lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <2e2e6161-9f65-4939-8061-83bf71810076@amd.com>
Date: Tue, 1 Oct 2024 15:59:37 +0700
From: "Suthikulpanit, Suravee" <suravee.suthikulpanit@....com>
To: Sean Christopherson <seanjc@...gle.com>
Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org, pbonzini@...hat.com,
 david.kaplan@....com
Subject: Re: [PATCH] KVM: SVM: Disable AVIC on SNP-enabled system without
 HvInUseWrAllowed feature

Hi Sean,

On 9/30/2024 11:04 PM, Sean Christopherson wrote:
> On Mon, Sep 30, 2024, Suravee Suthikulpanit wrote:
>> On SNP-enabled system, VMRUN marks AVIC Backing Page as in-use while
>> the guest is running for both secure and non-secure guest. This causes
>> any attempts to modify the RMP entries for the backing page to result in
>> FAIL_INUSE response. This is to ensure that the AVIC backing page is not
>> maliciously assigned to an SNP guest while the unencrypted guest is active.
>>
>> Currently, an attempt to run AVIC guest would result in the following error:
>>
>>      BUG: unable to handle page fault for address: ff3a442e549cc270
>>      #PF: supervisor write access in kernel mode
>>      #PF: error_code(0x80000003) - RMP violation
>>      PGD b6ee01067 P4D b6ee02067 PUD 10096d063 PMD 11c540063 PTE 80000001149cc163
>>      SEV-SNP: PFN 0x1149cc unassigned, dumping non-zero entries in 2M PFN region: [0x114800 - 0x114a00]
>>      ...
> This should be "fixed" by commit 75253db41a46 ("KVM: SEV: Make AVIC backing, VMSA
> and VMCB memory allocation SNP safe"), no?

The commit 75253db41a46 fixes another issue related to 2MB-aligned 
in-use page, where the CPU incorrectly treats the whole 2MB region as 
in-use and  signal an RMP violation #PF.

This enhancement is mainly to allow hypervisor to write to the AVIC 
backing page of non-secure guest on SNP-enabled system.

Note: This change might need to be ported to stable 6.9, 6.10, and 6.11 
tree as well.

Thanks,
Suravee

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ