From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
To: kvm@vger.kernel.org
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Maxim Levitsky <mlevitsk@redhat.com>,
Sean Christopherson <seanjc@google.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
linux-kernel@vger.kernel.org,
Emanuele Giuseppe Esposito <eesposit@redhat.com>
Subject: [PATCH 0/2] KVM: nSVM: avoid TOC/TOU race when checking vmcb12
Date: Mon, 9 Aug 2021 16:53:41 +0200 [thread overview]
Message-ID: <20210809145343.97685-1-eesposit@redhat.com> (raw)
Currently there is a TOC/TOU race between the first check of vmcb12's
efer, cr0 and cr4 registers and the later save of their values in
svm_set_*, because the guest could modify the values in the meanwhile.
To solve this issue, this serie 1) moves the actual check nearer to the
usage (from nested_svm_vmrun to enter_svm_guest_mode), possible thanks
to the patch "KVM: nSVM: remove useless kvm_clear_*_queue"
and 2) adds local variables in enter_svm_guest_mode to save the
current value of efer, cr0 and cr4 and later use these to set the
vcpu->arch.* state.
Patch 1 just refactors the code to simplify the second patch, where
we move the TOC nearer to the TOU and use local variables.
Based-on: <20210802125634.309874-1-pbonzini@redhat.com>
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Emanuele Giuseppe Esposito (2):
KVM: nSVM: move nested_vmcb_check_cr3_cr4 logic in
nested_vmcb_valid_sregs
KVM: nSVM: temporarly save vmcb12's efer, cr0 and cr4 to avoid TOC/TOU
races
arch/x86/kvm/svm/nested.c | 99 ++++++++++++++++++---------------------
1 file changed, 45 insertions(+), 54 deletions(-)
--
2.31.1
next reply other threads:[~2021-08-09 14:54 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-09 14:53 Emanuele Giuseppe Esposito [this message]
2021-08-09 14:53 ` [PATCH 1/2] KVM: nSVM: move nested_vmcb_check_cr3_cr4 logic in nested_vmcb_valid_sregs Emanuele Giuseppe Esposito
2021-08-11 20:37 ` Maxim Levitsky
2021-08-09 14:53 ` [PATCH 2/2] KVM: nSVM: temporarly save vmcb12's efer, cr0 and cr4 to avoid TOC/TOU races Emanuele Giuseppe Esposito
2021-08-10 9:15 ` Paolo Bonzini
2021-08-11 20:37 ` Maxim Levitsky
2021-08-11 23:25 ` Sean Christopherson
2021-08-25 12:40 ` Emanuele Giuseppe Esposito
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210809145343.97685-1-eesposit@redhat.com \
--to=eesposit@redhat.com \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=mlevitsk@redhat.com \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.