lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c52ca7db-36a4-471c-8fb6-37a94d637741@linux.microsoft.com>
Date: Tue, 28 Jan 2025 16:45:42 -0800
From: Nuno Das Neves <nunodasneves@...ux.microsoft.com>
To: Michael Kelley <mhklinux@...look.com>,
 "linux-hyperv@...r.kernel.org" <linux-hyperv@...r.kernel.org>,
 "linux-arm-kernel@...ts.infradead.org"
 <linux-arm-kernel@...ts.infradead.org>,
 "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
 "linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>,
 "wei.liu@...nel.org" <wei.liu@...nel.org>
Cc: "kys@...rosoft.com" <kys@...rosoft.com>,
 "haiyangz@...rosoft.com" <haiyangz@...rosoft.com>,
 "decui@...rosoft.com" <decui@...rosoft.com>,
 "catalin.marinas@....com" <catalin.marinas@....com>,
 "will@...nel.org" <will@...nel.org>, "tglx@...utronix.de"
 <tglx@...utronix.de>, "mingo@...hat.com" <mingo@...hat.com>,
 "bp@...en8.de" <bp@...en8.de>,
 "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
 "x86@...nel.org" <x86@...nel.org>, "hpa@...or.com" <hpa@...or.com>,
 "arnd@...db.de" <arnd@...db.de>,
 "jinankjain@...ux.microsoft.com" <jinankjain@...ux.microsoft.com>,
 "muminulrussell@...il.com" <muminulrussell@...il.com>,
 "skinsburskii@...ux.microsoft.com" <skinsburskii@...ux.microsoft.com>,
 "mukeshrathor@...rosoft.com" <mukeshrathor@...rosoft.com>
Subject: Re: [PATCH v2 1/2] hyperv: Move hv_current_partition_id to
 arch-generic code

On 1/28/2025 10:45 AM, Michael Kelley wrote:
> From: Nuno Das Neves <nunodasneves@...ux.microsoft.com> Sent: Wednesday, January 22, 2025 5:48 PM
>>
>> Move hv_current_partition_id and hv_get_partition_id() to hv_common.c.
>> These aren't specific to x86_64 and will be needed by common code.
>>
>> Set hv_current_partition_id to HV_PARTITION_ID_SELF by default.
>>
>> Use a stack variable for the output of the hypercall. This allows moving
>> the call of hv_get_partition_id() to hv_common_init() before the percpu
>> pages are initialized.
>>
>> Remove the BUG()s. Failing to get the id need not crash the machine.
>>
>> Signed-off-by: Nuno Das Neves <nudasnev@...rosoft.com>
>> ---
>>  arch/x86/hyperv/hv_init.c       | 26 --------------------------
>>  arch/x86/include/asm/mshyperv.h |  2 --
>>  drivers/hv/hv_common.c          | 23 +++++++++++++++++++++++
>>  include/asm-generic/mshyperv.h  |  1 +
>>  4 files changed, 24 insertions(+), 28 deletions(-)
>>
>> diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c
>> index 173005e6a95d..6b9f6f9f704d 100644
>> --- a/arch/x86/hyperv/hv_init.c
>> +++ b/arch/x86/hyperv/hv_init.c
>> @@ -34,9 +34,6 @@
>>  #include <clocksource/hyperv_timer.h>
>>  #include <linux/highmem.h>
>>
>> -u64 hv_current_partition_id = ~0ull;
>> -EXPORT_SYMBOL_GPL(hv_current_partition_id);
>> -
>>  void *hv_hypercall_pg;
>>  EXPORT_SYMBOL_GPL(hv_hypercall_pg);
>>
>> @@ -393,24 +390,6 @@ static void __init hv_stimer_setup_percpu_clockev(void)
>>  		old_setup_percpu_clockev();
>>  }
>>
>> -static void __init hv_get_partition_id(void)
>> -{
>> -	struct hv_get_partition_id *output_page;
>> -	u64 status;
>> -	unsigned long flags;
>> -
>> -	local_irq_save(flags);
>> -	output_page = *this_cpu_ptr(hyperv_pcpu_output_arg);
>> -	status = hv_do_hypercall(HVCALL_GET_PARTITION_ID, NULL, output_page);
>> -	if (!hv_result_success(status)) {
>> -		/* No point in proceeding if this failed */
>> -		pr_err("Failed to get partition ID: %lld\n", status);
>> -		BUG();
>> -	}
>> -	hv_current_partition_id = output_page->partition_id;
>> -	local_irq_restore(flags);
>> -}
>> -
>>  #if IS_ENABLED(CONFIG_HYPERV_VTL_MODE)
>>  static u8 __init get_vtl(void)
>>  {
>> @@ -605,11 +584,6 @@ void __init hyperv_init(void)
>>
>>  	register_syscore_ops(&hv_syscore_ops);
>>
>> -	if (cpuid_ebx(HYPERV_CPUID_FEATURES) & HV_ACCESS_PARTITION_ID)
>> -		hv_get_partition_id();
>> -
>> -	BUG_ON(hv_root_partition && hv_current_partition_id == ~0ull);
>> -
>>  #ifdef CONFIG_PCI_MSI
>>  	/*
>>  	 * If we're running as root, we want to create our own PCI MSI domain.
>> diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyperv.h
>> index f91ab1e75f9f..8d3ada3e8d0d 100644
>> --- a/arch/x86/include/asm/mshyperv.h
>> +++ b/arch/x86/include/asm/mshyperv.h
>> @@ -43,8 +43,6 @@ extern bool hyperv_paravisor_present;
>>
>>  extern void *hv_hypercall_pg;
>>
>> -extern u64 hv_current_partition_id;
>> -
>>  extern union hv_ghcb * __percpu *hv_ghcb_pg;
>>
>>  bool hv_isolation_type_snp(void);
>> diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c
>> index af5d1dc451f6..1da19b64ef16 100644
>> --- a/drivers/hv/hv_common.c
>> +++ b/drivers/hv/hv_common.c
>> @@ -31,6 +31,9 @@
>>  #include <hyperv/hvhdk.h>
>>  #include <asm/mshyperv.h>
>>
>> +u64 hv_current_partition_id = HV_PARTITION_ID_SELF;
>> +EXPORT_SYMBOL_GPL(hv_current_partition_id);
>> +
>>  /*
>>   * hv_root_partition, ms_hyperv and hv_nested are defined here with other
>>   * Hyper-V specific globals so they are shared across all architectures and are
>> @@ -283,6 +286,23 @@ static inline bool hv_output_page_exists(void)
>>  	return hv_root_partition || IS_ENABLED(CONFIG_HYPERV_VTL_MODE);
>>  }
>>
>> +static void __init hv_get_partition_id(void)
>> +{
>> +	/*
>> +	 * Note in this case the output can be on the stack because it is just
>> +	 * a single u64 and hence won't cross a page boundary.
>> +	 */
>> +	struct hv_get_partition_id output;
> 
> It's unfortunate that the structure name "hv_get_partition_id" is also
> the name of this function. Could the structure name be changed to
> follow the pattern of having "output" in the name, like other hypercall
> parameters? It's not a blocker if it can't be changed. I was just surprised
> to search for "hv_get_partition_id" and find both uses.
> 

hv_output_get_partition_id is really the "correct" name from the Hyper-V code,
so it makes sense to just change it to that in this patch.

> Also, see the comment at the beginning of hv_query_ext_cap() regarding
> using a local stack variable as hypercall input or output. The comment
> originated here [1]. At that time, I didn't investigate Sunil's assertion any
> further, and I'm still unsure whether it is really true. But perhaps for
> consistency and safety we should follow what it says.
> 
> [1] https://lore.kernel.org/linux-hyperv/SN4PR2101MB0880DB0606A5A0B72AD244B4C06A9@SN4PR2101MB0880.namprd21.prod.outlook.com/
> 
Hmm, from some cursory research it does look like stack variables can't be
used with virt_to_phys().

I thought about just using &hv_current_partition directly - I *think* that
will work - but in the end I think it's just simpler to just move calls so the
percpu output page can be used as normal. That may save some additional
back-and-forth as well as explanatory comments in the code.

I will also add a check for hv_output_page_exists() here, as a precaution in
case the HV_ACCESS_PARTITION_ID privilege ever becomes decoupled from
that (as it stands, I believe that permission is only for the root
partition, but you never know).

>> +	u64 status;
>> +
>> +	status = hv_do_hypercall(HVCALL_GET_PARTITION_ID, NULL, &output);
>> +	if (!hv_result_success(status)) {
>> +		pr_err("Hyper-V: failed to get partition ID: %#lx\n", status);
>> +		return;
>> +	}
>> +	hv_current_partition_id = output.partition_id;
>> +}
>> +
>>  int __init hv_common_init(void)
>>  {
>>  	int i;
>> @@ -298,6 +318,9 @@ int __init hv_common_init(void)
>>  	if (hv_is_isolation_supported())
>>  		sysctl_record_panic_msg = 0;
>>
>> +	if (ms_hyperv.priv_high & HV_ACCESS_PARTITION_ID)
>> +		hv_get_partition_id();
> 
> I don't see how this works. On the x86 side, hv_common_init()
> is called before the guest ID is set and the hypercall page is setup.
> So the hypercall in hv_get_partition_id() should fail.
> 

Oh, I tried to get too clever. I will put it back where it was and
add it on the arm64 side to hyperv_init() after the per-cpu init as
I mentioned above.

Thanks for the comments,
Nuno

> Michael
> 
>> +
>>  	/*
>>  	 * Hyper-V expects to get crash register data or kmsg when
>>  	 * crash enlightment is available and system crashes. Set
>> diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h
>> index a7bbe504e4f3..98100466e0b2 100644
>> --- a/include/asm-generic/mshyperv.h
>> +++ b/include/asm-generic/mshyperv.h
>> @@ -58,6 +58,7 @@ struct ms_hyperv_info {
>>  };
>>  extern struct ms_hyperv_info ms_hyperv;
>>  extern bool hv_nested;
>> +extern u64 hv_current_partition_id;
>>
>>  extern void * __percpu *hyperv_pcpu_input_arg;
>>  extern void * __percpu *hyperv_pcpu_output_arg;
>> --
>> 2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ