| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Apr 2024 16:40:03 -0700 From: Sean Christopherson <seanjc@...gle.com> To: stable@...r.kernel.org, Greg Kroah-Hartman <gregkh@...uxfoundation.org> Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org, Sean Christopherson <seanjc@...gle.com>, Paolo Bonzini <pbonzini@...hat.com>, David Matlack <dmatlack@...gle.com>, Pasha Tatashin <tatashin@...gle.com>, Michael Krebs <mkrebs@...gle.com>, Jim Mattson <jmattson@...gle.com> Subject: [PATCH 5.15 1/2] KVM: x86: Bail to userspace if emulation of atomic user access faults Upstream commit 5d6c7de6446e9ab3fb41d6f7d82770e50998f3de. Exit to userspace when emulating an atomic guest access if the CMPXCHG on the userspace address faults. Emulating the access as a write and thus likely treating it as emulated MMIO is wrong, as KVM has already confirmed there is a valid, writable memslot. Signed-off-by: Sean Christopherson <seanjc@...gle.com> Message-Id: <20220202004945.2540433-6-seanjc@...gle.com> Signed-off-by: Paolo Bonzini <pbonzini@...hat.com> --- arch/x86/kvm/x86.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index aa6f700f8c5f..a9c26397dcfd 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -7105,7 +7105,7 @@ static int emulator_cmpxchg_emulated(struct x86_emulate_ctxt *ctxt, } if (r < 0) - goto emul_write; + return X86EMUL_UNHANDLEABLE; if (r) return X86EMUL_CMPXCHG_FAILED; -- 2.44.0.478.gd926399ef9-goog
Powered by blists - more mailing lists