From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 06E84C2D0E4 for ; Tue, 17 Nov 2020 10:51:18 +0000 (UTC) Received: from mm01.cs.columbia.edu (mm01.cs.columbia.edu [128.59.11.253]) by mail.kernel.org (Postfix) with ESMTP id 2ED1C241A7 for ; Tue, 17 Nov 2020 10:51:16 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="hJb1EcqJ" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 2ED1C241A7 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvmarm-bounces@lists.cs.columbia.edu Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id 759F44B6F1; Tue, 17 Nov 2020 05:51:16 -0500 (EST) X-Virus-Scanned: at lists.cs.columbia.edu Authentication-Results: mm01.cs.columbia.edu (amavisd-new); dkim=softfail (fail, message has been altered) header.i=@kernel.org Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d-9mX599dQlm; Tue, 17 Nov 2020 05:51:15 -0500 (EST) Received: from mm01.cs.columbia.edu (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id 5049F4B732; Tue, 17 Nov 2020 05:51:15 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id 5473C4B71E for ; Tue, 17 Nov 2020 05:51:14 -0500 (EST) X-Virus-Scanned: at lists.cs.columbia.edu Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 33DrlUbBZ5k4 for ; Tue, 17 Nov 2020 05:51:13 -0500 (EST) Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by mm01.cs.columbia.edu (Postfix) with ESMTPS id 36F1D4B6F1 for ; Tue, 17 Nov 2020 05:51:13 -0500 (EST) Received: from disco-boy.misterjones.org (disco-boy.misterjones.org [51.254.78.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id DF07A22447; Tue, 17 Nov 2020 10:51:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1605610272; bh=M9flKwRDRr9z64KmcbSgnOXXghPG2KQsLqY0zyac1Pc=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=hJb1EcqJN7y1+EllTk1nrvx7ql2HD2xrFheKYg8a5Qe1xK4dx+bbBZuRQE43nJsgP cLIg109k/Xs+axWgm62EusuYdb1mhlnsy5YoJwfluMJ9qupSxhcu4yXO2J0KinRL6h 6YzGxnDuj0ANEfmFcJ7Quv/pVpImxgKmhNcqZMsc= Received: from disco-boy.misterjones.org ([51.254.78.96] helo=www.loen.fr) by disco-boy.misterjones.org with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94) (envelope-from ) id 1keyZp-00BIq8-MW; Tue, 17 Nov 2020 10:51:09 +0000 MIME-Version: 1.0 Date: Tue, 17 Nov 2020 10:51:09 +0000 From: Marc Zyngier To: Auger Eric Subject: Re: [PATCH 1/2] KVM: arm64: vgic: Forbid invalid userspace Redistributor accesses In-Reply-To: <5ba4a98e-276b-2462-0580-fe0e007e9b38@redhat.com> References: <20201113142801.1659-1-yuzenghui@huawei.com> <20201113142801.1659-2-yuzenghui@huawei.com> <724c43702b52aac0d3c9beb9604d1bfb@kernel.org> <584b7ff1-ecf2-b0ec-cea3-ccc29902f43a@huawei.com> <7e58200c-814e-3598-155a-9a7e6cc24374@huawei.com> <5ba4a98e-276b-2462-0580-fe0e007e9b38@redhat.com> User-Agent: Roundcube Webmail/1.4.9 Message-ID: <6f4312dbedd6c1d8fa88dc0fc5adcb5d@kernel.org> X-Sender: maz@kernel.org X-SA-Exim-Connect-IP: 51.254.78.96 X-SA-Exim-Rcpt-To: eric.auger@redhat.com, yuzenghui@huawei.com, suzuki.poulose@arm.com, linux-kernel@vger.kernel.org, james.morse@arm.com, linux-arm-kernel@lists.infradead.org, wanghaibin.wang@huawei.com, zhukeqian1@huawei.com, kvmarm@lists.cs.columbia.edu, julien.thierry.kdev@gmail.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false Cc: linux-kernel@vger.kernel.org, kvmarm@lists.cs.columbia.edu, linux-arm-kernel@lists.infradead.org X-BeenThere: kvmarm@lists.cs.columbia.edu X-Mailman-Version: 2.1.14 Precedence: list List-Id: Where KVM/ARM decisions are made List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8"; Format="flowed" Errors-To: kvmarm-bounces@lists.cs.columbia.edu Sender: kvmarm-bounces@lists.cs.columbia.edu T24gMjAyMC0xMS0xNyAwOTo1OSwgQXVnZXIgRXJpYyB3cm90ZToKPiBIaSBNYXJjLAo+IAo+IE9u IDExLzE3LzIwIDk6NDkgQU0sIE1hcmMgWnluZ2llciB3cm90ZToKPj4gSGkgWmVuZ2h1aSwKPj4g Cj4+IE9uIDIwMjAtMTEtMTYgMTQ6NTcsIFplbmdodWkgWXUgd3JvdGU6Cj4+PiBIaSBNYXJjLAo+ Pj4gCj4+PiBPbiAyMDIwLzExLzE2IDIyOjEwLCBNYXJjIFp5bmdpZXIgd3JvdGU6Cj4+Pj4+IE15 IHRha2UgaXMgdGhhdCBvbmx5IGlmIHRoZSAiW1JlXURpc3RyaWJ1dG9yIGJhc2UgYWRkcmVzcyIg aXMgCj4+Pj4+IHNwZWNpZmllZAo+Pj4+PiBpbiB0aGUgc3lzdGVtIG1lbW9yeSBtYXAsIHdpbGwg dGhlIHVzZXItcHJvdmlkZWQgCj4+Pj4+IGt2bV9kZXZpY2VfYXR0ci5vZmZzZXQKPj4+Pj4gbWFr ZSBzZW5zZS4gQW5kIHdlIGNhbiB0aGVuIGhhbmRsZSB0aGUgYWNjZXNzIHRvIHRoZSByZWdpc3Rl ciB3aGljaCAKPj4+Pj4gaXMKPj4+Pj4gZGVmaW5lZCBieSAiYmFzZSBhZGRyZXNzICsgb2Zmc2V0 Ii4KPj4+PiAKPj4+PiBJJ2QgdGVuZCB0byBhZ3JlZSwgYnV0IGl0IGlzIGp1c3QgdGhhdCB0aGlz IGlzIGEgbGFyZ2UgY2hhbmdlIGF0IAo+Pj4+IC1yYzQuCj4+Pj4gSSdkIHJhdGhlciBoYXZlIGEg cXVpY2sgZml4IGZvciA1LjEwLCBhbmQgYSBtb3JlIGludmFzaXZlIGNoYW5nZSBmb3IKPj4+PiA1 LjExLAo+Pj4+IHNwYW5uaW5nIGFsbCB0aGUgcG9zc2libGUgdmdpYyBkZXZpY2VzLgo+Pj4gCj4+ PiBTbyB5b3UgcHJlZmVyIGZpeGluZyBpdCBieSAicmV0dXJuIGEgdmFsdWUgdGhhdCBkb2Vzbid0 IGhhdmUgdGhlIExhc3QKPj4+IGJpdCBzZXQiIGZvciB2NS4xMD8gSSdtIG9rIHdpdGggaXQgYW5k IGNhbiBzZW5kIHYyIGZvciBpdC4KPj4gCj4+IENvb2wuIFRoYW5rcyBmb3IgdGhhdC4KPj4gCj4+ PiBCdHcsIGxvb2tpbmcgYWdhaW4gYXQgdGhlIHdheSB3ZSBoYW5kbGUgdGhlIHVzZXItcmVhZGlu ZyBvZiAKPj4+IEdJQ1JfVFlQRVIKPj4+IAo+Pj4gwqDCoMKgwqB2Z2ljX21taW9fcmVhZF92M3Jf dHlwZXIodmNwdSwgYWRkciwgbGVuKQo+Pj4gCj4+PiBpdCBzZWVtcyB0aGF0IEBhZGRyIGlzIGFj dHVhbGx5IHRoZSAqb2Zmc2V0KiBvZiBHSUNSX1RZUEVSICgweDAwMDgpIAo+Pj4gYW5kCj4+PiBA YWRkciBpcyB1bmxpa2VseSB0byBiZSBlcXVhbCB0byBsYXN0X3JkaXN0X3R5cGVyLCB3aGljaCBp cyB0aGUgKkdQQSogCj4+PiBvZgo+Pj4gdGhlIGxhc3QgUkQuIExvb2tzIGxpa2UgdGhlIHVzZXIt cmVhZGluZyBvZiBHSUNSX1RZUEVSLkxhc3QgaXMgYWx3YXlzCj4+PiBicm9rZW4/Cj4+IAo+PiBJ IHRoaW5rIHlvdSBhcmUgcmlnaHQuIFNvbWVob3csIHdlIGRvbid0IHNlZW0gdG8gdHJhY2sgdGhl IGluZGV4IG9mCj4+IHRoZSBSRCBpbiB0aGUgcmVnaW9uLCBzbyB3ZSBjYW4gbmV2ZXIgY29tcHV0 ZSB0aGUgYWRkcmVzcyBvZiB0aGUgUkQKPj4gZXZlbiBpZiB0aGUgYmFzZSBhZGRyZXNzIGlzIHNl dC4KPj4gCj4+IExldCdzIGRyb3AgdGhlIHJlcG9ydGluZyBvZiBMYXN0IGZvciB1c2Vyc3BhY2Ug Zm9yIG5vdywgYXMgaXQgbmV2ZXIKPj4gd29ya2VkLiBJZiB5b3UgcG9zdCBhIHBhdGNoIGFkZHJl c3NpbmcgdGhhdCBxdWlja2x5LCBJJ2xsIGdldCBpdCB0bwo+PiBQYW9sbyBieSB0aGUgZW5kIG9m IHRoZSB3ZWVrICh0aGVyZSdzIGFub3RoZXIgZml4IHRoYXQgbmVlZHMgbWVyZ2luZykuCj4+IAo+ PiBFcmljOiBkbyB3ZSBoYXZlIGFueSB0ZXN0IGNvdmVyaW5nIHRoZSB1c2Vyc3BhY2UgQVBJPwo+ IAo+IFNvIGFzIHRoaXMgaXNzdWUgc2VlbXMgcmVsYXRlZCB0byB0aGUgY2hhbmdlcyBtYWRlIHdo ZW4gaW1wbGVtZW50aW5nIAo+IHRoZQo+IG11bHRpcGxlIFJESVNUIHJlZ2lvbnMsIEkgdm9sdW50 ZWVyIHRvIHdyaXRlIHRob3NlIEtWTSBzZWxmdGVzdHMgOi0pCgpZb3UncmUgb24hIDpECgpNb3Jl IHNlcmlvdXNseSwgdGhlcmUgaXMgc2NvcGUgZm9yIGZ1enppbmcgdGhlIGRldmljZSBzYXZlL3Jl c3RvcmUgQVBJLAphcyB3ZSBmaW5kIGJ1Z3MgZXZlcnkgdGltZSBzb21lb25lIGNoYW5nZSB0aGUg Imtub3duIGdvb2QiIG9yZGVyaW5nIHRoYXQKaXMgaW1wbGVtZW50ZWQgaW4gUUVNVS4KCk1heWJl IGl0IG1lYW5zIGdldHRpbmcgcmlkIG9mIHNvbWUgdW5uZWNlc3NhcnkgZmxleGliaWxpdHksIGFz IHByb3Bvc2VkCmJ5IFplbmdodWksIGlmIHdlIGFyZSBjb25maWRlbnQgdGhhdCBubyB1c2Vyc3Bh Y2UgbWFrZXMgdXNlIG9mIGl0LgpBbmQgaW4gdGhlIGZ1dHVyZSwgbWFraW5nIHN1cmUgdGhhdCBu ZXcgQVBJcyBhcmUgcmlnaWQgZW5vdWdoIHRvIGF2b2lkIApzdWNoCmJ1Z3MuCgpUaGFua3MsCgog ICAgICAgICBNLgotLSAKSmF6eiBpcyBub3QgZGVhZC4gSXQganVzdCBzbWVsbHMgZnVubnkuLi4K X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18Ka3ZtYXJtIG1h aWxpbmcgbGlzdAprdm1hcm1AbGlzdHMuY3MuY29sdW1iaWEuZWR1Cmh0dHBzOi8vbGlzdHMuY3Mu Y29sdW1iaWEuZWR1L21haWxtYW4vbGlzdGluZm8va3ZtYXJtCg== From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1B32BC2D0E4 for ; Tue, 17 Nov 2020 10:51:44 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 63FC022447 for ; Tue, 17 Nov 2020 10:51:43 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="3FaXeMmD"; dkim=fail reason="signature verification failed" (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="hJb1EcqJ" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 63FC022447 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Type: Content-Transfer-Encoding:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:Message-ID:References:In-Reply-To:Subject:To:From: Date:MIME-Version:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=MYeOpAqzlIjrxfgvJeVQgACTj1eO/Mhkxew72PQ4KME=; b=3FaXeMmDfXclfNpCRzii03bxH tjBAuUGSnVxS8oJSLdPbg0ALFWXoEZB20FLo36IOBsnV2NSK476CtHI5/IbqNSk5IjoDyZTuWzKvZ kfom497WUXZZ4iUD3E6HFEx+Edp/939mwnbC2PLJRIsYwfvaKiYa63oVF4t0x++pwq9EfSvQCYWDj Y7f2lCNECtUQ6sb9U9aNjNsN7FpyhzOUhbzWehfpzohJFkyi8PtgFKnF3m3se8bvfg8STy8hCM8X9 ze71ke0SB2Ugt6aCWyYa3JVNzXXGKlFoG16lQ1hIW5WTcW4te/PGVo4XzVBkUbsaLXY1cTp00omUQ tTml/AwGw==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1keyZv-0003ua-NG; Tue, 17 Nov 2020 10:51:15 +0000 Received: from mail.kernel.org ([198.145.29.99]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1keyZt-0003td-14 for linux-arm-kernel@lists.infradead.org; Tue, 17 Nov 2020 10:51:14 +0000 Received: from disco-boy.misterjones.org (disco-boy.misterjones.org [51.254.78.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id DF07A22447; Tue, 17 Nov 2020 10:51:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1605610272; bh=M9flKwRDRr9z64KmcbSgnOXXghPG2KQsLqY0zyac1Pc=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=hJb1EcqJN7y1+EllTk1nrvx7ql2HD2xrFheKYg8a5Qe1xK4dx+bbBZuRQE43nJsgP cLIg109k/Xs+axWgm62EusuYdb1mhlnsy5YoJwfluMJ9qupSxhcu4yXO2J0KinRL6h 6YzGxnDuj0ANEfmFcJ7Quv/pVpImxgKmhNcqZMsc= Received: from disco-boy.misterjones.org ([51.254.78.96] helo=www.loen.fr) by disco-boy.misterjones.org with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94) (envelope-from ) id 1keyZp-00BIq8-MW; Tue, 17 Nov 2020 10:51:09 +0000 MIME-Version: 1.0 Date: Tue, 17 Nov 2020 10:51:09 +0000 From: Marc Zyngier To: Auger Eric Subject: Re: [PATCH 1/2] KVM: arm64: vgic: Forbid invalid userspace Redistributor accesses In-Reply-To: <5ba4a98e-276b-2462-0580-fe0e007e9b38@redhat.com> References: <20201113142801.1659-1-yuzenghui@huawei.com> <20201113142801.1659-2-yuzenghui@huawei.com> <724c43702b52aac0d3c9beb9604d1bfb@kernel.org> <584b7ff1-ecf2-b0ec-cea3-ccc29902f43a@huawei.com> <7e58200c-814e-3598-155a-9a7e6cc24374@huawei.com> <5ba4a98e-276b-2462-0580-fe0e007e9b38@redhat.com> User-Agent: Roundcube Webmail/1.4.9 Message-ID: <6f4312dbedd6c1d8fa88dc0fc5adcb5d@kernel.org> X-Sender: maz@kernel.org X-SA-Exim-Connect-IP: 51.254.78.96 X-SA-Exim-Rcpt-To: eric.auger@redhat.com, yuzenghui@huawei.com, suzuki.poulose@arm.com, linux-kernel@vger.kernel.org, james.morse@arm.com, linux-arm-kernel@lists.infradead.org, wanghaibin.wang@huawei.com, zhukeqian1@huawei.com, kvmarm@lists.cs.columbia.edu, julien.thierry.kdev@gmail.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201117_055113_247268_09AD36B7 X-CRM114-Status: GOOD ( 21.24 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: suzuki.poulose@arm.com, linux-kernel@vger.kernel.org, james.morse@arm.com, julien.thierry.kdev@gmail.com, Zenghui Yu , wanghaibin.wang@huawei.com, Keqian Zhu , kvmarm@lists.cs.columbia.edu, linux-arm-kernel@lists.infradead.org Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8"; Format="flowed" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org T24gMjAyMC0xMS0xNyAwOTo1OSwgQXVnZXIgRXJpYyB3cm90ZToKPiBIaSBNYXJjLAo+IAo+IE9u IDExLzE3LzIwIDk6NDkgQU0sIE1hcmMgWnluZ2llciB3cm90ZToKPj4gSGkgWmVuZ2h1aSwKPj4g Cj4+IE9uIDIwMjAtMTEtMTYgMTQ6NTcsIFplbmdodWkgWXUgd3JvdGU6Cj4+PiBIaSBNYXJjLAo+ Pj4gCj4+PiBPbiAyMDIwLzExLzE2IDIyOjEwLCBNYXJjIFp5bmdpZXIgd3JvdGU6Cj4+Pj4+IE15 IHRha2UgaXMgdGhhdCBvbmx5IGlmIHRoZSAiW1JlXURpc3RyaWJ1dG9yIGJhc2UgYWRkcmVzcyIg aXMgCj4+Pj4+IHNwZWNpZmllZAo+Pj4+PiBpbiB0aGUgc3lzdGVtIG1lbW9yeSBtYXAsIHdpbGwg dGhlIHVzZXItcHJvdmlkZWQgCj4+Pj4+IGt2bV9kZXZpY2VfYXR0ci5vZmZzZXQKPj4+Pj4gbWFr ZSBzZW5zZS4gQW5kIHdlIGNhbiB0aGVuIGhhbmRsZSB0aGUgYWNjZXNzIHRvIHRoZSByZWdpc3Rl ciB3aGljaCAKPj4+Pj4gaXMKPj4+Pj4gZGVmaW5lZCBieSAiYmFzZSBhZGRyZXNzICsgb2Zmc2V0 Ii4KPj4+PiAKPj4+PiBJJ2QgdGVuZCB0byBhZ3JlZSwgYnV0IGl0IGlzIGp1c3QgdGhhdCB0aGlz IGlzIGEgbGFyZ2UgY2hhbmdlIGF0IAo+Pj4+IC1yYzQuCj4+Pj4gSSdkIHJhdGhlciBoYXZlIGEg cXVpY2sgZml4IGZvciA1LjEwLCBhbmQgYSBtb3JlIGludmFzaXZlIGNoYW5nZSBmb3IKPj4+PiA1 LjExLAo+Pj4+IHNwYW5uaW5nIGFsbCB0aGUgcG9zc2libGUgdmdpYyBkZXZpY2VzLgo+Pj4gCj4+ PiBTbyB5b3UgcHJlZmVyIGZpeGluZyBpdCBieSAicmV0dXJuIGEgdmFsdWUgdGhhdCBkb2Vzbid0 IGhhdmUgdGhlIExhc3QKPj4+IGJpdCBzZXQiIGZvciB2NS4xMD8gSSdtIG9rIHdpdGggaXQgYW5k IGNhbiBzZW5kIHYyIGZvciBpdC4KPj4gCj4+IENvb2wuIFRoYW5rcyBmb3IgdGhhdC4KPj4gCj4+ PiBCdHcsIGxvb2tpbmcgYWdhaW4gYXQgdGhlIHdheSB3ZSBoYW5kbGUgdGhlIHVzZXItcmVhZGlu ZyBvZiAKPj4+IEdJQ1JfVFlQRVIKPj4+IAo+Pj4gwqDCoMKgwqB2Z2ljX21taW9fcmVhZF92M3Jf dHlwZXIodmNwdSwgYWRkciwgbGVuKQo+Pj4gCj4+PiBpdCBzZWVtcyB0aGF0IEBhZGRyIGlzIGFj dHVhbGx5IHRoZSAqb2Zmc2V0KiBvZiBHSUNSX1RZUEVSICgweDAwMDgpIAo+Pj4gYW5kCj4+PiBA YWRkciBpcyB1bmxpa2VseSB0byBiZSBlcXVhbCB0byBsYXN0X3JkaXN0X3R5cGVyLCB3aGljaCBp cyB0aGUgKkdQQSogCj4+PiBvZgo+Pj4gdGhlIGxhc3QgUkQuIExvb2tzIGxpa2UgdGhlIHVzZXIt cmVhZGluZyBvZiBHSUNSX1RZUEVSLkxhc3QgaXMgYWx3YXlzCj4+PiBicm9rZW4/Cj4+IAo+PiBJ IHRoaW5rIHlvdSBhcmUgcmlnaHQuIFNvbWVob3csIHdlIGRvbid0IHNlZW0gdG8gdHJhY2sgdGhl IGluZGV4IG9mCj4+IHRoZSBSRCBpbiB0aGUgcmVnaW9uLCBzbyB3ZSBjYW4gbmV2ZXIgY29tcHV0 ZSB0aGUgYWRkcmVzcyBvZiB0aGUgUkQKPj4gZXZlbiBpZiB0aGUgYmFzZSBhZGRyZXNzIGlzIHNl dC4KPj4gCj4+IExldCdzIGRyb3AgdGhlIHJlcG9ydGluZyBvZiBMYXN0IGZvciB1c2Vyc3BhY2Ug Zm9yIG5vdywgYXMgaXQgbmV2ZXIKPj4gd29ya2VkLiBJZiB5b3UgcG9zdCBhIHBhdGNoIGFkZHJl c3NpbmcgdGhhdCBxdWlja2x5LCBJJ2xsIGdldCBpdCB0bwo+PiBQYW9sbyBieSB0aGUgZW5kIG9m IHRoZSB3ZWVrICh0aGVyZSdzIGFub3RoZXIgZml4IHRoYXQgbmVlZHMgbWVyZ2luZykuCj4+IAo+ PiBFcmljOiBkbyB3ZSBoYXZlIGFueSB0ZXN0IGNvdmVyaW5nIHRoZSB1c2Vyc3BhY2UgQVBJPwo+ IAo+IFNvIGFzIHRoaXMgaXNzdWUgc2VlbXMgcmVsYXRlZCB0byB0aGUgY2hhbmdlcyBtYWRlIHdo ZW4gaW1wbGVtZW50aW5nIAo+IHRoZQo+IG11bHRpcGxlIFJESVNUIHJlZ2lvbnMsIEkgdm9sdW50 ZWVyIHRvIHdyaXRlIHRob3NlIEtWTSBzZWxmdGVzdHMgOi0pCgpZb3UncmUgb24hIDpECgpNb3Jl IHNlcmlvdXNseSwgdGhlcmUgaXMgc2NvcGUgZm9yIGZ1enppbmcgdGhlIGRldmljZSBzYXZlL3Jl c3RvcmUgQVBJLAphcyB3ZSBmaW5kIGJ1Z3MgZXZlcnkgdGltZSBzb21lb25lIGNoYW5nZSB0aGUg Imtub3duIGdvb2QiIG9yZGVyaW5nIHRoYXQKaXMgaW1wbGVtZW50ZWQgaW4gUUVNVS4KCk1heWJl IGl0IG1lYW5zIGdldHRpbmcgcmlkIG9mIHNvbWUgdW5uZWNlc3NhcnkgZmxleGliaWxpdHksIGFz IHByb3Bvc2VkCmJ5IFplbmdodWksIGlmIHdlIGFyZSBjb25maWRlbnQgdGhhdCBubyB1c2Vyc3Bh Y2UgbWFrZXMgdXNlIG9mIGl0LgpBbmQgaW4gdGhlIGZ1dHVyZSwgbWFraW5nIHN1cmUgdGhhdCBu ZXcgQVBJcyBhcmUgcmlnaWQgZW5vdWdoIHRvIGF2b2lkIApzdWNoCmJ1Z3MuCgpUaGFua3MsCgog ICAgICAgICBNLgotLSAKSmF6eiBpcyBub3QgZGVhZC4gSXQganVzdCBzbWVsbHMgZnVubnkuLi4K Cl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCmxpbnV4LWFy bS1rZXJuZWwgbWFpbGluZyBsaXN0CmxpbnV4LWFybS1rZXJuZWxAbGlzdHMuaW5mcmFkZWFkLm9y ZwpodHRwOi8vbGlzdHMuaW5mcmFkZWFkLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2xpbnV4LWFybS1r ZXJuZWwK From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 690C9C63777 for ; Tue, 17 Nov 2020 10:51:14 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 097D024199 for ; Tue, 17 Nov 2020 10:51:13 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="hJb1EcqJ" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727897AbgKQKvN (ORCPT ); Tue, 17 Nov 2020 05:51:13 -0500 Received: from mail.kernel.org ([198.145.29.99]:59332 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726310AbgKQKvM (ORCPT ); Tue, 17 Nov 2020 05:51:12 -0500 Received: from disco-boy.misterjones.org (disco-boy.misterjones.org [51.254.78.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id DF07A22447; Tue, 17 Nov 2020 10:51:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1605610272; bh=M9flKwRDRr9z64KmcbSgnOXXghPG2KQsLqY0zyac1Pc=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=hJb1EcqJN7y1+EllTk1nrvx7ql2HD2xrFheKYg8a5Qe1xK4dx+bbBZuRQE43nJsgP cLIg109k/Xs+axWgm62EusuYdb1mhlnsy5YoJwfluMJ9qupSxhcu4yXO2J0KinRL6h 6YzGxnDuj0ANEfmFcJ7Quv/pVpImxgKmhNcqZMsc= Received: from disco-boy.misterjones.org ([51.254.78.96] helo=www.loen.fr) by disco-boy.misterjones.org with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94) (envelope-from ) id 1keyZp-00BIq8-MW; Tue, 17 Nov 2020 10:51:09 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Date: Tue, 17 Nov 2020 10:51:09 +0000 From: Marc Zyngier To: Auger Eric Cc: Zenghui Yu , suzuki.poulose@arm.com, linux-kernel@vger.kernel.org, james.morse@arm.com, linux-arm-kernel@lists.infradead.org, wanghaibin.wang@huawei.com, Keqian Zhu , kvmarm@lists.cs.columbia.edu, julien.thierry.kdev@gmail.com Subject: Re: [PATCH 1/2] KVM: arm64: vgic: Forbid invalid userspace Redistributor accesses In-Reply-To: <5ba4a98e-276b-2462-0580-fe0e007e9b38@redhat.com> References: <20201113142801.1659-1-yuzenghui@huawei.com> <20201113142801.1659-2-yuzenghui@huawei.com> <724c43702b52aac0d3c9beb9604d1bfb@kernel.org> <584b7ff1-ecf2-b0ec-cea3-ccc29902f43a@huawei.com> <7e58200c-814e-3598-155a-9a7e6cc24374@huawei.com> <5ba4a98e-276b-2462-0580-fe0e007e9b38@redhat.com> User-Agent: Roundcube Webmail/1.4.9 Message-ID: <6f4312dbedd6c1d8fa88dc0fc5adcb5d@kernel.org> X-Sender: maz@kernel.org X-SA-Exim-Connect-IP: 51.254.78.96 X-SA-Exim-Rcpt-To: eric.auger@redhat.com, yuzenghui@huawei.com, suzuki.poulose@arm.com, linux-kernel@vger.kernel.org, james.morse@arm.com, linux-arm-kernel@lists.infradead.org, wanghaibin.wang@huawei.com, zhukeqian1@huawei.com, kvmarm@lists.cs.columbia.edu, julien.thierry.kdev@gmail.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2020-11-17 09:59, Auger Eric wrote: > Hi Marc, > > On 11/17/20 9:49 AM, Marc Zyngier wrote: >> Hi Zenghui, >> >> On 2020-11-16 14:57, Zenghui Yu wrote: >>> Hi Marc, >>> >>> On 2020/11/16 22:10, Marc Zyngier wrote: >>>>> My take is that only if the "[Re]Distributor base address" is >>>>> specified >>>>> in the system memory map, will the user-provided >>>>> kvm_device_attr.offset >>>>> make sense. And we can then handle the access to the register which >>>>> is >>>>> defined by "base address + offset". >>>> >>>> I'd tend to agree, but it is just that this is a large change at >>>> -rc4. >>>> I'd rather have a quick fix for 5.10, and a more invasive change for >>>> 5.11, >>>> spanning all the possible vgic devices. >>> >>> So you prefer fixing it by "return a value that doesn't have the Last >>> bit set" for v5.10? I'm ok with it and can send v2 for it. >> >> Cool. Thanks for that. >> >>> Btw, looking again at the way we handle the user-reading of >>> GICR_TYPER >>> >>>     vgic_mmio_read_v3r_typer(vcpu, addr, len) >>> >>> it seems that @addr is actually the *offset* of GICR_TYPER (0x0008) >>> and >>> @addr is unlikely to be equal to last_rdist_typer, which is the *GPA* >>> of >>> the last RD. Looks like the user-reading of GICR_TYPER.Last is always >>> broken? >> >> I think you are right. Somehow, we don't seem to track the index of >> the RD in the region, so we can never compute the address of the RD >> even if the base address is set. >> >> Let's drop the reporting of Last for userspace for now, as it never >> worked. If you post a patch addressing that quickly, I'll get it to >> Paolo by the end of the week (there's another fix that needs merging). >> >> Eric: do we have any test covering the userspace API? > > So as this issue seems related to the changes made when implementing > the > multiple RDIST regions, I volunteer to write those KVM selftests :-) You're on! :D More seriously, there is scope for fuzzing the device save/restore API, as we find bugs every time someone change the "known good" ordering that is implemented in QEMU. Maybe it means getting rid of some unnecessary flexibility, as proposed by Zenghui, if we are confident that no userspace makes use of it. And in the future, making sure that new APIs are rigid enough to avoid such bugs. Thanks, M. -- Jazz is not dead. It just smells funny...