lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241217181458.68690-1-iorlov@amazon.com>
Date: Tue, 17 Dec 2024 18:14:51 +0000
From: Ivan Orlov <iorlov@...zon.com>
To: <bp@...en8.de>, <dave.hansen@...ux.intel.com>, <mingo@...hat.com>,
	<pbonzini@...hat.com>, <seanjc@...gle.com>, <shuah@...nel.org>,
	<tglx@...utronix.de>
CC: Ivan Orlov <iorlov@...zon.com>, <hpa@...or.com>, <kvm@...r.kernel.org>,
	<linux-kernel@...r.kernel.org>, <linux-kselftest@...r.kernel.org>,
	<x86@...nel.org>, <dwmw@...zon.co.uk>, <pdurrant@...zon.co.uk>,
	<jalliste@...zon.co.uk>
Subject: [PATCH v3 0/7] Enhance event delivery error handling

Currently, the unhandleable vectoring (e.g. when guest accesses MMIO
during vectoring) is handled differently on VMX and SVM: on VMX KVM
returns internal error, when SVM goes into infinite loop trying to
deliver an event again and again.

This patch series eliminates this difference by returning a KVM internal
error when KVM can't emulate during vectoring for both VMX and SVM.

Also, introduce a selftest test case which covers the error handling
mentioned above.

V1 -> V2:
- Make commit messages more brief, avoid using pronouns
- Extract SVM error handling into a separate commit
- Introduce a new X86EMUL_ return type and detect the unhandleable
vectoring error in vendor-specific check_emulate_instruction instead of
handling it in the common MMU code (which is specific for cached MMIO)

V2 -> V3:
- Make the new X86EMUL_ code more generic
- Prohibit any emulation during vectoring if it is due to an intercepted
#PF
- Add a new patch for checking whether unprotect & retry is possible
before exiting to userspace due to unhandleable vectoring
- Codestyle fixes


Ivan Orlov (7):
  KVM: x86: Add function for vectoring error generation
  KVM: x86: Add emulation status for unhandleable vectoring
  KVM: x86: Unprotect & retry before unhandleable vectoring check
  KVM: VMX: Handle vectoring error in check_emulate_instruction
  KVM: SVM: Handle vectoring error in check_emulate_instruction
  selftests: KVM: extract lidt into helper function
  selftests: KVM: Add test case for MMIO during vectoring

 arch/x86/include/asm/kvm_host.h               | 11 +++-
 arch/x86/kvm/kvm_emulate.h                    |  2 +
 arch/x86/kvm/svm/svm.c                        |  6 +++
 arch/x86/kvm/vmx/vmx.c                        | 30 ++++-------
 arch/x86/kvm/x86.c                            | 31 +++++++++++
 .../selftests/kvm/include/x86_64/processor.h  |  7 +++
 .../selftests/kvm/set_memory_region_test.c    | 53 ++++++++++++++++++-
 .../selftests/kvm/x86_64/sev_smoke_test.c     |  2 +-
 8 files changed, 117 insertions(+), 25 deletions(-)

-- 
2.43.0


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ