_dump_backtrace(unsigned long hyp_offset)
>  {
>         unsigned long *stacktrace_entry
>                 = (unsigned long *)this_cpu_ptr_nvhe_sym(pkvm_stacktrace);
> -       unsigned long va_mask, pc;
> -
> -       va_mask = GENMASK_ULL(vabits_actual - 1, 0);
>
>         kvm_err("Protected nVHE HYP call trace:\n");
>
> -       /* The stack trace is terminated by a null entry */
> -       for (; *stacktrace_entry; stacktrace_entry++) {
> -               /* Mask tags and convert to kern addr */
> -               pc = (*stacktrace_entry & va_mask) + hyp_offset;
> -               kvm_err(" [<%016lx>] %pB\n", pc, (void *)(pc + kaslr_offset()));
> -       }
> +       /* The saved stacktrace is terminated by a null entry */
> +       for (; *stacktrace_entry; stacktrace_entry++)
> +               kvm_nvhe_print_backtrace_entry(*stacktrace_entry, hyp_offset);
>
>         kvm_err("---- End of Protected nVHE HYP call trace ----\n");
>  }
> @@ -367,6 +412,8 @@ static void kvm_nvhe_dump_backtrace(unsigned long hyp_offset)
>  {
>         if (is_protected_kvm_enabled())
>                 pkvm_dump_backtrace(hyp_offset);
> +       else
> +               hyp_dump_backtrace(hyp_offset);
>  }
>
>  void __noreturn __cold nvhe_hyp_panic_handler(u64 esr, u64 spsr,
> --
> 2.37.0.170.g444d1eabd0-goog
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ