| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e4a513dc-57e9-288d-6929-c1ab1a084388@linux.microsoft.com>
Date: Thu, 15 Jan 2026 10:16:53 -0800
From: Mukesh R <mrathor@...ux.microsoft.com>
To: Wei Liu <wei.liu@...nel.org>
Cc: linux-hyperv@...r.kernel.org, linux-kernel@...r.kernel.org,
kys@...rosoft.com, haiyangz@...rosoft.com, decui@...rosoft.com,
longli@...rosoft.com, tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com
Subject: Re: [PATCH v1] x86/hyperv: Reserve 3 interrupt vectors used
exclusively by mshv
On 1/14/26 23:25, Wei Liu wrote:
> On Fri, Jan 02, 2026 at 02:02:08PM -0800, Mukesh Rathor wrote:
>> MSVC compiler, used to compile the Microsoft Hyper-V hypervisor currently,
>> has an assert intrinsic that uses interrupt vector 0x29 to create an
>> exception. This will cause hypervisor to then crash and collect core. As
>> such, if this interrupt number is assigned to a device by linux and the
>> device generates it, hypervisor will crash. There are two other such
>> vectors hard coded in the hypervisor, 0x2C and 0x2D for debug purposes.
>> Fortunately, the three vectors are part of the kernel driver space and
>> that makes it feasible to reserve them early so they are not assigned
>> later.
>>
>> Signed-off-by: Mukesh Rathor <mrathor@...ux.microsoft.com>
>> ---
>>
>> v1: Add ifndef CONFIG_X86_FRED (thanks hpa)
>>
>> arch/x86/kernel/cpu/mshyperv.c | 26 ++++++++++++++++++++++++++
>> 1 file changed, 26 insertions(+)
>>
>> diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c
>> index 579fb2c64cfd..8ef4ca6733ac 100644
>> --- a/arch/x86/kernel/cpu/mshyperv.c
>> +++ b/arch/x86/kernel/cpu/mshyperv.c
>> @@ -478,6 +478,27 @@ int hv_get_hypervisor_version(union hv_hypervisor_version_info *info)
>> }
>> EXPORT_SYMBOL_GPL(hv_get_hypervisor_version);
>>
>> +#ifndef CONFIG_X86_FRED
>
> I briefly looked up FRED and checked the code. I understand that once it
> is enabled, Linux kernel doesn't setup the IDT anymore (code in
> arch/x86/kernel/traps.c).
>
> My question is, do we need to do anything when FRED is enabled?
Yeah, at first glance my thought was it probably has greater
implications (in terms of double checking exceptions), and so
when time allows do deeper investigation and perhaps run it by
the hypervisor team to see if there is any other work we need to
do.
Thanks,
-Mukesh
> Wei
>
>> +/*
>> + * Reserve vectors hard coded in the hypervisor. If used outside, the hypervisor
>> + * will crash or hang or break into debugger.
>> + */
>> +static void hv_reserve_irq_vectors(void)
>> +{
>> + #define HYPERV_DBG_FASTFAIL_VECTOR 0x29
>> + #define HYPERV_DBG_ASSERT_VECTOR 0x2C
>> + #define HYPERV_DBG_SERVICE_VECTOR 0x2D
>> +
>> + if (test_and_set_bit(HYPERV_DBG_ASSERT_VECTOR, system_vectors) ||
>> + test_and_set_bit(HYPERV_DBG_SERVICE_VECTOR, system_vectors) ||
>> + test_and_set_bit(HYPERV_DBG_FASTFAIL_VECTOR, system_vectors))
>> + BUG();
>> +
>> + pr_info("Hyper-V:reserve vectors: %d %d %d\n", HYPERV_DBG_ASSERT_VECTOR,
>> + HYPERV_DBG_SERVICE_VECTOR, HYPERV_DBG_FASTFAIL_VECTOR);
>> +}
>> +#endif /* CONFIG_X86_FRED */
>> +
>> static void __init ms_hyperv_init_platform(void)
>> {
>> int hv_max_functions_eax, eax;
>> @@ -510,6 +531,11 @@ static void __init ms_hyperv_init_platform(void)
>>
>> hv_identify_partition_type();
>>
>> +#ifndef CONFIG_X86_FRED
>> + if (hv_root_partition())
>> + hv_reserve_irq_vectors();
>> +#endif /* CONFIG_X86_FRED */
>> +
>> if (cc_platform_has(CC_ATTR_SNP_SECURE_AVIC))
>> ms_hyperv.hints |= HV_DEPRECATING_AEOI_RECOMMENDED;
>>
>> --
>> 2.51.2.vfs.0.1
>>
Powered by blists - more mailing lists