lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 15 Mar 2024 10:45:04 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: isaku.yamahata@...el.com
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org, 
	isaku.yamahata@...il.com, Paolo Bonzini <pbonzini@...hat.com>, erdemaktas@...gle.com, 
	Sagi Shahar <sagis@...gle.com>, Kai Huang <kai.huang@...el.com>, chen.bo@...el.com, 
	hang.yuan@...el.com, tina.zhang@...el.com
Subject: Re: [PATCH v19 098/130] KVM: TDX: Add a place holder to handle TDX VM exit

On Mon, Feb 26, 2024, isaku.yamahata@...el.com wrote:
> +int tdx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t fastpath)
> +{
> +	union tdx_exit_reason exit_reason = to_tdx(vcpu)->exit_reason;
> +
> +	/* See the comment of tdh_sept_seamcall(). */
> +	if (unlikely(exit_reason.full == (TDX_OPERAND_BUSY | TDX_OPERAND_ID_SEPT)))
> +		return 1;
> +
> +	/*
> +	 * TDH.VP.ENTRY checks TD EPOCH which contend with TDH.MEM.TRACK and
> +	 * vcpu TDH.VP.ENTER.
> +	 */
> +	if (unlikely(exit_reason.full == (TDX_OPERAND_BUSY | TDX_OPERAND_ID_TD_EPOCH)))
> +		return 1;
> +
> +	if (unlikely(exit_reason.full == TDX_SEAMCALL_UD)) {
> +		kvm_spurious_fault();
> +		/*
> +		 * In the case of reboot or kexec, loop with TDH.VP.ENTER and
> +		 * TDX_SEAMCALL_UD to avoid unnecessarily activity.
> +		 */
> +		return 1;

No.  This is unnecessarily risky.  KVM_BUG_ON() and exit to userspace.  The
response to "SEAMCALL faulted" should never be, "well, let's try again!".

Also, what about #GP on SEAMCALL?  In general, the error handling here seems
lacking.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ