| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <diqz5ybc3xsr.fsf@ackerleytng-cloudtop.c.googlers.com>
Date: Wed, 08 Mar 2023 00:13:24 +0000
From: Ackerley Tng <ackerleytng@...gle.com>
To: Chao Peng <chao.p.peng@...ux.intel.com>
Cc: seanjc@...gle.com, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-mm@...ck.org,
linux-fsdevel@...r.kernel.org, linux-arch@...r.kernel.org,
linux-api@...r.kernel.org, linux-doc@...r.kernel.org,
qemu-devel@...gnu.org, pbonzini@...hat.com, corbet@....net,
vkuznets@...hat.com, wanpengli@...cent.com, jmattson@...gle.com,
joro@...tes.org, tglx@...utronix.de, mingo@...hat.com,
bp@...en8.de, arnd@...db.de, naoya.horiguchi@....com,
linmiaohe@...wei.com, x86@...nel.org, hpa@...or.com,
hughd@...gle.com, jlayton@...nel.org, bfields@...ldses.org,
akpm@...ux-foundation.org, shuah@...nel.org, rppt@...nel.org,
steven.price@....com, mail@...iej.szmigiero.name, vbabka@...e.cz,
vannapurve@...gle.com, yu.c.zhang@...ux.intel.com,
kirill.shutemov@...ux.intel.com, luto@...nel.org,
jun.nakajima@...el.com, dave.hansen@...el.com, ak@...ux.intel.com,
david@...hat.com, aarcange@...hat.com, ddutile@...hat.com,
dhildenb@...hat.com, qperret@...gle.com, tabba@...gle.com,
michael.roth@....com, mhocko@...e.com, wei.w.wang@...el.com
Subject: Re: [PATCH v10 9/9] KVM: Enable and expose KVM_MEM_PRIVATE
Chao Peng <chao.p.peng@...ux.intel.com> writes:
> On Sat, Jan 14, 2023 at 12:01:01AM +0000, Sean Christopherson wrote:
>> On Fri, Dec 02, 2022, Chao Peng wrote:
> ...
>> Strongly prefer to use similar logic to existing code that detects wraps:
>> mem->restricted_offset + mem->memory_size < mem->restricted_offset
>> This is also where I'd like to add the "gfn is aligned to offset" check,
>> though
>> my brain is too fried to figure that out right now.
> Used count_trailing_zeros() for this TODO, unsure we have other better
> approach.
> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> index afc8c26fa652..fd34c5f7cd2f 100644
> --- a/virt/kvm/kvm_main.c
> +++ b/virt/kvm/kvm_main.c
> @@ -56,6 +56,7 @@
> #include <asm/processor.h>
> #include <asm/ioctl.h>
> #include <linux/uaccess.h>
> +#include <linux/count_zeros.h>
> #include "coalesced_mmio.h"
> #include "async_pf.h"
> @@ -2087,6 +2088,19 @@ static bool kvm_check_memslot_overlap(struct
> kvm_memslots *slots, int id,
> return false;
> }
> +/*
> + * Return true when ALIGNMENT(offset) >= ALIGNMENT(gpa).
> + */
> +static bool kvm_check_rmem_offset_alignment(u64 offset, u64 gpa)
> +{
> + if (!offset)
> + return true;
> + if (!gpa)
> + return false;
> +
> + return !!(count_trailing_zeros(offset) >= count_trailing_zeros(gpa));
Perhaps we could do something like
#define lowest_set_bit(val) (val & -val)
and use
return lowest_set_bit(offset) >= lowest_set_bit(gpa);
Please help me to understand: why must ALIGNMENT(offset) >=
ALIGNMENT(gpa)? Why is it not sufficient to have both gpa and offset be
aligned to PAGE_SIZE?
> +}
> +
> /*
> * Allocate some memory and give it an address in the guest physical
> address
> * space.
> @@ -2128,7 +2142,8 @@ int __kvm_set_memory_region(struct kvm *kvm,
> if (mem->flags & KVM_MEM_PRIVATE &&
> (mem->restrictedmem_offset & (PAGE_SIZE - 1) ||
> mem->restrictedmem_offset + mem->memory_size <
> mem->restrictedmem_offset ||
> - 0 /* TODO: require gfn be aligned with restricted offset */))
> + !kvm_check_rmem_offset_alignment(mem->restrictedmem_offset,
> + mem->guest_phys_addr)))
> return -EINVAL;
> if (as_id >= kvm_arch_nr_memslot_as_ids(kvm) || id >= KVM_MEM_SLOTS_NUM)
> return -EINVAL;
Powered by blists - more mailing lists