Received: by 2002:a05:6a10:af89:0:0:0:0 with SMTP id iu9csp3371888pxb; Mon, 17 Jan 2022 18:54:30 -0800 (PST) X-Google-Smtp-Source: ABdhPJyhot+m4+PB6gWKQszdk50zb/dLa5TZbhhazPUqf/ILqwR9Jk9/tgUjcZXISdaX4DRxN+6o X-Received: by 2002:a63:1d5:: with SMTP id 204mr10288117pgb.623.1642474470501; Mon, 17 Jan 2022 18:54:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1642474470; cv=none; d=google.com; s=arc-20160816; b=B+IqxQWVE1+JA/TXtSH51m/nHH+h/0vdBFSXrkFsXdQlPZh3EajtFRe0MJQSv9w8is XFsEOE1AIkuhSkWc1fohbNZFdrQRULvFWZu+FXPkQZdultH8X4tJTPSMdxoM6H3ilay4 ryVmqipBlzpoRXKLzHn40SwiROM+W+NyQVDJRrTQDLkTzE0+aPTnF8qYbTesiwB/rHAL /818Vj/dXLAwoa79SycPaFvO4t/U/O1xjjDHQw5SP3xCdeukEV4y9tXN6ihh0QSnOr5I LQ4DEWryvaURsPmZTLF3mK/AbL6oEQCggj5l0V9n5MkkqCQ4Vg0T/PelnvYc+CzHFi1w HXsA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=g4GDA0IUvWhhcky7T0HTZUXu5KWeN95yhvrj+pk935s=; b=qwPH2Nw7Ws6ag3DsiboUNeURf6BBOecy5arFpCFkL7okGhyxm9KdLuIOyEJeBiBMeD EWjSKiWLJl9wYB0qbNGjIixxnE73YxJ1w0P0AFNlc1nVnFop0UvlohTUjaz+qGHPc+gY acPwLkkd8dpcxR45xN5tdXflXxJXKIYgHN7Vd3DU/c3K3nOFaT/z1X41eKbOEfoD60cs PkhZIDDQ+FcFJuRtHn/KNaYtPGn/uZbct9hZOOg13nJN0XKhzRy/x+p9V6Cs5yFHjoxb FU7k99qnzLdAuGdwoV7vqMCMoRCNj8Tnx8ANrnpjFJ8cZJi1rrPduu7hFguILGAvmZVk okKw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=SQpRF2pY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q12si3012262pls.223.2022.01.17.18.54.19; Mon, 17 Jan 2022 18:54:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=SQpRF2pY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241095AbiAQRpn (ORCPT + 99 others); Mon, 17 Jan 2022 12:45:43 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]:41690 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235374AbiAQRpm (ORCPT ); Mon, 17 Jan 2022 12:45:42 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1642441542; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=g4GDA0IUvWhhcky7T0HTZUXu5KWeN95yhvrj+pk935s=; b=SQpRF2pYlK4kQ4w9Gkg7l2e7f2tPVfY4MPMFc4m4W8TgidhehfwhzUZ6w8hhMwWeFOI5yZ D6TPPy4uU+QDynWYxQm3s93n3Vo2kNscg1qCA/jEOXhpn0KRMltS+yof86coLiEJVRxefa 2Wnii5T4ZT0rGcbB6wSNOgECde/Iot4= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-231-9SV0cg8SNOC7Xam8F3SPyA-1; Mon, 17 Jan 2022 12:45:40 -0500 X-MC-Unique: 9SV0cg8SNOC7Xam8F3SPyA-1 Received: by mail-wm1-f71.google.com with SMTP id bg32-20020a05600c3ca000b00349f2aca1beso293846wmb.9 for ; Mon, 17 Jan 2022 09:45:40 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=g4GDA0IUvWhhcky7T0HTZUXu5KWeN95yhvrj+pk935s=; b=CvQWL7JQKTNaiKr/OaG/E/kEAzBQeZcogcBvhrcx9Oza3mVn0kglw1CclCUGvPjOEq RPOTQyNmeymMwoiiJ/kiwYH8u3nuB7WvYDhJhohVlQpezqMPfIfOZdO2n2gwasJ3fsF+ bh1+WGl3eD9DKLJSRrQVII0YA/7N6KD2K/QRvctOV1sM7K71bkAbg9V4Phk+v20I8HWD k81u+i7+aYWTA6+HWAX/72Igdm1VAQ5/NxnCipqFD3c0VSImDmjI/dZEj69otKiKJalC n6KZDuCE8MlYToA6EoqwaEEZ7fFebfx3usx04jMksiqCI5O0ajLhEcGnji9WrNYS0aQ+ b56Q== X-Gm-Message-State: AOAM530799NbbV7E/5MfdIv5Bzo2Q3tMLUvDf8eDzSdyeqHeMPhSbjEO ZXH7RwOcsxuMBG+Hq4somunTFSEyqbJ9HsLJZQNdMOLA3HwcSxNSd+78AGtleD5AHwuS9bmwI1F oEdm4+V+gHj26kaQjXavBBnlL X-Received: by 2002:adf:d0ce:: with SMTP id z14mr19867266wrh.48.1642441539524; Mon, 17 Jan 2022 09:45:39 -0800 (PST) X-Received: by 2002:adf:d0ce:: with SMTP id z14mr19867254wrh.48.1642441539309; Mon, 17 Jan 2022 09:45:39 -0800 (PST) Received: from ?IPV6:2001:b07:6468:f312:c8dd:75d4:99ab:290a? ([2001:b07:6468:f312:c8dd:75d4:99ab:290a]) by smtp.googlemail.com with ESMTPSA id r15sm40119wmq.3.2022.01.17.09.45.37 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 17 Jan 2022 09:45:38 -0800 (PST) Message-ID: <8aa0cada-7f00-47b3-41e4-8a9e7beaae47@redhat.com> Date: Mon, 17 Jan 2022 18:45:36 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.4.0 Subject: Re: [PATCH 0/5] kvm: fix latent guest entry/exit bugs Content-Language: en-US To: Mark Rutland , Christian Borntraeger Cc: linux-kernel@vger.kernel.org, aleksandar.qemu.devel@gmail.com, alexandru.elisei@arm.com, anup.patel@wdc.com, aou@eecs.berkeley.edu, atish.patra@wdc.com, benh@kernel.crashing.org, bp@alien8.de, catalin.marinas@arm.com, chenhuacai@kernel.org, dave.hansen@linux.intel.com, david@redhat.com, frankja@linux.ibm.com, frederic@kernel.org, gor@linux.ibm.com, hca@linux.ibm.com, imbrenda@linux.ibm.com, james.morse@arm.com, jmattson@google.com, joro@8bytes.org, kvm@vger.kernel.org, maz@kernel.org, mingo@redhat.com, mpe@ellerman.id.au, nsaenzju@redhat.com, palmer@dabbelt.com, paulmck@kernel.org, paulus@samba.org, paul.walmsley@sifive.com, seanjc@google.com, suzuki.poulose@arm.com, tglx@linutronix.de, tsbogend@alpha.franken.de, vkuznets@redhat.com, wanpengli@tencent.com, will@kernel.org References: <20220111153539.2532246-1-mark.rutland@arm.com> <127a6117-85fb-7477-983c-daf09e91349d@linux.ibm.com> From: Paolo Bonzini In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 1/14/22 16:19, Mark Rutland wrote: > I also think there is another issue here. When an IRQ is taken from SIE, will > user_mode(regs) always be false, or could it be true if the guest userspace is > running? If it can be true I think tha context tracking checks can complain, > and it*might* be possible to trigger a panic(). I think that it would be false, because the guest PSW is in the SIE block and switched on SIE entry and exit, but I might be incorrect. Paolo > In irqentry_enter(), if user_mode(regs) == true, we call > irqentry_enter_from_user_mode -> __enter_from_user_mode(). There we check that > the context is CONTEXT_USER, but IIUC that will be CONTEXT_GUEST at this point. > We also call arch_check_user_regs(), and IIUC this might permit a malicious > guest to trigger a host panic by way of debug_user_asce(), but I may have > misunderstood and that might not be possible.