Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp547543imm; Wed, 22 Aug 2018 08:33:34 -0700 (PDT) X-Google-Smtp-Source: AA+uWPxuJLFkgGx57fPZx+d0LrIJdnQzd/jGWUPLUfCrV9cXxxvU04sB+OTwkiJlraIjROagut4y X-Received: by 2002:a62:3703:: with SMTP id e3-v6mr58226515pfa.117.1534952014896; Wed, 22 Aug 2018 08:33:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1534952014; cv=none; d=google.com; s=arc-20160816; b=FH30fjt1Pc6ZNg21SdYhRZXnaR1m4m4rENs+PsIEurw0wuePviyPoc4yzn6RDslWuz gQArRycFOwblqa7vzi/PdtKumhJyDybhmI7xm4to8f+Vig7oNPpm4QqczyYcBKDKWX3s /bqqm0Ppar2uOyVymHc7jPYtDtMOsRxKoUmB7Z21sqQ2+pjR5F2b11Mx1QioL/lCFkP1 PodcI6soNWJpr8tFtpKybjDEz+XMdR6XDsj9UlCq4P+4t6S1DOpu3amt7J6dJ5xLDmBi uMp5qCNVGQccVpB9Pt9AiM9NZcKWij46tH+G+MdptSuBgMJcmVi1xf77c920RWDke5Ct qW9Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature:arc-authentication-results; bh=GixqUawec4jCklvh64zxrut6miWAx8Jobc9VGzNXnnQ=; b=agyml0WIraapqi5VBJdEQPuFmw1Pe9zPhVYrLjRpmcLSdgcFTjMwzNVxlDNd0AvtMo XRuNHnekdpI9j/9AUgay5ni1dIiZSulUsZQJUNLrs05e/xxUSa8aRgGfFpIpYPsS+bvb Vtxmvv4yfwEuUkaNf0nlymheTqrfsGQ1gDf+XK5slFYzSLXx6rXGAqCJX1DZ0y+qX+XX NkVSzqG5ZjycRTbJVUWtHzybuFxjNk12YKgg+JU+lEn8ukDCaRm1UVhsT7mCEFRlHmik HviqRxXYT/8l6TsM7q4zy8giRNUlBmgh4NfksY6CAMEzMnJXt5O1FqpFSH+UJmSfq1PY oRFw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=KXgvc7Z2; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t22-v6si1854014pgj.546.2018.08.22.08.33.19; Wed, 22 Aug 2018 08:33:34 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=KXgvc7Z2; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729259AbeHVS5e (ORCPT + 99 others); Wed, 22 Aug 2018 14:57:34 -0400 Received: from mail-lj1-f195.google.com ([209.85.208.195]:35539 "EHLO mail-lj1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729024AbeHVS5e (ORCPT ); Wed, 22 Aug 2018 14:57:34 -0400 Received: by mail-lj1-f195.google.com with SMTP id p10-v6so1780063ljg.2; Wed, 22 Aug 2018 08:32:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=GixqUawec4jCklvh64zxrut6miWAx8Jobc9VGzNXnnQ=; b=KXgvc7Z2xnE6dkS4z0B0hm/S045sjDvwqrqfYLR50HfiLMKl0vuZjy9skZ0i3TNhdq oyZHqhdWZCS3m7L52tL5RCx//h7UHnoUp+bEgs4lTmiGSF2NnDj6Znrh2Uw89OHWKDvi bOY0Q9BBy2QxCmGelLzZarhIrlNLpNb+A51NSfK8EN0zsj+WbYBDPTZgjTDlJt+m/ikQ iqK7aKPeKCbMTfLDexIK7szMI00zXZ258tCpKahEo/RaqPE+5EILleyePPwuY5IwsB+x F9MqyzgtwZ1uCJT/wgbfsAcE3AMt8q13I3hQSqHjPNxz8BBGM+leqcHX6Bg57ac29Kk8 03WQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=GixqUawec4jCklvh64zxrut6miWAx8Jobc9VGzNXnnQ=; b=TIa4q/R/B13bvWWAOh+oxWj46HBxucESEh2EBQrXHnPyUy8UWriI0gZMMITufjjMJG VjsPnF/8fI5olvP57wvxurXmPp0WASMzKByWn3RQb//E0goh6Rd3VrRqomEjIy2EB5UZ HlCuEyKVhvw04LJaSUfClHgCBRzYtA5Q7ZoLksgBbgE+4XoKpHRti3jHnoEZhSGk5e3z pWC0VwfhxiK0HIfLZ1J+W1eoDJtoeDyYZK5R5ujw7vKAgWAJd51U+rshtYsE/4lqufAL +Ml2ADewds8XTxPIhfYbLGZWNkSxykDteVsrdHhpBnKBDvMVKqcL2l2JLHweYwaNtXxB EeAg== X-Gm-Message-State: AOUpUlGIT+hISS/MrETtBCYwL9VC+ZkvahTue3ReWvvbwX5ZaHoRuA0J BXT9vXJvJ4YbVOMeJpnISACOnQtvl8qB6570thQ= X-Received: by 2002:a2e:954e:: with SMTP id t14-v6mr34246238ljh.68.1534951930677; Wed, 22 Aug 2018 08:32:10 -0700 (PDT) MIME-Version: 1.0 References: <1534949580-38261-1-git-send-email-pbonzini@redhat.com> In-Reply-To: <1534949580-38261-1-git-send-email-pbonzini@redhat.com> From: Jack Wang Date: Wed, 22 Aug 2018 17:31:59 +0200 Message-ID: Subject: Re: [PATCH] KVM: VMX: fixes for vmentry_l1d_flush module parameter To: Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, bsd@redhat.com, stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Paolo Bonzini =E4=BA=8E2018=E5=B9=B48=E6=9C=8822=E6= =97=A5=E5=91=A8=E4=B8=89 =E4=B8=8B=E5=8D=884:56=E5=86=99=E9=81=93=EF=BC=9A > > Two bug fixes: > > 1) missing entries in the l1d_param array; this can cause a host crash > if an access attempts to reach the missing entry. Future-proof the get > function against any overflows as well. However, the two entries > VMENTER_L1D_FLUSH_EPT_DISABLED and VMENTER_L1D_FLUSH_NOT_REQUIRED must > not be accepted by the parse function, so disable them there. > > 2) invalid values must be rejected even if the CPU does not have the > bug, so test for them before checking boot_cpu_has(X86_BUG_L1TF) > > ... and a small refactoring, since the .cmd field is redundant with > the index in the array. > > Reported-by: Bandan Das > Cc: stable@vger.kernel.org > Fixes: a7b9020b06ec6d7c3f3b0d4ef1a9eba12654f4f7 > Signed-off-by: Paolo Bonzini > --- > arch/x86/kvm/vmx.c | 26 ++++++++++++++++---------- > 1 file changed, 16 insertions(+), 10 deletions(-) > > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index c76ca8c4befa..8dae47e7267a 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -198,12 +198,14 @@ > > static const struct { > const char *option; > - enum vmx_l1d_flush_state cmd; > + bool for_parse; > } vmentry_l1d_param[] =3D { > - {"auto", VMENTER_L1D_FLUSH_AUTO}, > - {"never", VMENTER_L1D_FLUSH_NEVER}, > - {"cond", VMENTER_L1D_FLUSH_COND}, > - {"always", VMENTER_L1D_FLUSH_ALWAYS}, > + [VMENTER_L1D_FLUSH_AUTO] =3D {"auto", true}, > + [VMENTER_L1D_FLUSH_NEVER] =3D {"never", true}, > + [VMENTER_L1D_FLUSH_COND] =3D {"cond", true}, > + [VMENTER_L1D_FLUSH_ALWAYS] =3D {"always", true}, > + [VMENTER_L1D_FLUSH_EPT_DISABLED] =3D {"EPT disabled", false}, > + [VMENTER_L1D_FLUSH_NOT_REQUIRED] =3D {"not required", false}, > }; > > #define L1D_CACHE_ORDER 4 > @@ -287,8 +289,9 @@ static int vmentry_l1d_flush_parse(const char *s) > > if (s) { > for (i =3D 0; i < ARRAY_SIZE(vmentry_l1d_param); i++) { > - if (sysfs_streq(s, vmentry_l1d_param[i].option)) > - return vmentry_l1d_param[i].cmd; > + if (vmentry_l1d_param[i].for_parse && > + sysfs_streq(s, vmentry_l1d_param[i].option)) > + return i; > } > } > return -EINVAL; > @@ -298,13 +301,13 @@ static int vmentry_l1d_flush_set(const char *s, con= st struct kernel_param *kp) > { > int l1tf, ret; > > - if (!boot_cpu_has(X86_BUG_L1TF)) > - return 0; > - > l1tf =3D vmentry_l1d_flush_parse(s); > if (l1tf < 0) > return l1tf; > > + if (!boot_cpu_has(X86_BUG_L1TF)) > + return 0; > + > /* > * Has vmx_init() run already? If not then this is the pre init > * parameter parsing. In that case just store the value and let > @@ -324,6 +327,9 @@ static int vmentry_l1d_flush_set(const char *s, const= struct kernel_param *kp) > > static int vmentry_l1d_flush_get(char *s, const struct kernel_param *kp) > { > + if (WARN_ON_ONCE(l1tf_vmx_mitigation >=3D ARRAY_SIZE(vmentry_l1d_= param))) > + return sprintf(s, "???\n"); > + > return sprintf(s, "%s\n", vmentry_l1d_param[l1tf_vmx_mitigation].= option); > } > > -- > 1.8.3.1 > Tested-by: Jack Wang Thanks, Jack