lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <cfed942fc767fa7b2fabc68a3357a7b95bd6a589.camel@amazon.com>
Date:   Sat, 9 Dec 2023 07:26:36 +0000
From:   "Gowans, James" <jgowans@...zon.com>
To:     "pbonzini@...hat.com" <pbonzini@...hat.com>,
        "Graf (AWS), Alexander" <graf@...zon.de>,
        "seanjc@...gle.com" <seanjc@...gle.com>,
        Schönherr, Jan H. <jschoenh@...zon.de>,
        "ebiederm@...ssion.com" <ebiederm@...ssion.com>
CC:     "yuzenghui@...wei.com" <yuzenghui@...wei.com>,
        "atishp@...shpatra.org" <atishp@...shpatra.org>,
        "kvm-riscv@...ts.infradead.org" <kvm-riscv@...ts.infradead.org>,
        "james.morse@....com" <james.morse@....com>,
        "suzuki.poulose@....com" <suzuki.poulose@....com>,
        "oliver.upton@...ux.dev" <oliver.upton@...ux.dev>,
        "chenhuacai@...nel.org" <chenhuacai@...nel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "kvmarm@...ts.linux.dev" <kvmarm@...ts.linux.dev>,
        "maz@...nel.org" <maz@...nel.org>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "aleksandar.qemu.devel@...il.com" <aleksandar.qemu.devel@...il.com>,
        "anup@...infault.org" <anup@...infault.org>,
        "kexec@...ts.infradead.org" <kexec@...ts.infradead.org>
Subject: Re: [PATCH v2 1/2] KVM: Use syscore_ops instead of reboot_notifier to
 hook restart/shutdown

Hi Sean,

Blast from the past but I've just been bitten by this patch when
rebasing across v6.4.

On Fri, 2023-05-12 at 16:31 -0700, Sean Christopherson wrote:
> Use syscore_ops.shutdown to disable hardware virtualization during a
> reboot instead of using the dedicated reboot_notifier so that KVM disables
> virtualization _after_ system_state has been updated.  This will allow
> fixing a race in KVM's handling of a forced reboot where KVM can end up
> enabling hardware virtualization between kernel_restart_prepare() and
> machine_restart().

The issue is that, AFAICT, the syscore_ops.shutdown are not called when
doing a kexec. Reboot notifiers are called across kexec via:

kernel_kexec
  kernel_restart_prepare
    blocking_notifier_call_chain
      kvm_reboot

So after this patch, KVM is not shutdown during kexec; if hardware virt
mode is enabled then the kexec hangs in exactly the same manner as you
describe with the reboot.

Some specific shutdown callbacks, for example IOMMU, HPET, IRQ, etc are
called in native_machine_shutdown, but KVM is not one of these.

Thoughts on possible ways to fix this:
a) go back to reboot notifiers
b) get kexec to call syscore_shutdown() to invoke all of these callbacks
c) Add a KVM-specific callback to native_machine_shutdown(); we only
need this for Intel x86, right?

My slight preference is towards adding syscore_shutdown() to kexec, but
I'm not sure that's feasible. Adding kexec maintainers for input.

JG

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ