From: Sergey Dyasli <sergey.dyasli@citrix.com>
To: "JBeulich@suse.com" <JBeulich@suse.com>
Cc: Sergey Dyasli <sergey.dyasli@citrix.com>,
Kevin Tian <kevin.tian@intel.com>,
Andrew Cooper <Andrew.Cooper3@citrix.com>,
"jun.nakajima@intel.com" <jun.nakajima@intel.com>,
"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>
Subject: Re: [PATCH v1 1/2] x86/vvmx: check vmcs address in vmread/vmwrite
Date: Wed, 1 Mar 2017 13:44:49 +0000 [thread overview]
Message-ID: <1488375888.2934.1.camel@citrix.com> (raw)
In-Reply-To: <58B6D2E9020000780013EB47@prv-mh.provo.novell.com>
On Wed, 2017-03-01 at 05:55 -0700, Jan Beulich wrote:
> > > > On 01.03.17 at 10:13, <sergey.dyasli@citrix.com> wrote:
> >
> > If nested vmcs's address is invalid, virtual_vmcs_enter() will fail
> > during vmread/vmwrite:
> >
> > (XEN) Xen BUG at .../git/upstream/xen/xen/include/asm/hvm/vmx/vmx.h:333
> > (XEN) ----[ Xen-4.9-unstable x86_64 debug=y Tainted: H ]----
> > (XEN) Xen call trace:
> > (XEN) [<ffff82d0801f925e>] vmcs.c#arch/x86/hvm/vmx/vmcs.o.unlikely+0x28/0x19a
> > (XEN) [<ffff82d0801f60e3>] virtual_vmcs_vmwrite_safe+0x16/0x52
> > (XEN) [<ffff82d080202cb2>] nvmx_handle_vmwrite+0x70/0xfe
> > (XEN) [<ffff82d0801fe98a>] vmx_vmexit_handler+0x1379/0x1c49
> > (XEN) [<ffff82d08020427c>] vmx_asm_vmexit_handler+0x3c/0x120
> >
> > Fix this by emulating VMfailInvalid if the address is invalid.
>
> So just like in patch 2 this is __vmptrld() not properly dealing with
> errors. Instead of doing checks in software which hardware does
> anyway, wouldn't it be better to introduce (and use here and
> there) vmptrld_safe()?
Currently it's assumed that virtual_vmcs_enter/exit() never fail.
It's easy to maintain that assumption with one simple check:
nv_vvmcxaddr != INVALID_PADDR
as long as nvmx_handle_vmptrld() correctly checks the validity of
provided pointer.
Additionally, it would be painful to return the correct error value
all the way back to nvmx_handle_vmptrld().
--
Thanks,
Sergey
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2017-03-01 13:44 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-01 9:13 [PATCH v1 0/2] x86/vvmx: a couple of fixes (vmptrld + vmread/vmwrite) Sergey Dyasli
2017-03-01 9:13 ` [PATCH v1 1/2] x86/vvmx: check vmcs address in vmread/vmwrite Sergey Dyasli
2017-03-01 10:58 ` Andrew Cooper
2017-03-01 12:55 ` Jan Beulich
2017-03-01 13:22 ` Andrew Cooper
2017-03-01 13:40 ` Jan Beulich
2017-03-01 13:44 ` Sergey Dyasli [this message]
2017-03-01 14:04 ` Jan Beulich
2017-03-01 14:22 ` Sergey Dyasli
2017-03-01 14:28 ` Jan Beulich
2017-03-01 15:23 ` Sergey Dyasli
2017-03-01 15:39 ` Jan Beulich
2017-03-03 8:21 ` Tian, Kevin
2017-03-01 9:13 ` [PATCH v1 2/2] x86/vvmx: add vmcs id check into vmptrld emulation Sergey Dyasli
2017-03-01 11:01 ` Andrew Cooper
2017-03-03 10:54 ` Jan Beulich
2017-03-03 8:21 ` Tian, Kevin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1488375888.2934.1.camel@citrix.com \
--to=sergey.dyasli@citrix.com \
--cc=Andrew.Cooper3@citrix.com \
--cc=JBeulich@suse.com \
--cc=jun.nakajima@intel.com \
--cc=kevin.tian@intel.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.