From: Claudio Imbrenda <imbrenda@linux.ibm.com>
To: David Hildenbrand <david@redhat.com>
Cc: linux-kernel@vger.kernel.org, borntraeger@de.ibm.com,
frankja@linux.ibm.com, kvm@vger.kernel.org,
linux-s390@vger.kernel.org, stable@vger.kernel.org
Subject: Re: [PATCH v1 1/4] s390/kvm: VSIE: stop leaking host addresses
Date: Mon, 4 Jan 2021 14:58:02 +0100 [thread overview]
Message-ID: <20210104145802.7a2274a2@ibm-vm> (raw)
In-Reply-To: <b1a31982-a967-7439-1a7c-3c948deeb79d@redhat.com>
On Sun, 20 Dec 2020 10:44:56 +0100
David Hildenbrand <david@redhat.com> wrote:
> On 18.12.20 15:18, Claudio Imbrenda wrote:
> > The addresses in the SIE control block of the host should not be
> > forwarded to the guest. They are only meaningful to the host, and
> > moreover it would be a clear security issue.
>
> It's really almost impossible for someone without access to
> documentation to understand what we leak. I assume we're leaking the
> g1 address of a page table (entry), used for translation of g2->g3 to
> g1. Can you try making that clearer?
this is correct.
I guess I can improve the text of the commit
> In that case, it's pretty much a random number (of a random page used
> as a leave page table) and does not let g1 identify locations of
> symbols etc. If so, I don't think this is a "clear security issue"
> and suggest squashing this into the actual fix (#p4 I assume).
yeah __maybe__ I overstated the importance ;)
But I would still like to keep it as a separate patch, looks more
straightforward to me
> @Christian, @Janosch? Am I missing something?
>
> >
> > Subsequent patches will actually put the right values in the guest
> > SIE control block.
> >
> > Fixes: a3508fbe9dc6d ("KVM: s390: vsie: initial support for nested
> > virtualization") Cc: stable@vger.kernel.org
> > Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
> > ---
> > arch/s390/kvm/vsie.c | 5 -----
> > 1 file changed, 5 deletions(-)
> >
> > diff --git a/arch/s390/kvm/vsie.c b/arch/s390/kvm/vsie.c
> > index 4f3cbf6003a9..ada49583e530 100644
> > --- a/arch/s390/kvm/vsie.c
> > +++ b/arch/s390/kvm/vsie.c
> > @@ -416,11 +416,6 @@ static void unshadow_scb(struct kvm_vcpu
> > *vcpu, struct vsie_page *vsie_page) memcpy((void *)((u64)scb_o +
> > 0xc0), (void *)((u64)scb_s + 0xc0), 0xf0 - 0xc0);
> > break;
> > - case ICPT_PARTEXEC:
> > - /* MVPG only */
> > - memcpy((void *)((u64)scb_o + 0xc0),
> > - (void *)((u64)scb_s + 0xc0), 0xd0 - 0xc0);
> > - break;
> > }
> >
> > if (scb_s->ihcpu != 0xffffU)
> >
>
>
next prev parent reply other threads:[~2021-01-04 15:25 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-18 14:18 [PATCH v1 0/4] s390/kvm: fix MVPG when in VSIE Claudio Imbrenda
2020-12-18 14:18 ` [PATCH v1 1/4] s390/kvm: VSIE: stop leaking host addresses Claudio Imbrenda
2020-12-20 9:44 ` David Hildenbrand
2021-01-04 13:58 ` Claudio Imbrenda [this message]
2021-01-04 15:36 ` David Hildenbrand
2021-01-19 14:23 ` Janosch Frank
2020-12-18 14:18 ` [PATCH v1 2/4] s390/kvm: extend guest_translate for MVPG interpretation Claudio Imbrenda
2021-01-19 14:59 ` Janosch Frank
2020-12-18 14:18 ` [PATCH v1 3/4] s390/kvm: add kvm_s390_vsie_mvpg_check needed for VSIE MVPG Claudio Imbrenda
2021-01-05 10:31 ` David Hildenbrand
2020-12-18 14:18 ` [PATCH v1 4/4] s390/kvm: VSIE: correctly handle MVPG when in VSIE Claudio Imbrenda
2020-12-20 10:13 ` David Hildenbrand
2021-01-04 15:22 ` Claudio Imbrenda
2021-01-04 16:08 ` David Hildenbrand
2021-01-04 16:36 ` Claudio Imbrenda
2021-01-05 10:17 ` David Hildenbrand
2020-12-20 9:40 ` [PATCH v1 0/4] s390/kvm: fix " David Hildenbrand
2021-01-04 15:23 ` Claudio Imbrenda
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210104145802.7a2274a2@ibm-vm \
--to=imbrenda@linux.ibm.com \
--cc=borntraeger@de.ibm.com \
--cc=david@redhat.com \
--cc=frankja@linux.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.