lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <HE1PR0802MB255577943C260898A6C686ABF4720@HE1PR0802MB2555.eurprd08.prod.outlook.com>
Date:   Mon, 27 Jul 2020 03:45:37 +0000
From:   Jianyong Wu <Jianyong.Wu@....com>
To:     Jianyong Wu <Jianyong.Wu@....com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "yangbo.lu@....com" <yangbo.lu@....com>,
        "john.stultz@...aro.org" <john.stultz@...aro.org>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "pbonzini@...hat.com" <pbonzini@...hat.com>,
        "sean.j.christopherson@...el.com" <sean.j.christopherson@...el.com>,
        "maz@...nel.org" <maz@...nel.org>,
        "richardcochran@...il.com" <richardcochran@...il.com>,
        Mark Rutland <Mark.Rutland@....com>,
        "will@...nel.org" <will@...nel.org>,
        Suzuki Poulose <Suzuki.Poulose@....com>,
        Steven Price <Steven.Price@....com>
CC:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-arm-kernel@...ts.infradead.org" 
        <linux-arm-kernel@...ts.infradead.org>,
        "kvmarm@...ts.cs.columbia.edu" <kvmarm@...ts.cs.columbia.edu>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        Steve Capper <Steve.Capper@....com>,
        Kaly Xin <Kaly.Xin@....com>, Justin He <Justin.He@....com>,
        Wei Chen <Wei.Chen@....com>, nd <nd@....com>
Subject: RE: [PATCH v13 2/9] arm/arm64: KVM: Advertise KVM UID to guests via
 SMCCC

Hi Will,

> -----Original Message-----
> From: Jianyong Wu <jianyong.wu@....com>
> Sent: Friday, June 19, 2020 9:01 PM
> To: netdev@...r.kernel.org; yangbo.lu@....com; john.stultz@...aro.org;
> tglx@...utronix.de; pbonzini@...hat.com; sean.j.christopherson@...el.com;
> maz@...nel.org; richardcochran@...il.com; Mark Rutland
> <Mark.Rutland@....com>; will@...nel.org; Suzuki Poulose
> <Suzuki.Poulose@....com>; Steven Price <Steven.Price@....com>
> Cc: linux-kernel@...r.kernel.org; linux-arm-kernel@...ts.infradead.org;
> kvmarm@...ts.cs.columbia.edu; kvm@...r.kernel.org; Steve Capper
> <Steve.Capper@....com>; Kaly Xin <Kaly.Xin@....com>; Justin He
> <Justin.He@....com>; Wei Chen <Wei.Chen@....com>; Jianyong Wu
> <Jianyong.Wu@....com>; nd <nd@....com>
> Subject: [PATCH v13 2/9] arm/arm64: KVM: Advertise KVM UID to guests via
> SMCCC
> 
> From: Will Deacon <will@...nel.org>
> 
> We can advertise ourselves to guests as KVM and provide a basic features
> bitmap for discoverability of future hypervisor services.
> 
> Cc: Marc Zyngier <maz@...nel.org>
> Signed-off-by: Will Deacon <will@...nel.org>
> Signed-off-by: Jianyong Wu <jianyong.wu@....com>
> ---
>  arch/arm64/kvm/hypercalls.c | 29 +++++++++++++++++++----------
>  1 file changed, 19 insertions(+), 10 deletions(-)
> 
> diff --git a/arch/arm64/kvm/hypercalls.c b/arch/arm64/kvm/hypercalls.c
> index 550dfa3e53cd..db6dce3d0e23 100644
> --- a/arch/arm64/kvm/hypercalls.c
> +++ b/arch/arm64/kvm/hypercalls.c
> @@ -12,13 +12,13 @@
>  int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)  {
>  	u32 func_id = smccc_get_function(vcpu);
> -	long val = SMCCC_RET_NOT_SUPPORTED;
> +	u32 val[4] = {SMCCC_RET_NOT_SUPPORTED};

There is a risk as this u32 value will return here and a u64 value will be obtained in guest. For example,
The val[0] is initialized as -1 of 0xffffffff and the guest get 0xffffffff then it will be compared with -1 of 0xffffffffffffffff
Also this problem exists for the transfer of address in u64 type. So the following assignment to "val" should be split into
two u32 value and assign to val[0] and val[1] respectively.
WDYT?

Thanks
Jianyong 

>  	u32 feature;
>  	gpa_t gpa;
> 
>  	switch (func_id) {
>  	case ARM_SMCCC_VERSION_FUNC_ID:
> -		val = ARM_SMCCC_VERSION_1_1;
> +		val[0] = ARM_SMCCC_VERSION_1_1;
>  		break;
>  	case ARM_SMCCC_ARCH_FEATURES_FUNC_ID:
>  		feature = smccc_get_arg1(vcpu);
> @@ -28,10 +28,10 @@ int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
>  			case KVM_BP_HARDEN_UNKNOWN:
>  				break;
>  			case KVM_BP_HARDEN_WA_NEEDED:
> -				val = SMCCC_RET_SUCCESS;
> +				val[0] = SMCCC_RET_SUCCESS;
>  				break;
>  			case KVM_BP_HARDEN_NOT_REQUIRED:
> -				val = SMCCC_RET_NOT_REQUIRED;
> +				val[0] = SMCCC_RET_NOT_REQUIRED;
>  				break;
>  			}
>  			break;
> @@ -41,31 +41,40 @@ int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
>  			case KVM_SSBD_UNKNOWN:
>  				break;
>  			case KVM_SSBD_KERNEL:
> -				val = SMCCC_RET_SUCCESS;
> +				val[0] = SMCCC_RET_SUCCESS;
>  				break;
>  			case KVM_SSBD_FORCE_ENABLE:
>  			case KVM_SSBD_MITIGATED:
> -				val = SMCCC_RET_NOT_REQUIRED;
> +				val[0] = SMCCC_RET_NOT_REQUIRED;
>  				break;
>  			}
>  			break;
>  		case ARM_SMCCC_HV_PV_TIME_FEATURES:
> -			val = SMCCC_RET_SUCCESS;
> +			val[0] = SMCCC_RET_SUCCESS;
>  			break;
>  		}
>  		break;
>  	case ARM_SMCCC_HV_PV_TIME_FEATURES:
> -		val = kvm_hypercall_pv_features(vcpu);
> +		val[0] = kvm_hypercall_pv_features(vcpu);
>  		break;
>  	case ARM_SMCCC_HV_PV_TIME_ST:
>  		gpa = kvm_init_stolen_time(vcpu);
>  		if (gpa != GPA_INVALID)
> -			val = gpa;
> +			val[0] = gpa;
> +		break;
> +	case ARM_SMCCC_VENDOR_HYP_CALL_UID_FUNC_ID:
> +		val[0] = ARM_SMCCC_VENDOR_HYP_UID_KVM_REG_0;
> +		val[1] = ARM_SMCCC_VENDOR_HYP_UID_KVM_REG_1;
> +		val[2] = ARM_SMCCC_VENDOR_HYP_UID_KVM_REG_2;
> +		val[3] = ARM_SMCCC_VENDOR_HYP_UID_KVM_REG_3;
> +		break;
> +	case ARM_SMCCC_VENDOR_HYP_KVM_FEATURES_FUNC_ID:
> +		val[0] = BIT(ARM_SMCCC_KVM_FUNC_FEATURES);
>  		break;
>  	default:
>  		return kvm_psci_call(vcpu);
>  	}
> 
> -	smccc_set_retval(vcpu, val, 0, 0, 0);
> +	smccc_set_retval(vcpu, val[0], val[1], val[2], val[3]);
>  	return 1;
>  }
> --
> 2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ