From: Quentin Perret <qperret@google.com>
To: Mike Rapoport <rppt@kernel.org>
Cc: kernel-team@android.com, Will Deacon <will@kernel.org>,
Marc Zyngier <maz@kernel.org>,
linux-kernel@vger.kernel.org,
Catalin Marinas <catalin.marinas@arm.com>,
kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH] KVM: arm64: Prevent kmemleak from accessing pKVM memory
Date: Fri, 17 Jun 2022 08:45:48 +0000 [thread overview]
Message-ID: <Yqw/PI6jF5HZTvxB@google.com> (raw)
In-Reply-To: <Yqw9dou3qgpAKQkZ@kernel.org>
On Friday 17 Jun 2022 at 11:38:14 (+0300), Mike Rapoport wrote:
> On Fri, Jun 17, 2022 at 09:21:31AM +0100, Marc Zyngier wrote:
> > On Thu, 16 Jun 2022 16:11:34 +0000, Quentin Perret wrote:
> > > Commit a7259df76702 ("memblock: make memblock_find_in_range method
> > > private") changed the API using which memory is reserved for the pKVM
> > > hypervisor. However, it seems that memblock_phys_alloc() differs
> > > from the original API in terms of kmemleak semantics -- the old one
> > > excluded the reserved regions from kmemleak scans when the new one
> > > doesn't seem to. Unfortunately, when protected KVM is enabled, all
> > > kernel accesses to pKVM-private memory result in a fatal exception,
> > > which can now happen because of kmemleak scans:
> > >
> > > [...]
> >
> > Applied to fixes, thanks!
> >
> > [1/1] KVM: arm64: Prevent kmemleak from accessing pKVM memory
> > commit: 9e5afa8a537f742bccc2cd91bc0bef4b6483ee98
>
> I'd really like to update the changelog to this:
>
> Commit a7259df76702 ("memblock: make memblock_find_in_range method
> private") changed the API using which memory is reserved for the pKVM
> hypervisor. However, memblock_phys_alloc() differs from the original API in
> terms of kmemleak semantics -- the old one didn't report the reserved
> regions to kmemleak while the new one does. Unfortunately, when protected
> KVM is enabled, all kernel accesses to pKVM-private memory result in a
> fatal exception, which can now happen because of kmemleak scans:
>
> $ echo scan > /sys/kernel/debug/kmemleak
> [ 34.991354] kvm [304]: nVHE hyp BUG at: [<ffff800008fa3750>] __kvm_nvhe_handle_host_mem_abort+0x270/0x290!
> ...
>
> Fix this by explicitly excluding the hypervisor's memory pool from
> kmemleak like we already do for the hyp BSS.
Looks good to me, thanks.
Quentin
_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
WARNING: multiple messages have this Message-ID (diff)
From: Quentin Perret <qperret@google.com>
To: Mike Rapoport <rppt@kernel.org>
Cc: Marc Zyngier <maz@kernel.org>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Alexandru Elisei <alexandru.elisei@arm.com>,
linux-arm-kernel@lists.infradead.org,
Catalin Marinas <catalin.marinas@arm.com>,
kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org,
James Morse <james.morse@arm.com>, Will Deacon <will@kernel.org>,
kernel-team@android.com
Subject: Re: [PATCH] KVM: arm64: Prevent kmemleak from accessing pKVM memory
Date: Fri, 17 Jun 2022 08:45:48 +0000 [thread overview]
Message-ID: <Yqw/PI6jF5HZTvxB@google.com> (raw)
In-Reply-To: <Yqw9dou3qgpAKQkZ@kernel.org>
On Friday 17 Jun 2022 at 11:38:14 (+0300), Mike Rapoport wrote:
> On Fri, Jun 17, 2022 at 09:21:31AM +0100, Marc Zyngier wrote:
> > On Thu, 16 Jun 2022 16:11:34 +0000, Quentin Perret wrote:
> > > Commit a7259df76702 ("memblock: make memblock_find_in_range method
> > > private") changed the API using which memory is reserved for the pKVM
> > > hypervisor. However, it seems that memblock_phys_alloc() differs
> > > from the original API in terms of kmemleak semantics -- the old one
> > > excluded the reserved regions from kmemleak scans when the new one
> > > doesn't seem to. Unfortunately, when protected KVM is enabled, all
> > > kernel accesses to pKVM-private memory result in a fatal exception,
> > > which can now happen because of kmemleak scans:
> > >
> > > [...]
> >
> > Applied to fixes, thanks!
> >
> > [1/1] KVM: arm64: Prevent kmemleak from accessing pKVM memory
> > commit: 9e5afa8a537f742bccc2cd91bc0bef4b6483ee98
>
> I'd really like to update the changelog to this:
>
> Commit a7259df76702 ("memblock: make memblock_find_in_range method
> private") changed the API using which memory is reserved for the pKVM
> hypervisor. However, memblock_phys_alloc() differs from the original API in
> terms of kmemleak semantics -- the old one didn't report the reserved
> regions to kmemleak while the new one does. Unfortunately, when protected
> KVM is enabled, all kernel accesses to pKVM-private memory result in a
> fatal exception, which can now happen because of kmemleak scans:
>
> $ echo scan > /sys/kernel/debug/kmemleak
> [ 34.991354] kvm [304]: nVHE hyp BUG at: [<ffff800008fa3750>] __kvm_nvhe_handle_host_mem_abort+0x270/0x290!
> ...
>
> Fix this by explicitly excluding the hypervisor's memory pool from
> kmemleak like we already do for the hyp BSS.
Looks good to me, thanks.
Quentin
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Quentin Perret <qperret@google.com>
To: Mike Rapoport <rppt@kernel.org>
Cc: Marc Zyngier <maz@kernel.org>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Alexandru Elisei <alexandru.elisei@arm.com>,
linux-arm-kernel@lists.infradead.org,
Catalin Marinas <catalin.marinas@arm.com>,
kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org,
James Morse <james.morse@arm.com>, Will Deacon <will@kernel.org>,
kernel-team@android.com
Subject: Re: [PATCH] KVM: arm64: Prevent kmemleak from accessing pKVM memory
Date: Fri, 17 Jun 2022 08:45:48 +0000 [thread overview]
Message-ID: <Yqw/PI6jF5HZTvxB@google.com> (raw)
In-Reply-To: <Yqw9dou3qgpAKQkZ@kernel.org>
On Friday 17 Jun 2022 at 11:38:14 (+0300), Mike Rapoport wrote:
> On Fri, Jun 17, 2022 at 09:21:31AM +0100, Marc Zyngier wrote:
> > On Thu, 16 Jun 2022 16:11:34 +0000, Quentin Perret wrote:
> > > Commit a7259df76702 ("memblock: make memblock_find_in_range method
> > > private") changed the API using which memory is reserved for the pKVM
> > > hypervisor. However, it seems that memblock_phys_alloc() differs
> > > from the original API in terms of kmemleak semantics -- the old one
> > > excluded the reserved regions from kmemleak scans when the new one
> > > doesn't seem to. Unfortunately, when protected KVM is enabled, all
> > > kernel accesses to pKVM-private memory result in a fatal exception,
> > > which can now happen because of kmemleak scans:
> > >
> > > [...]
> >
> > Applied to fixes, thanks!
> >
> > [1/1] KVM: arm64: Prevent kmemleak from accessing pKVM memory
> > commit: 9e5afa8a537f742bccc2cd91bc0bef4b6483ee98
>
> I'd really like to update the changelog to this:
>
> Commit a7259df76702 ("memblock: make memblock_find_in_range method
> private") changed the API using which memory is reserved for the pKVM
> hypervisor. However, memblock_phys_alloc() differs from the original API in
> terms of kmemleak semantics -- the old one didn't report the reserved
> regions to kmemleak while the new one does. Unfortunately, when protected
> KVM is enabled, all kernel accesses to pKVM-private memory result in a
> fatal exception, which can now happen because of kmemleak scans:
>
> $ echo scan > /sys/kernel/debug/kmemleak
> [ 34.991354] kvm [304]: nVHE hyp BUG at: [<ffff800008fa3750>] __kvm_nvhe_handle_host_mem_abort+0x270/0x290!
> ...
>
> Fix this by explicitly excluding the hypervisor's memory pool from
> kmemleak like we already do for the hyp BSS.
Looks good to me, thanks.
Quentin
next prev parent reply other threads:[~2022-06-17 8:45 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-16 16:11 [PATCH] KVM: arm64: Prevent kmemleak from accessing pKVM memory Quentin Perret
2022-06-16 16:11 ` Quentin Perret
2022-06-16 16:11 ` Quentin Perret
2022-06-16 17:51 ` Catalin Marinas
2022-06-16 17:51 ` Catalin Marinas
2022-06-16 17:51 ` Catalin Marinas
2022-06-17 8:19 ` Mike Rapoport
2022-06-17 8:19 ` Mike Rapoport
2022-06-17 8:19 ` Mike Rapoport
2022-06-17 8:21 ` Marc Zyngier
2022-06-17 8:21 ` Marc Zyngier
2022-06-17 8:21 ` Marc Zyngier
2022-06-17 8:38 ` Mike Rapoport
2022-06-17 8:38 ` Mike Rapoport
2022-06-17 8:38 ` Mike Rapoport
2022-06-17 8:45 ` Quentin Perret [this message]
2022-06-17 8:45 ` Quentin Perret
2022-06-17 8:45 ` Quentin Perret
2022-06-17 8:50 ` Marc Zyngier
2022-06-17 8:50 ` Marc Zyngier
2022-06-17 8:50 ` Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Yqw/PI6jF5HZTvxB@google.com \
--to=qperret@google.com \
--cc=catalin.marinas@arm.com \
--cc=kernel-team@android.com \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=rppt@kernel.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.