lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <a8fa891e-0f35-449b-970c-24e5ca01e2f6@zytor.com>
Date: Wed, 10 Sep 2025 23:57:01 -0700
From: Xin Li <xin@...or.com>
To: Chao Gao <chao.gao@...el.com>
Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
        linux-pm@...r.kernel.org, seanjc@...gle.com, pbonzini@...hat.com,
        tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
        dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com,
        rafael@...nel.org, pavel@...nel.org, brgerst@...il.com,
        david.kaplan@....com, peterz@...radead.org, andrew.cooper3@...rix.com,
        kprateek.nayak@....com, arjan@...ux.intel.com,
        rick.p.edgecombe@...el.com, dan.j.williams@...el.com
Subject: Re: [RFC PATCH v1 1/5] x86/boot: Shift VMXON from KVM init to CPU
 startup phase

On 9/10/2025 12:25 AM, Chao Gao wrote:
>> void vmx_vm_destroy(struct kvm *kvm)
>> @@ -8499,10 +8396,6 @@ __init int vmx_hardware_setup(void)
>>
>> 	vmx_set_cpu_caps();
>>
>> -	r = alloc_kvm_area();
>> -	if (r && nested)
>> -		nested_vmx_hardware_unsetup();
>> -
> 
> There is a "return r" at the end of this function. with the removal
> of "r = alloc_kvm_area()", @r may be uninitialized.

Good catch!

There’s no need for r to have function-wide scope anymore; just return 0 at
the end of vmx_hardware_setup() after changing the definition of r as the
following

	if (nested) {
		int r = 0;
		...
	}


BTW, it's a good habit to always initialize local variables, which helps to
avoid this kind of mistakes I made here.


>> diff --git a/arch/x86/power/cpu.c b/arch/x86/power/cpu.c
>> index 916441f5e85c..0eec314b79c2 100644
>> --- a/arch/x86/power/cpu.c
>> +++ b/arch/x86/power/cpu.c
>> @@ -206,11 +206,11 @@ static void notrace __restore_processor_state(struct saved_context *ctxt)
>> 	/* cr4 was introduced in the Pentium CPU */
>> #ifdef CONFIG_X86_32
>> 	if (ctxt->cr4)
>> -		__write_cr4(ctxt->cr4);
>> +		__write_cr4(ctxt->cr4 & ~X86_CR4_VMXE);
> 
> any reason to mask off X86_CR4_VMXE here?

In this patch set, X86_CR4_VMXE is an indicator of whether VMX is on.  I
used a per-CPU variable to track that, but later it seems better to track
X86_CR4_VMXE.

> 
> I assume before suspend, VMXOFF is executed and CR4.VMXE is cleared. then
> ctxt->cr4 here won't have CR4.VMXE set.

What you said is for APs per my understanding.

cpu_{enable,disable}_virtualization() in arch/x86/power/cpu.c are only used
to execute VMXON/VMXOFF on BSP.

TBH, there are lot of power management details I don't understand, e.g., AP
states don't seem saved.  But the changes here are required to make S4
work :)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ