| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZQzQPlcRdxu3z2Y/@google.com>
Date: Thu, 21 Sep 2023 16:22:38 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: isaku.yamahata@...el.com
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
isaku.yamahata@...il.com, Michael Roth <michael.roth@....com>,
Paolo Bonzini <pbonzini@...hat.com>, erdemaktas@...gle.com,
Sagi Shahar <sagis@...gle.com>,
David Matlack <dmatlack@...gle.com>,
Kai Huang <kai.huang@...el.com>,
Zhi Wang <zhi.wang.linux@...il.com>, chen.bo@...el.com,
linux-coco@...ts.linux.dev,
Chao Peng <chao.p.peng@...ux.intel.com>,
Ackerley Tng <ackerleytng@...gle.com>,
Vishal Annapurve <vannapurve@...gle.com>,
Yuan Yao <yuan.yao@...ux.intel.com>,
Jarkko Sakkinen <jarkko@...nel.org>,
Xu Yilun <yilun.xu@...el.com>,
Quentin Perret <qperret@...gle.com>, wei.w.wang@...el.com,
Fuad Tabba <tabba@...gle.com>
Subject: Re: [RFC PATCH v2 6/6] KVM: guest_memfd: selftest: Add test case for
error_remove_page method
On Thu, Sep 21, 2023, isaku.yamahata@...el.com wrote:
> From: Isaku Yamahata <isaku.yamahata@...el.com>
>
> This test case implements fault injection into guest memory by
> madvise(MADV_HWPOISON) for shared(conventional) memory region and
> KVM_GUEST_MEMORY_FAILURE for private gmem region. Once page is poisoned,
> free the poisoned page and try to run vcpu again to see a new zero page is
> assigned.
Thanks much for the test! I think for the initial merge it makes sense to leave
this out, mainly because I don't think we want a KVM specific ioctl(). But I'll
definitely keep this around to do manual point testing.
> +#define BASE_DATA_SLOT 10
> +#define BASE_DATA_GPA ((uint64_t)(1ull << 32))
> +#define PER_CPU_DATA_SIZE ((uint64_t)(SZ_2M))
> +
> +enum ucall_syncs {
> + HWPOISON_SHARED,
> + HWPOISON_PRIVATE,
> +};
> +
> +static void guest_sync_shared(uint64_t gpa)
Probably guest_poison_{shared,private}(), or maybe just open code the GUEST_SYNC2()
calls. I added helpers in the other tests because the ucalls were a bit more
involved then passing the GPA.
However, I don't see any reason to do hypercalls and on-demand mapping/fallocate.
Just have two separate sub-tests, one for private and one for shared, each with
its own host. I'm pretty sure the guest code can be the same, e.g. I believe it
would just boil down to:
static void guest_code(uint64_t gpa)
{
uint64_t *addr = (void *)gpa;
WRITE_ONCE(*addr, <some pattern>);
/* Ask the host to poison the page. */
GUEST_SYNC(EWPOISON);
/*
* Access the poisoned page. The host should see a SIGBUS or EHWPOISON
* and then truncate the page. After truncation, the page should be
* faulted back and read zeros, all before the read completes.
*/
GUEST_ASSERT_EQ(*(uint64_t *)gpa, 0);
GUEST_DONE();
}
> + if (uc.args[0] == HWPOISON_PRIVATE) {
> + int ret;
> +
> + inject_memory_failure(gmem_fd, gpa);
> + ret = _vcpu_run(vcpu);
> + TEST_ASSERT(ret == -1 && errno == EHWPOISON &&
Honestly, I'm kinda surprised the KVM code actually works :-)
> + run->exit_reason == KVM_EXIT_MEMORY_FAULT,
> + "exit_reason 0x%x",
> + run->exit_reason);
> + /* Discard the poisoned page and assign new page. */
> + vm_guest_mem_fallocate(vm, gpa, PAGE_SIZE, true);
> + } else {
> + uint8_t *hva = addr_gpa2hva(vm, gpa);
> + int r;
> +
> + r = madvise(hva, 8, MADV_HWPOISON);
Huh. TIL there's an MADV_HWPOISON. We've already talked about adding fbind(),
adding an fadvise() seems like the obvious solution. Or maybe overload
fallocate() with a new flag? Regardless, I think we should add or extend a generic
fd-based syscall(), not throw in something KVM specific.
Powered by blists - more mailing lists