| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 May 2024 15:32:31 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Michael Roth <michael.roth@....com>
Cc: Paolo Bonzini <pbonzini@...hat.com>, kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PULL 13/19] KVM: SEV: Implement gmem hook for invalidating
private pages
On Fri, May 10, 2024, Michael Roth wrote:
> Implement a platform hook to do the work of restoring the direct map
> entries of gmem-managed pages and transitioning the corresponding RMP
> table entries back to the default shared/hypervisor-owned state.
..
> +void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end)
> +{
> + kvm_pfn_t pfn;
> +
> + pr_debug("%s: PFN start 0x%llx PFN end 0x%llx\n", __func__, start, end);
> +
> + for (pfn = start; pfn < end;) {
> + bool use_2m_update = false;
> + int rc, rmp_level;
> + bool assigned;
> +
> + rc = snp_lookup_rmpentry(pfn, &assigned, &rmp_level);
> + if (WARN_ONCE(rc, "SEV: Failed to retrieve RMP entry for PFN 0x%llx error %d\n",
> + pfn, rc))
> + goto next_pfn;
This is comically trivial to hit, as it fires when running guest_memfd_test on a
!SNP host. Presumably the correct fix is to simply do nothing for !sev_snp_guest(),
but that's easier said than done due to the lack of a @kvm in .gmem_invalidate().
That too is not a big fix, but that's beside the point. IMO, the fact that I'm
the first person to (completely inadvertantly) hit this rather basic bug is a
good hint that we should wait until 6.11 to merge SNP support.
Powered by blists - more mailing lists