lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 14 Sep 2023 14:39:09 +0200
From:   David Woodhouse <dwmw2@...radead.org>
To:     paul@....org, kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:     Paul Durrant <pdurrant@...zon.com>,
        Sean Christopherson <seanjc@...gle.com>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org
Subject: Re: [PATCH 2/8] KVM: pfncache: add a mark-dirty helper

On Thu, 2023-09-14 at 11:34 +0200, Paul Durrant wrote:
> On 14/09/2023 10:21, David Woodhouse wrote:
> > On Thu, 2023-09-14 at 08:49 +0000, Paul Durrant wrote:
> > > --- a/arch/x86/kvm/xen.c
> > > +++ b/arch/x86/kvm/xen.c
> > > @@ -430,14 +430,13 @@ static void kvm_xen_update_runstate_guest(struct kvm_vcpu *v, bool atomic)
> > >                  smp_wmb();
> > >          }
> > >   
> > > -       if (user_len2)
> > > +       if (user_len2) {
> > > +               kvm_gpc_mark_dirty(gpc2);
> > >                  read_unlock(&gpc2->lock);
> > > +       }
> > >   
> > > +       kvm_gpc_mark_dirty(gpc1);
> > >          read_unlock_irqrestore(&gpc1->lock, flags);
> > > -
> > > -       mark_page_dirty_in_slot(v->kvm, gpc1->memslot, gpc1->gpa >> PAGE_SHIFT);
> > > -       if (user_len2)
> > > -               mark_page_dirty_in_slot(v->kvm, gpc2->memslot, gpc2->gpa >> PAGE_SHIFT);
> > >   }
> > >   
> > >   void kvm_xen_update_runstate(struct kvm_vcpu *v, int state)
> > 
> > ISTR there was a reason why the mark_page_dirty_in_slot() was called
> > *after* unlocking. Although now I say it, that seems wrong... is that
> > because the spinlock is only protecting the uHVA→kHVA mapping, while
> > the memslot/gpa are going to remain valid even after unlock, because
> > those are protected by sRCU?
> 
> Without the lock you could see an inconsistent GPA and memslot so I 
> think you could theoretically calculate a bogus rel_gfn and walk off the 
> end of the dirty bitmap. Hence moving the call inside the lock while I 
> was in the neighbourhood seemed like a good idea. I could call it out in 
> the commit comment if you'd like.

Yeah, I can't see a reason why it needs to be outside the lock, and as
you note, there really is a reason why it should be *inside*. Whatever
reason there was, it either disappeared in the revisions of the gpc
patch set or it was stupidity on my part in the first place.

So yeah, let it move inside the lock, call that out in the commit
message (I did note some of the other commits could have used a 'No
functional change intended' too, FWIW), and

Reviewed-by: David Woodhouse <dwmw@...zon.co.uk>

Thanks.

Download attachment "smime.p7s" of type "application/pkcs7-signature" (5965 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ