Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp8767216rwl; Sat, 31 Dec 2022 11:29:16 -0800 (PST) X-Google-Smtp-Source: AMrXdXtal2/t/3EToSjxvjj8dWzIlW9zImdQsnz6gKEMvQoKVi2hwr9EWL5DLfxbNJzzJCutbwKM X-Received: by 2002:a17:906:915:b0:7c0:e98d:b27 with SMTP id i21-20020a170906091500b007c0e98d0b27mr30053389ejd.58.1672514956301; Sat, 31 Dec 2022 11:29:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672514956; cv=none; d=google.com; s=arc-20160816; b=ultCEVhbrevUt9adTaVcsZjm+Qtab9Ky52/CWg4DCyMpRkPIgVT88NN4GryWwGK9kn Z24EeMnIWbogH7WOD9VLEAu46DsZURLyeM+UtSuucU0ApkBjmxtAgJei7y6PJDr+rURz r9hSNgV7TsCVVigDbHmXTZC4oMRqvCA9kZUHUnQNBeQRPDvF+tyVPhtIZ9MDqMq57sad uyplNABEJnbdVlgdx2ZihFOXWcqWLinBrvt2ArAwelPoqItPuzBmLLAzOZ5xGkgQsLSv Z0BM/cf6TrfWATTBaPo1K2e/iHFNAj9o0P3+0LtMb2LQQD8vs9KYBrPe3g6VSmX7vM74 CYZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=wtcKKnYS0ZHRn/fZeFnfnImCwHmhNYrXNEufS2qk2IY=; b=vNJl0IGzvVZu1DEAcXjS5QjDDx90y6apGuW7E2TsfSsycpTONoe81IKy1RyOVwHgzK 54rk4LNfKAZeH9uOgGSoMZuf5HnfDc/EzLuMyR9FXm7YwfH7YiJWJn7Vk3XMVzILMuqB uCwAufWsOgwk9S18BY5nW6WZSG8wbK1r42CWBiOHtd8lv+ToU1UV1Gmi9Vc+mEpPP09r p2zxztjTc/MJMVo/8eGxYcj7ZVf6UOF2+p051rs+r92Z5CAb7GwiLtkfaOzCz6c65J22 Sg9Jl5ZhAsOgFwk5ZjcHgEzU9D++N5XN7rJrCncf2Y7JnDqNgPWaQoR5LWmSeCTsJNeJ uURQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=rEFqycmT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id be4-20020a1709070a4400b007c07ba730c1si21577114ejc.375.2022.12.31.11.28.58; Sat, 31 Dec 2022 11:29:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=rEFqycmT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231700AbiLaTAi (ORCPT + 62 others); Sat, 31 Dec 2022 14:00:38 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49214 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229450AbiLaTAg (ORCPT ); Sat, 31 Dec 2022 14:00:36 -0500 Received: from mail.skyhub.de (mail.skyhub.de [IPv6:2a01:4f8:190:11c2::b:1457]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 809C1E9C for ; Sat, 31 Dec 2022 11:00:35 -0800 (PST) Received: from zn.tnic (p5de8e9fe.dip0.t-ipconnect.de [93.232.233.254]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id E73191EC04AD; Sat, 31 Dec 2022 20:00:33 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1672513234; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=wtcKKnYS0ZHRn/fZeFnfnImCwHmhNYrXNEufS2qk2IY=; b=rEFqycmTC2OglrzR35Kb4FvOYMQmK/u+hjZ6Q5DeDghRR3Fkb9g8m7lrzZc5JZNaWOwBX/ zD3l3yzMBfMonVKI8o0kPn9TcqZwlLgAZVF67+Hh4yOH01/7sXYXBMl/OE47/DJzISZO0c miXtD/9pE4oLWzklFvb4oXm4DJFs1MY= Date: Sat, 31 Dec 2022 20:00:29 +0100 From: Borislav Petkov To: "Jason A. Donenfeld" Cc: "H. Peter Anvin" , pbonzini@redhat.com, ebiggers@kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, qemu-devel@nongnu.org, ardb@kernel.org, kraxel@redhat.com, philmd@linaro.org Subject: Re: [PATCH qemu] x86: don't let decompressed kernel image clobber setup_data Message-ID: References: <46466e54-25c3-3194-8546-a57cd4a80d9d@zytor.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Dec 31, 2022 at 07:22:47PM +0100, Jason A. Donenfeld wrote: > So with that understanding confirmed, I'm confused at your surprise that > hpa's unrelated fix to the different issue didn't fix this issue. No surprise there - I used a qemu variant without your patch to prevent the setup_data clobbering so hpa's fix can't help there. > But since the kernel doesn't do this now, and the 62MiB bug also seems > to apply to existing kernels, for the purposes of QEMU for now, I think > the v3 patch is probably best, since it'll handle existing kernels. Right, we can't fix all those guests which are out there. > Alternatively, setup_data could be relocated, the boot param protocol > could be bumped, and then QEMU could conditionalized it's use of > setup_data based on that protocol version. That'd work, but seems a bit > more involved. I think this is at least worth considering because the kernel overwriting setup_data after having been told where that setup_data is located is not really nice. Well not explicitly at least - it gets the pointer to the first element and something needs to traverse that list to know which addresses are live. But still, that info is there so perhaps we need to take setup_data into consideration too before decompressing... -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette