From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Gibson Subject: Re: [PATCH] KVM: PPC: Book3S HV: Sanitize special-purpose register values on guest exit Date: Tue, 8 Mar 2016 13:31:35 +1100 Message-ID: <20160308133135.176911b2@voom.fritz.box> References: <20160307111230.GC32019@fergus.ozlabs.ibm.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; boundary="Sig_/TjbpQBfMfW9Kgz1qJCxqVM4"; protocol="application/pgp-signature" Cc: kvm@vger.kernel.org, kvm-ppc@vger.kernel.org, Paolo Bonzini , Alexander Graf To: Paul Mackerras Return-path: Received: from mx1.redhat.com ([209.132.183.28]:50243 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932071AbcCHCbr (ORCPT ); Mon, 7 Mar 2016 21:31:47 -0500 In-Reply-To: <20160307111230.GC32019@fergus.ozlabs.ibm.com> Sender: kvm-owner@vger.kernel.org List-ID: --Sig_/TjbpQBfMfW9Kgz1qJCxqVM4 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Mon, 7 Mar 2016 22:12:30 +1100 Paul Mackerras wrote: > Thomas Huth discovered that a guest could cause a hard hang of a > host CPU by setting the Instruction Authority Mask Register (IAMR) > to a suitable value. It turns out that this is because when the > code was added to context-switch the new special-purpose registers > (SPRs) that were added in POWER8, we forgot to add code to ensure > that they were restored to a sane value on guest exit. >=20 > This adds code to set the those registers where a bad value could > compromise the execution of the host kernel to a suitable neutral > value on guest exit. >=20 > Cc: stable@vger.kernel.org # v3.14+ > Fixes: b73117c49364 > Reported-by: Thomas Huth > Signed-off-by: Paul Mackerras Reviewed-by: David Gibson > --- > Paolo, since this fixes a bug where a guest can cause a hard hang > of a host CPU, I'd like it to go in 4.5 if possible. >=20 > arch/powerpc/kvm/book3s_hv_rmhandlers.S | 15 +++++++++++++++ > 1 file changed, 15 insertions(+) >=20 > diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/b= ook3s_hv_rmhandlers.S > index ed16182..752e915 100644 > --- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S > +++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S > @@ -1370,6 +1370,20 @@ END_FTR_SECTION_IFCLR(CPU_FTR_ARCH_207S) > std r6, VCPU_ACOP(r9) > stw r7, VCPU_GUEST_PID(r9) > std r8, VCPU_WORT(r9) > + /* > + * Restore various registers to 0, where non-zero values > + * set by the guest could disrupt the host. > + */ > + li r0, 0 > + mtspr SPRN_IAMR, r0 > + mtspr SPRN_CIABR, r0 > + mtspr SPRN_DAWRX, r0 > + mtspr SPRN_TCSCR, r0 > + mtspr SPRN_WORT, r0 > + /* Set MMCRS to 1<<31 to freeze and disable the SPMC counters */ > + li r0, 1 > + sldi r0, r0, 31 > + mtspr SPRN_MMCRS, r0 > 8: > =20 > /* Save and reset AMR and UAMOR before turning on the MMU */ > --=20 > 2.5.0 >=20 --=20 David Gibson Senior Software Engineer, Virtualization, Red Hat --Sig_/TjbpQBfMfW9Kgz1qJCxqVM4 Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJW3jmHAAoJEGw4ysog2bOSn0MQAIuAiHiCDpeNPU5Xk2GE74yg zSAp0baVorKjwhBLZCrO/Ncjc7PisiOGWlrsJbOtbhoC6qgnZTdQ0xU8DuoOD2GZ n35Hd7Utl+E2i7z9YxFdi0lKX/puWoZSt+s0v16GnNC8zoc/AH4vFijTpws7KyPK svJ7RhsOjXv64LNlmyAYeQh46kmA7tbXTYdNH1nSAlIIm8ch+SDhDsUAC+P1lCVL 9XjIskpm25ijA+SN8St7FWd1QIdhaOV4kN3cEi65CTPSXyiSFxsB26FMMYEU7rDP Zesgj8IR4AVeERK7bb5V0BnS8bDXd7/uvA1u6fEgPsmrN9BfeqCscfw1Kbz7gDjA O+cTOwMsP3i+6h73sVEyuHMctyjKZhV7qit1sNZf1RzXu51GDCE350ki5DaOccpL +F+8t9Wojxka2Rhnih74YL1m1HGW6ZE8RqERhqbZumM/Y+sSV++gLqoSWN0dbRIq n/0vLLnz7o6PAHC5ExYVyAWUxM+7WNNBHdYgi45ZnnY5PAXBluirn1GyWJ58vrpy u2GgSGtS5OXESCFir+6BTdVpCwQvgIOwl0k6TpEl66HwVte+BoRrJbX49f3NVFLU eS+CBOkWGLzeBVDvd38VCQTwodRiMJ88D1E8ouE1DUs2H0zrMxKC2FZUBtXfIhWf 33HjcUjkT4tKPoiGDqV0 =yq3G -----END PGP SIGNATURE----- --Sig_/TjbpQBfMfW9Kgz1qJCxqVM4--