| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250501085949.GS4439@noisy.programming.kicks-ass.net>
Date: Thu, 1 May 2025 10:59:49 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Michael Kelley <mhklinux@...look.com>
Cc: "x86@...nel.org" <x86@...nel.org>,
"kys@...rosoft.com" <kys@...rosoft.com>,
"haiyangz@...rosoft.com" <haiyangz@...rosoft.com>,
"wei.liu@...nel.org" <wei.liu@...nel.org>,
"decui@...rosoft.com" <decui@...rosoft.com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"mingo@...hat.com" <mingo@...hat.com>,
"bp@...en8.de" <bp@...en8.de>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
"hpa@...or.com" <hpa@...or.com>,
"seanjc@...gle.com" <seanjc@...gle.com>,
"pbonzini@...hat.com" <pbonzini@...hat.com>,
"ardb@...nel.org" <ardb@...nel.org>,
"kees@...nel.org" <kees@...nel.org>, Arnd Bergmann <arnd@...db.de>,
"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
"jpoimboe@...nel.org" <jpoimboe@...nel.org>,
"linux-hyperv@...r.kernel.org" <linux-hyperv@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>,
"linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
"samitolvanen@...gle.com" <samitolvanen@...gle.com>,
"ojeda@...nel.org" <ojeda@...nel.org>
Subject: Re: [PATCH v2 12/13] x86_64,hyperv: Use direct call to hypercall-page
On Thu, May 01, 2025 at 02:36:26AM +0000, Michael Kelley wrote:
> From: Peter Zijlstra <peterz@...radead.org> Sent: Wednesday, April 30, 2025 4:08 AM
> > @@ -528,8 +546,8 @@ void __init hyperv_init(void)
> > if (hv_isolation_type_tdx() && !ms_hyperv.paravisor_present)
> > goto skip_hypercall_pg_init;
> >
> > - hv_hypercall_pg = __vmalloc_node_range(PAGE_SIZE, 1, VMALLOC_START,
> > - VMALLOC_END, GFP_KERNEL, PAGE_KERNEL_ROX,
> > + hv_hypercall_pg = __vmalloc_node_range(PAGE_SIZE, 1, MODULES_VADDR,
> > + MODULES_END, GFP_KERNEL, PAGE_KERNEL_ROX,
>
> Curiosity question (which I forgot ask about in v1): Is this change so that the
> hypercall page kernel address is "close enough" for the direct call to work from
> built-in code and from module code? Or is there some other reason?
No, you nailed it. Because we want to do a direct CALL, the hypercall
page must be in the disp32 range relative to the call site. The module
address space ensures this.
> > VM_FLUSH_RESET_PERMS, NUMA_NO_NODE,
> > __builtin_return_address(0));
> > if (hv_hypercall_pg == NULL)
> > @@ -567,27 +585,9 @@ void __init hyperv_init(void)
> > wrmsrl(HV_X64_MSR_HYPERCALL, hypercall_msr.as_uint64);
> > }
> >
> > -skip_hypercall_pg_init:
> > - /*
> > - * Some versions of Hyper-V that provide IBT in guest VMs have a bug
> > - * in that there's no ENDBR64 instruction at the entry to the
> > - * hypercall page. Because hypercalls are invoked via an indirect call
> > - * to the hypercall page, all hypercall attempts fail when IBT is
> > - * enabled, and Linux panics. For such buggy versions, disable IBT.
> > - *
> > - * Fixed versions of Hyper-V always provide ENDBR64 on the hypercall
> > - * page, so if future Linux kernel versions enable IBT for 32-bit
> > - * builds, additional hypercall page hackery will be required here
> > - * to provide an ENDBR32.
> > - */
> > -#ifdef CONFIG_X86_KERNEL_IBT
> > - if (cpu_feature_enabled(X86_FEATURE_IBT) &&
> > - *(u32 *)hv_hypercall_pg != gen_endbr()) {
> > - setup_clear_cpu_cap(X86_FEATURE_IBT);
> > - pr_warn("Disabling IBT because of Hyper-V bug\n");
> > - }
> > -#endif
>
> Nit: With this IBT code removed, the #include <asm/ibt.h> at the top
> of this source code file should be removed.
Indeed so.
>
> > + hv_set_hypercall_pg(hv_hypercall_pg);
> >
> > +skip_hypercall_pg_init:
> > /*
> > * hyperv_init() is called before LAPIC is initialized: see
> > * apic_intr_mode_init() -> x86_platform.apic_post_init() and
> >
> >
>
> The nit notwithstanding,
>
> Reviewed-by: Michael Kelley <mhklinux@...look.com>
Thanks!
Powered by blists - more mailing lists