Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/25/21 2:05 AM, Joerg Roedel wrote:
> On Wed, Nov 24, 2021 at 09:48:14AM -0800, Dave Hansen wrote:
>> That covers things like copy_from_user().  It does not account for
>> things where kernel mappings are used, like where a
>> get_user_pages()/kmap() is in play.
> The kmap case is guarded by KVM code, which locks the page first so that
> the guest can't change the page state, then checks the page state, and
> if it is shared does the kmap and the access.
> 
> This should turn an RMP fault in the kernel which is not covered in the
> uaccess exception table into a fatal error.

Let's say something does process_vm_readv() where the pid is a qemu
process and it is writing to a guest private memory area.  The syscall
will eventually end up in process_vm_rw_single_vec() which does:

>                 pinned_pages = pin_user_pages_remote(mm, pa, pinned_pages,
>                                                      flags, process_pages,
>                                                      NULL, &locked);
...
>                 rc = process_vm_rw_pages(process_pages,
>                                          start_offset, bytes, iter,
>                                          vm_write);


and eventually in copy_page_from_iter():

>                 void *kaddr = kmap_local_page(page);
>                 size_t wanted = _copy_from_iter(kaddr + offset, bytes, i);
>                 kunmap_local(kaddr);

The kernel access to 'kaddr+offset' shouldn't fault.  How does the KVM
code thwart that kmap_local_page()?



[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux