lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y8lfdgcjLvtgII2a@google.com>
Date:   Thu, 19 Jan 2023 15:19:18 +0000
From:   Sean Christopherson <seanjc@...gle.com>
To:     Gavin Shan <gshan@...hat.com>
Cc:     kvmarm@...ts.linux.dev, kvmarm@...ts.cs.columbia.edu,
        kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
        pbonzini@...hat.com, maz@...nel.org, corbet@....net,
        james.morse@....com, suzuki.poulose@....com,
        oliver.upton@...ux.dev, yuzenghui@...wei.com,
        catalin.marinas@....com, will@...nel.org, ricarkol@...gle.com,
        eric.auger@...hat.com, yuzhe@...china.com, renzhengeek@...il.com,
        ardb@...nel.org, peterx@...hat.com, shan.gavin@...il.com
Subject: Re: [PATCH 4/4] KVM: Improve warning report in
 mark_page_dirty_in_slot()

On Thu, Jan 19, 2023, Gavin Shan wrote:
> Hi Sean,
> 
> On 1/18/23 2:42 AM, Sean Christopherson wrote:
> > On Mon, Jan 16, 2023, Gavin Shan wrote:
> > > There are two warning reports about the dirty ring in the function.
> > > We have the wrong assumption that the dirty ring is always enabled when
> > > CONFIG_HAVE_KVM_DIRTY_RING is selected.
> > 
> > No, it's not a wrong assumption, becuase it's not an assumption.  The intent is
> > to warn irrespective of dirty ring/log enabling.  The orignal code actually warned
> > irrespective of dirty ring support[1], again intentionally.  The
> > CONFIG_HAVE_KVM_DIRTY_RING check was added because s390 can mark pages dirty from
> > an worker thread[2] and s390 has no plans to support the dirty ring.
> > 
> > The reason for warning even if dirty ring isn't enabled is so that bots can catch
> > potential KVM bugs without having to set up a dirty ring or enable dirty logging.
> > 
> > [1] 2efd61a608b0 ("KVM: Warn if mark_page_dirty() is called without an active vCPU")
> > [2] e09fccb5435d ("KVM: avoid warning on s390 in mark_page_dirty")
> > 
> 
> Thanks for the linker. I was confused when looking at the code, but now it's clear to
> me. Thanks for your explanation. How about to add a comment there?
> 
>   /*
>    * The warning is expected when the dirty ring is configured,
>    * but not enabled.
>    */

That's not correct either.  By design, the warning can also fire if the dirty ring
is enabled.  KVM's rule is that writes to guest memory always need to be done in
the context of a running vCPU, with the recently added exception of
kvm_arch_allow_write_without_running_vcpu().  That intent of the warning is to
enforce that rule regardless of the state of the VM.

Concretely, I think you can just drop patches 3 and 4, and just fix the arm64 issues.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ