Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp2938747ybi; Mon, 17 Jun 2019 13:07:30 -0700 (PDT) X-Google-Smtp-Source: APXvYqzjhBawoVZYJOqka+xTnc+OdMTmlt9TJNK9WReaUFmLJiK42142X4fgVmPwsYs9zsS9U/BO X-Received: by 2002:a17:90a:bf02:: with SMTP id c2mr722609pjs.73.1560802050809; Mon, 17 Jun 2019 13:07:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560802050; cv=none; d=google.com; s=arc-20160816; b=A9YCcmd3EDFbJ4PQ1P9e8te3Y76lTxX0dw288qKHQcQsJ2iMUAjRgW7oGzMhbAvaFf SSy1ZTDo30TV84Wpdh876Tp3laUwqktWHc234rITB/LEelGBnPVXHEStLgso2dNbNdIG Czv9v4vh0Q0nWvovZzWb9Tu6fib19iFAM9CdqRSdKNg7ZIph2f37BqvwOmKU5VfN1xZS HB8WCkggYAvW20ykqpGpWH2uAYZQVlXUZmSKsgRbCvGHOSXddFzMwzVInBKPLi7db5+b k7fi/V8jLTS1EHgEc3ciyxyPhMpyNkTYFZaN+1RMMHcn6oonYpVRYQ3NfzBHkAZtzRpe xuMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=qSP+lxx4pNspGb7rZ70I6e6W7JSOBj9YX9vVShJRd7Q=; b=c9wz00jXb+JK+mLmDj+CCvviOBcbjy9nWKY//M9XcYxcZw1jRhbvrw+oKn/jTptXV2 CRSvCGUM2DqlMBcDguIxhFLCyy2cO3O69RgL3YI3rrYVMqpa+5v4Gq3TZ5KNy1viIVpE z5Ol4mTEmHjACtuyLzeTPAnwcaXEAchmsqlgV0SZeN2pC5T1dnkKHL8GlsWI16RH000X Eg+95EqI7R0KGmDTMSmP8B51qpKdAlcD0+cI/0wz+ku8hk5Jr0XHiGFrxRYLHr5p8QYR iCDpN5cthFQjhernN3TK7AZE4xsdK4i2ttTh32pE1X/FaF86rb4c8iuBgCiRVU1zoxBs 9hvQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h11si231726pjs.32.2019.06.17.13.07.15; Mon, 17 Jun 2019 13:07:30 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727875AbfFQUHI (ORCPT + 99 others); Mon, 17 Jun 2019 16:07:08 -0400 Received: from mga03.intel.com ([134.134.136.65]:23679 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726443AbfFQUHI (ORCPT ); Mon, 17 Jun 2019 16:07:08 -0400 X-Amp-Result: UNSCANNABLE X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Jun 2019 13:07:01 -0700 X-ExtLoop1: 1 Received: from sjchrist-coffee.jf.intel.com (HELO linux.intel.com) ([10.54.74.36]) by fmsmga005.fm.intel.com with ESMTP; 17 Jun 2019 13:07:01 -0700 Date: Mon, 17 Jun 2019 13:07:01 -0700 From: Sean Christopherson To: Radim =?utf-8?B?S3LEjW3DocWZ?= Cc: Paolo Bonzini , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, vkuznets@redhat.com, stable@vger.kernel.org Subject: Re: [PATCH 22/43] KVM: nVMX: Don't dump VMCS if virtual APIC page can't be mapped Message-ID: <20190617200700.GA30158@linux.intel.com> References: <1560445409-17363-1-git-send-email-pbonzini@redhat.com> <1560445409-17363-23-git-send-email-pbonzini@redhat.com> <20190617191724.GA26860@flask> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20190617191724.GA26860@flask> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jun 17, 2019 at 09:17:24PM +0200, Radim Krčmář wrote: > 2019-06-13 19:03+0200, Paolo Bonzini: > > From: Sean Christopherson > > > > ... as a malicious userspace can run a toy guest to generate invalid > > virtual-APIC page addresses in L1, i.e. flood the kernel log with error > > messages. > > > > Fixes: 690908104e39d ("KVM: nVMX: allow tests to use bad virtual-APIC page address") > > Cc: stable@vger.kernel.org > > Cc: Paolo Bonzini > > Signed-off-by: Sean Christopherson > > Signed-off-by: Paolo Bonzini > > --- > > Makes me wonder why it looks like this in kvm/queue. :) Presumably something is wonky in Paolo's workflow, this happened before. commit d69129b4e46a7b61dc956af038d143eb791f22c7 Author: Sean Christopherson Date: Wed May 8 07:32:15 2019 -0700 KVM: nVMX: Disable intercept for FS/GS base MSRs in vmcs02 when possible If L1 is using an MSR bitmap, unconditionally merge the MSR bitmaps from L0 and L1 for MSR_{KERNEL,}_{FS,GS}_BASE. KVM unconditionally exposes MSRs L1. If KVM is also running in L1 then it's highly likely L1 is also exposing the MSRs to L2, i.e. KVM doesn't need to intercept L2 accesses. Based on code from Jintack Lim. Cc: Jintack Lim Signed-off-by: Sean Christopherson Signed-off-by: Paolo Bonzini > > commit 1971a835297f9098ce5a735d38916830b8313a65 > Author: Sean Christopherson > AuthorDate: Tue May 7 09:06:26 2019 -0700 > Commit: Paolo Bonzini > CommitDate: Thu Jun 13 16:23:13 2019 +0200 > > KVM: nVMX: Don't dump VMCS if virtual APIC page can't be mapped > > ... as a malicious userspace can run a toy guest to generate invalid > virtual-APIC page addresses in L1, i.e. flood the kernel log with error > messages. > > Fixes: 690908104e39d ("KVM: nVMX: allow tests to use bad virtual-APIC page address") > Cc: stable@xxxxxxxxxxxxxxx > Cc: Paolo Bonzini > Signed-off-by: Sean Christopherson > Signed-off-by: Paolo Bonzini