| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 Apr 2024 16:47:29 -0400
From: Boris Ostrovsky <boris.ostrovsky@...cle.com>
To: kvm@...r.kernel.org
Cc: seanjc@...gle.com, pbonzini@...hat.com, linux-kernel@...r.kernel.org
Subject: [PATCH] KVM/x86: Do not clear SIPI while in SMM
When a processor is running in SMM and receives INIT message the interrupt
is left pending until SMM is exited. On the other hand, SIPI, which
typically follows INIT, is discarded. This presents a problem since sender
has no way of knowing that its SIPI has been dropped, which results in
processor failing to come up.
Keeping the SIPI pending avoids this scenario.
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@...cle.com>
---
I am not sure whether non-SMM cases should clear the bit.
arch/x86/kvm/lapic.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
index cf37586f0466..4a57b69efc7f 100644
--- a/arch/x86/kvm/lapic.c
+++ b/arch/x86/kvm/lapic.c
@@ -3308,13 +3308,13 @@ int kvm_apic_accept_events(struct kvm_vcpu *vcpu)
}
/*
- * INITs are blocked while CPU is in specific states (SMM, VMX root
- * mode, SVM with GIF=0), while SIPIs are dropped if the CPU isn't in
- * wait-for-SIPI (WFS).
+ * INIT/SIPI are blocked while CPU is in specific states (SMM, VMX root
+ * mode, SVM with GIF=0).
*/
if (!kvm_apic_init_sipi_allowed(vcpu)) {
WARN_ON_ONCE(vcpu->arch.mp_state == KVM_MP_STATE_INIT_RECEIVED);
- clear_bit(KVM_APIC_SIPI, &apic->pending_events);
+ if (!is_smm(vcpu))
+ clear_bit(KVM_APIC_SIPI, &apic->pending_events);
return 0;
}
--
2.39.3
Powered by blists - more mailing lists