From: Suraj Jitindar Singh <sjitindarsingh@gmail.com>
To: Marc Zyngier <maz@kernel.org>
Cc: stable@vger.kernel.org, james.morse@arm.com,
alexandru.elisei@arm.com, suzuki.poulose@arm.com,
oliver.upton@linux.dev, catalin.marinas@arm.com,
linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev,
linux-kernel@vger.kernel.org, Will Deacon <will@kernel.org>,
Quentin Perret <qperret@google.com>
Subject: Re: [PATCH stable 6.1.y 2/2] KVM: arm64: Prevent unconditional donation of unmapped regions from the host
Date: Thu, 21 Sep 2023 15:25:19 -0700 [thread overview]
Message-ID: <2031eecaa417d4f6021717dcbbba133d784add72.camel@gmail.com> (raw)
In-Reply-To: <877cok3skn.wl-maz@kernel.org>
On Thu, 2023-09-21 at 08:15 +0100, Marc Zyngier wrote:
> On Wed, 20 Sep 2023 20:27:29 +0100,
> Suraj Jitindar Singh <surajjs@amazon.com> wrote:
> >
> > From: Will Deacon <will@kernel.org>
> >
> > commit 09cce60bddd6461a93a5bf434265a47827d1bc6f upstream.
> >
> > Since host stage-2 mappings are created lazily, we cannot rely
> > solely on
> > the pte in order to recover the target physical address when
> > checking a
> > host-initiated memory transition as this permits donation of
> > unmapped
> > regions corresponding to MMIO or "no-map" memory.
> >
> > Instead of inspecting the pte, move the addr_is_allowed_memory()
> > check
> > into the host callback function where it is passed the physical
> > address
> > directly from the walker.
> >
> > Cc: Quentin Perret <qperret@google.com>
> > Fixes: e82edcc75c4e ("KVM: arm64: Implement do_share() helper for
> > sharing memory")
> > Signed-off-by: Will Deacon <will@kernel.org>
> > Signed-off-by: Marc Zyngier <maz@kernel.org>
> > Link:
> > https://lore.kernel.org/r/20230518095844.1178-1-will@kernel.org
> > [ bp: s/ctx->addr/addr in __check_page_state_visitor due to missing
> > commit
> > "KVM: arm64: Combine visitor arguments into a context
> > structure"
> > in stable.
> > ]
>
> Same question.
Noting what changes were made to the patch from the upstream mainline
version when it was applied to the stable tree.
>
> > Signed-off-by: Suraj Jitindar Singh <surajjs@amazon.com>
>
> Again, I find this backport pretty pointless. What is the rationale
> for it?
The 2 patches were backported to address CVE-2023-21264.
This one addresses the CVE.
Thanks
>
> M.
>
WARNING: multiple messages have this Message-ID (diff)
From: Suraj Jitindar Singh <sjitindarsingh@gmail.com>
To: Marc Zyngier <maz@kernel.org>
Cc: stable@vger.kernel.org, james.morse@arm.com,
alexandru.elisei@arm.com, suzuki.poulose@arm.com,
oliver.upton@linux.dev, catalin.marinas@arm.com,
linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev,
linux-kernel@vger.kernel.org, Will Deacon <will@kernel.org>,
Quentin Perret <qperret@google.com>
Subject: Re: [PATCH stable 6.1.y 2/2] KVM: arm64: Prevent unconditional donation of unmapped regions from the host
Date: Thu, 21 Sep 2023 15:25:19 -0700 [thread overview]
Message-ID: <2031eecaa417d4f6021717dcbbba133d784add72.camel@gmail.com> (raw)
In-Reply-To: <877cok3skn.wl-maz@kernel.org>
On Thu, 2023-09-21 at 08:15 +0100, Marc Zyngier wrote:
> On Wed, 20 Sep 2023 20:27:29 +0100,
> Suraj Jitindar Singh <surajjs@amazon.com> wrote:
> >
> > From: Will Deacon <will@kernel.org>
> >
> > commit 09cce60bddd6461a93a5bf434265a47827d1bc6f upstream.
> >
> > Since host stage-2 mappings are created lazily, we cannot rely
> > solely on
> > the pte in order to recover the target physical address when
> > checking a
> > host-initiated memory transition as this permits donation of
> > unmapped
> > regions corresponding to MMIO or "no-map" memory.
> >
> > Instead of inspecting the pte, move the addr_is_allowed_memory()
> > check
> > into the host callback function where it is passed the physical
> > address
> > directly from the walker.
> >
> > Cc: Quentin Perret <qperret@google.com>
> > Fixes: e82edcc75c4e ("KVM: arm64: Implement do_share() helper for
> > sharing memory")
> > Signed-off-by: Will Deacon <will@kernel.org>
> > Signed-off-by: Marc Zyngier <maz@kernel.org>
> > Link:
> > https://lore.kernel.org/r/20230518095844.1178-1-will@kernel.org
> > [ bp: s/ctx->addr/addr in __check_page_state_visitor due to missing
> > commit
> > "KVM: arm64: Combine visitor arguments into a context
> > structure"
> > in stable.
> > ]
>
> Same question.
Noting what changes were made to the patch from the upstream mainline
version when it was applied to the stable tree.
>
> > Signed-off-by: Suraj Jitindar Singh <surajjs@amazon.com>
>
> Again, I find this backport pretty pointless. What is the rationale
> for it?
The 2 patches were backported to address CVE-2023-21264.
This one addresses the CVE.
Thanks
>
> M.
>
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2023-09-21 22:25 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-20 19:27 [PATCH stable 6.1.y 1/2] KVM: arm64: Prevent the donation of no-map pages Suraj Jitindar Singh
2023-09-20 19:27 ` Suraj Jitindar Singh
2023-09-20 19:27 ` [PATCH stable 6.1.y 2/2] KVM: arm64: Prevent unconditional donation of unmapped regions from the host Suraj Jitindar Singh
2023-09-20 19:27 ` Suraj Jitindar Singh
2023-09-21 7:15 ` Marc Zyngier
2023-09-21 7:15 ` Marc Zyngier
2023-09-21 22:25 ` Suraj Jitindar Singh [this message]
2023-09-21 22:25 ` Suraj Jitindar Singh
2023-09-21 7:13 ` [PATCH stable 6.1.y 1/2] KVM: arm64: Prevent the donation of no-map pages Marc Zyngier
2023-09-21 7:13 ` Marc Zyngier
2023-09-21 22:22 ` Jitindar Singh, Suraj
2023-09-21 22:22 ` Jitindar Singh, Suraj
2023-09-22 9:25 ` Greg KH
2023-09-22 9:25 ` Greg KH
2023-09-22 10:08 ` Marc Zyngier
2023-09-22 10:08 ` Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2031eecaa417d4f6021717dcbbba133d784add72.camel@gmail.com \
--to=sjitindarsingh@gmail.com \
--cc=alexandru.elisei@arm.com \
--cc=catalin.marinas@arm.com \
--cc=james.morse@arm.com \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=qperret@google.com \
--cc=stable@vger.kernel.org \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.