From: Mike Rapoport <rppt@kernel.org>
To: Marc Zyngier <maz@kernel.org>
Cc: kernel-team@android.com, Will Deacon <will@kernel.org>,
Catalin Marinas <catalin.marinas@arm.com>,
linux-kernel@vger.kernel.org, kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH] KVM: arm64: Prevent kmemleak from accessing pKVM memory
Date: Fri, 17 Jun 2022 11:38:14 +0300 [thread overview]
Message-ID: <Yqw9dou3qgpAKQkZ@kernel.org> (raw)
In-Reply-To: <165545408679.771055.5076080259874437048.b4-ty@kernel.org>
On Fri, Jun 17, 2022 at 09:21:31AM +0100, Marc Zyngier wrote:
> On Thu, 16 Jun 2022 16:11:34 +0000, Quentin Perret wrote:
> > Commit a7259df76702 ("memblock: make memblock_find_in_range method
> > private") changed the API using which memory is reserved for the pKVM
> > hypervisor. However, it seems that memblock_phys_alloc() differs
> > from the original API in terms of kmemleak semantics -- the old one
> > excluded the reserved regions from kmemleak scans when the new one
> > doesn't seem to. Unfortunately, when protected KVM is enabled, all
> > kernel accesses to pKVM-private memory result in a fatal exception,
> > which can now happen because of kmemleak scans:
> >
> > [...]
>
> Applied to fixes, thanks!
>
> [1/1] KVM: arm64: Prevent kmemleak from accessing pKVM memory
> commit: 9e5afa8a537f742bccc2cd91bc0bef4b6483ee98
I'd really like to update the changelog to this:
Commit a7259df76702 ("memblock: make memblock_find_in_range method
private") changed the API using which memory is reserved for the pKVM
hypervisor. However, memblock_phys_alloc() differs from the original API in
terms of kmemleak semantics -- the old one didn't report the reserved
regions to kmemleak while the new one does. Unfortunately, when protected
KVM is enabled, all kernel accesses to pKVM-private memory result in a
fatal exception, which can now happen because of kmemleak scans:
$ echo scan > /sys/kernel/debug/kmemleak
[ 34.991354] kvm [304]: nVHE hyp BUG at: [<ffff800008fa3750>] __kvm_nvhe_handle_host_mem_abort+0x270/0x290!
...
Fix this by explicitly excluding the hypervisor's memory pool from
kmemleak like we already do for the hyp BSS.
> Cheers,
>
> M.
> --
> Marc Zyngier <maz@kernel.org>
>
--
Sincerely yours,
Mike.
_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
WARNING: multiple messages have this Message-ID (diff)
From: Mike Rapoport <rppt@kernel.org>
To: Marc Zyngier <maz@kernel.org>
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>,
Alexandru Elisei <alexandru.elisei@arm.com>,
linux-arm-kernel@lists.infradead.org,
Catalin Marinas <catalin.marinas@arm.com>,
Quentin Perret <qperret@google.com>,
kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org,
James Morse <james.morse@arm.com>, Will Deacon <will@kernel.org>,
kernel-team@android.com
Subject: Re: [PATCH] KVM: arm64: Prevent kmemleak from accessing pKVM memory
Date: Fri, 17 Jun 2022 11:38:14 +0300 [thread overview]
Message-ID: <Yqw9dou3qgpAKQkZ@kernel.org> (raw)
In-Reply-To: <165545408679.771055.5076080259874437048.b4-ty@kernel.org>
On Fri, Jun 17, 2022 at 09:21:31AM +0100, Marc Zyngier wrote:
> On Thu, 16 Jun 2022 16:11:34 +0000, Quentin Perret wrote:
> > Commit a7259df76702 ("memblock: make memblock_find_in_range method
> > private") changed the API using which memory is reserved for the pKVM
> > hypervisor. However, it seems that memblock_phys_alloc() differs
> > from the original API in terms of kmemleak semantics -- the old one
> > excluded the reserved regions from kmemleak scans when the new one
> > doesn't seem to. Unfortunately, when protected KVM is enabled, all
> > kernel accesses to pKVM-private memory result in a fatal exception,
> > which can now happen because of kmemleak scans:
> >
> > [...]
>
> Applied to fixes, thanks!
>
> [1/1] KVM: arm64: Prevent kmemleak from accessing pKVM memory
> commit: 9e5afa8a537f742bccc2cd91bc0bef4b6483ee98
I'd really like to update the changelog to this:
Commit a7259df76702 ("memblock: make memblock_find_in_range method
private") changed the API using which memory is reserved for the pKVM
hypervisor. However, memblock_phys_alloc() differs from the original API in
terms of kmemleak semantics -- the old one didn't report the reserved
regions to kmemleak while the new one does. Unfortunately, when protected
KVM is enabled, all kernel accesses to pKVM-private memory result in a
fatal exception, which can now happen because of kmemleak scans:
$ echo scan > /sys/kernel/debug/kmemleak
[ 34.991354] kvm [304]: nVHE hyp BUG at: [<ffff800008fa3750>] __kvm_nvhe_handle_host_mem_abort+0x270/0x290!
...
Fix this by explicitly excluding the hypervisor's memory pool from
kmemleak like we already do for the hyp BSS.
> Cheers,
>
> M.
> --
> Marc Zyngier <maz@kernel.org>
>
--
Sincerely yours,
Mike.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Mike Rapoport <rppt@kernel.org>
To: Marc Zyngier <maz@kernel.org>
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>,
Alexandru Elisei <alexandru.elisei@arm.com>,
linux-arm-kernel@lists.infradead.org,
Catalin Marinas <catalin.marinas@arm.com>,
Quentin Perret <qperret@google.com>,
kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org,
James Morse <james.morse@arm.com>, Will Deacon <will@kernel.org>,
kernel-team@android.com
Subject: Re: [PATCH] KVM: arm64: Prevent kmemleak from accessing pKVM memory
Date: Fri, 17 Jun 2022 11:38:14 +0300 [thread overview]
Message-ID: <Yqw9dou3qgpAKQkZ@kernel.org> (raw)
In-Reply-To: <165545408679.771055.5076080259874437048.b4-ty@kernel.org>
On Fri, Jun 17, 2022 at 09:21:31AM +0100, Marc Zyngier wrote:
> On Thu, 16 Jun 2022 16:11:34 +0000, Quentin Perret wrote:
> > Commit a7259df76702 ("memblock: make memblock_find_in_range method
> > private") changed the API using which memory is reserved for the pKVM
> > hypervisor. However, it seems that memblock_phys_alloc() differs
> > from the original API in terms of kmemleak semantics -- the old one
> > excluded the reserved regions from kmemleak scans when the new one
> > doesn't seem to. Unfortunately, when protected KVM is enabled, all
> > kernel accesses to pKVM-private memory result in a fatal exception,
> > which can now happen because of kmemleak scans:
> >
> > [...]
>
> Applied to fixes, thanks!
>
> [1/1] KVM: arm64: Prevent kmemleak from accessing pKVM memory
> commit: 9e5afa8a537f742bccc2cd91bc0bef4b6483ee98
I'd really like to update the changelog to this:
Commit a7259df76702 ("memblock: make memblock_find_in_range method
private") changed the API using which memory is reserved for the pKVM
hypervisor. However, memblock_phys_alloc() differs from the original API in
terms of kmemleak semantics -- the old one didn't report the reserved
regions to kmemleak while the new one does. Unfortunately, when protected
KVM is enabled, all kernel accesses to pKVM-private memory result in a
fatal exception, which can now happen because of kmemleak scans:
$ echo scan > /sys/kernel/debug/kmemleak
[ 34.991354] kvm [304]: nVHE hyp BUG at: [<ffff800008fa3750>] __kvm_nvhe_handle_host_mem_abort+0x270/0x290!
...
Fix this by explicitly excluding the hypervisor's memory pool from
kmemleak like we already do for the hyp BSS.
> Cheers,
>
> M.
> --
> Marc Zyngier <maz@kernel.org>
>
--
Sincerely yours,
Mike.
next prev parent reply other threads:[~2022-06-17 8:38 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-16 16:11 [PATCH] KVM: arm64: Prevent kmemleak from accessing pKVM memory Quentin Perret
2022-06-16 16:11 ` Quentin Perret
2022-06-16 16:11 ` Quentin Perret
2022-06-16 17:51 ` Catalin Marinas
2022-06-16 17:51 ` Catalin Marinas
2022-06-16 17:51 ` Catalin Marinas
2022-06-17 8:19 ` Mike Rapoport
2022-06-17 8:19 ` Mike Rapoport
2022-06-17 8:19 ` Mike Rapoport
2022-06-17 8:21 ` Marc Zyngier
2022-06-17 8:21 ` Marc Zyngier
2022-06-17 8:21 ` Marc Zyngier
2022-06-17 8:38 ` Mike Rapoport [this message]
2022-06-17 8:38 ` Mike Rapoport
2022-06-17 8:38 ` Mike Rapoport
2022-06-17 8:45 ` Quentin Perret
2022-06-17 8:45 ` Quentin Perret
2022-06-17 8:45 ` Quentin Perret
2022-06-17 8:50 ` Marc Zyngier
2022-06-17 8:50 ` Marc Zyngier
2022-06-17 8:50 ` Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Yqw9dou3qgpAKQkZ@kernel.org \
--to=rppt@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=kernel-team@android.com \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.