From: Marc Zyngier <maz@kernel.org>
To: Nina Schoetterl-Glausch <nsg@linux.ibm.com>
Cc: linux-arm-kernel@lists.infradead.org,
kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org,
James Morse <james.morse@arm.com>,
Julien Thierry <julien.thierry.kdev@gmail.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Andrew Scull <ascull@google.com>, Will Deacon <will@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Quentin Perret <qperret@google.com>,
David Brazdil <dbrazdil@google.com>,
kernel-team@android.com
Subject: Re: [PATCH v2 11/11] KVM: arm64: Get rid of the AArch32 register mapping code
Date: Thu, 23 May 2024 17:04:05 +0100 [thread overview]
Message-ID: <86le40ms5m.wl-maz@kernel.org> (raw)
In-Reply-To: <66a7077c5df86d0a541237996382ae583d690a14.camel@linux.ibm.com>
Hi Nina,
On Thu, 23 May 2024 15:25:21 +0100,
Nina Schoetterl-Glausch <nsg@linux.ibm.com> wrote:
>
> On Mon, 2020-11-02 at 16:40 +0000, Marc Zyngier wrote:
Wow, you're digging out the old dregs... But it is worth it!
>
> [...]
>
> > diff --git a/arch/arm64/kvm/guest.c b/arch/arm64/kvm/guest.c
> > index dfb5218137ca..3f23f7478d2a 100644
> > --- a/arch/arm64/kvm/guest.c
> > +++ b/arch/arm64/kvm/guest.c
> > @@ -252,10 +252,32 @@ static int set_core_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg)
> > memcpy(addr, valp, KVM_REG_SIZE(reg->id));
>
> I was looking at KVM_(G|S)ET_ONE_REG implementations and something looks off to me here:
>
> ...
>
> if (off == KVM_REG_ARM_CORE_REG(regs.pstate)) {
> u64 mode = (*(u64 *)valp) & PSR_AA32_MODE_MASK;
> switch (mode) {
>
> Masking and switch over mode here...
>
> case PSR_AA32_MODE_USR:
> if (!kvm_supports_32bit_el0())
> return -EINVAL;
> break;
> case PSR_AA32_MODE_FIQ:
> case PSR_AA32_MODE_IRQ:
> ...
> >
> > if (*vcpu_cpsr(vcpu) & PSR_MODE32_BIT) {
> > - int i;
> > + int i, nr_reg;
> > +
> > + switch (*vcpu_cpsr(vcpu)) {
>
> ...but switching over mode without masking here.
> I don't know if this is as intended, but I thought I'd mention it.
Amazing. Thanks for spotting this. This is indeed broken. I guess this
was not spotted because userspace is not totally broken itself.
Do you want to submit a fix adding the masking back? or should I do it
myself?
Thanks again,
M.
--
Without deviation from the norm, progress is not possible.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Marc Zyngier <maz@kernel.org>
To: Nina Schoetterl-Glausch <nsg@linux.ibm.com>
Cc: linux-arm-kernel@lists.infradead.org,
kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org,
James Morse <james.morse@arm.com>,
Julien Thierry <julien.thierry.kdev@gmail.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Andrew Scull <ascull@google.com>, Will Deacon <will@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Quentin Perret <qperret@google.com>,
David Brazdil <dbrazdil@google.com>,
kernel-team@android.com
Subject: Re: [PATCH v2 11/11] KVM: arm64: Get rid of the AArch32 register mapping code
Date: Thu, 23 May 2024 17:04:05 +0100 [thread overview]
Message-ID: <86le40ms5m.wl-maz@kernel.org> (raw)
In-Reply-To: <66a7077c5df86d0a541237996382ae583d690a14.camel@linux.ibm.com>
Hi Nina,
On Thu, 23 May 2024 15:25:21 +0100,
Nina Schoetterl-Glausch <nsg@linux.ibm.com> wrote:
>
> On Mon, 2020-11-02 at 16:40 +0000, Marc Zyngier wrote:
Wow, you're digging out the old dregs... But it is worth it!
>
> [...]
>
> > diff --git a/arch/arm64/kvm/guest.c b/arch/arm64/kvm/guest.c
> > index dfb5218137ca..3f23f7478d2a 100644
> > --- a/arch/arm64/kvm/guest.c
> > +++ b/arch/arm64/kvm/guest.c
> > @@ -252,10 +252,32 @@ static int set_core_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg)
> > memcpy(addr, valp, KVM_REG_SIZE(reg->id));
>
> I was looking at KVM_(G|S)ET_ONE_REG implementations and something looks off to me here:
>
> ...
>
> if (off == KVM_REG_ARM_CORE_REG(regs.pstate)) {
> u64 mode = (*(u64 *)valp) & PSR_AA32_MODE_MASK;
> switch (mode) {
>
> Masking and switch over mode here...
>
> case PSR_AA32_MODE_USR:
> if (!kvm_supports_32bit_el0())
> return -EINVAL;
> break;
> case PSR_AA32_MODE_FIQ:
> case PSR_AA32_MODE_IRQ:
> ...
> >
> > if (*vcpu_cpsr(vcpu) & PSR_MODE32_BIT) {
> > - int i;
> > + int i, nr_reg;
> > +
> > + switch (*vcpu_cpsr(vcpu)) {
>
> ...but switching over mode without masking here.
> I don't know if this is as intended, but I thought I'd mention it.
Amazing. Thanks for spotting this. This is indeed broken. I guess this
was not spotted because userspace is not totally broken itself.
Do you want to submit a fix adding the masking back? or should I do it
myself?
Thanks again,
M.
--
Without deviation from the norm, progress is not possible.
next prev parent reply other threads:[~2024-05-23 16:04 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-02 16:40 [PATCH v2 00/11] KVM: arm64: Move PC/ELR/SPSR/PSTATE updatess to EL2 Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` [PATCH v2 01/11] KVM: arm64: Don't adjust PC on SError during SMC trap Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` [PATCH v2 02/11] KVM: arm64: Move kvm_vcpu_trap_il_is32bit into kvm_skip_instr32() Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` [PATCH v2 03/11] KVM: arm64: Make kvm_skip_instr() and co private to HYP Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2021-05-05 14:23 ` Zenghui Yu
2021-05-05 14:23 ` Zenghui Yu
2021-05-05 14:23 ` Zenghui Yu
2021-05-05 16:46 ` Marc Zyngier
2021-05-05 16:46 ` Marc Zyngier
2021-05-05 16:46 ` Marc Zyngier
2021-05-06 6:33 ` Marc Zyngier
2021-05-06 6:33 ` Marc Zyngier
2021-05-06 6:33 ` Marc Zyngier
2021-05-06 11:43 ` Zenghui Yu
2021-05-06 11:43 ` Zenghui Yu
2021-05-06 11:43 ` Zenghui Yu
2021-05-06 14:29 ` Marc Zyngier
2021-05-06 14:29 ` Marc Zyngier
2021-05-06 14:29 ` Marc Zyngier
2021-05-09 13:07 ` Zenghui Yu
2021-05-09 13:07 ` Zenghui Yu
2021-05-09 13:07 ` Zenghui Yu
2021-05-10 7:59 ` Marc Zyngier
2021-05-10 7:59 ` Marc Zyngier
2021-05-10 7:59 ` Marc Zyngier
2021-05-06 17:17 ` Marc Zyngier
2021-05-06 17:17 ` Marc Zyngier
2021-05-06 17:17 ` Marc Zyngier
2020-11-02 16:40 ` [PATCH v2 04/11] KVM: arm64: Move PC rollback on SError " Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` [PATCH v2 05/11] KVM: arm64: Move VHE direct sysreg accessors into kvm_host.h Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` [PATCH v2 06/11] KVM: arm64: Add basic hooks for injecting exceptions from EL2 Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` [PATCH v2 07/11] KVM: arm64: Inject AArch64 exceptions from HYP Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` [PATCH v2 08/11] KVM: arm64: Inject AArch32 " Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` [PATCH v2 09/11] KVM: arm64: Remove SPSR manipulation primitives Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` [PATCH v2 10/11] KVM: arm64: Consolidate exception injection Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` [PATCH v2 11/11] KVM: arm64: Get rid of the AArch32 register mapping code Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2020-11-02 16:40 ` Marc Zyngier
2024-05-23 14:25 ` Nina Schoetterl-Glausch
2024-05-23 14:25 ` Nina Schoetterl-Glausch
2024-05-23 16:04 ` Marc Zyngier [this message]
2024-05-23 16:04 ` Marc Zyngier
2024-05-23 16:19 ` Nina Schoetterl-Glausch
2024-05-23 16:19 ` Nina Schoetterl-Glausch
2024-05-23 18:18 ` Marc Zyngier
2024-05-23 18:18 ` Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86le40ms5m.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=ascull@google.com \
--cc=dbrazdil@google.com \
--cc=james.morse@arm.com \
--cc=julien.thierry.kdev@gmail.com \
--cc=kernel-team@android.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=mark.rutland@arm.com \
--cc=nsg@linux.ibm.com \
--cc=qperret@google.com \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.