| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240920080012.74405-1-mankku@gmail.com> Date: Fri, 20 Sep 2024 10:59:42 +0300 From: Markku Ahvenjärvi <mankku@...il.com> To: Sean Christopherson <seanjc@...gle.com>, Paolo Bonzini <pbonzini@...hat.com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org, "H. Peter Anvin" <hpa@...or.com> Cc: mankku@...il.com, janne.karhunen@...il.com, kvm@...r.kernel.org, linux-kernel@...r.kernel.org Subject: [PATCH 0/1] KVM: nVMX: update VPPR on vmlaunch/vmresume Hello, We experience hanging of the guest when running a hypervisor under KVM on VMX. The L1 guest hypervisor in this particular case is pKVM for Intel Architecture [1]. The hang occurs when a second nested guest is launched (the first being de-privileged host). We observed that external interrupt vmexit would not be passed to L1, instead L0 would attempt to resume L2. We isolated the problem to VPPR not being updated on nested vmlaunch/vmresume, and that causes vmx_has_apicv_interrupt() in nested_vmx_enter_non_root_mode() to miss interrupts. Updating VPPR in vmx_has_apicv_interrupt() ensures VPPR to be up-to-date. We don't fully understand why VPPR problem appears with pKVM-IA as L1, but not with normal KVM as L1. On pKVM-IA some of the host functionality is moved from vmx root to non-root, but I would appreciate if someone could clarify why normal KVM as L1 is seemingly unaffected. Thanks, Markku [1]: https://lore.kernel.org/kvm/20230312180048.1778187-1-jason.cj.chen@intel.com Markku Ahvenjärvi (1): KVM: nVMX: update VPPR on vmlaunch/vmresume arch/x86/kvm/lapic.c | 9 +++++---- arch/x86/kvm/lapic.h | 1 + arch/x86/kvm/vmx/nested.c | 5 +++-- 3 files changed, 9 insertions(+), 6 deletions(-) -- 2.44.1
Powered by blists - more mailing lists