Re: [PATCH 07/14] KVM: x86: SVM: add warning for CVE-2021-3656

From: Paolo Bonzini
Date: Thu Sep 23 2021 - 12:44:57 EST

Next message: Michael Straube: "[PATCH] staging: r8188eu: remove rtw_proc_{init,remove}_one()"
Previous message: Jakub Kicinski: "Re: [PATCH net-next] ptp: clockmatrix: use rsmu driver to access i2c/spi bus"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 14/09/21 17:48, Maxim Levitsky wrote:

Just in case, add a warning ensuring that on guest entry,
either both VMLOAD and VMSAVE intercept is enabled or
vVMLOAD/VMSAVE is enabled.

Signed-off-by: Maxim Levitsky <mlevitsk@xxxxxxxxxx>
---
arch/x86/kvm/svm/svm.c | 6 ++++++
1 file changed, 6 insertions(+)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 861ac9f74331..deeebd05f682 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -3784,6 +3784,12 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu)
WARN_ON_ONCE(kvm_apicv_activated(vcpu->kvm) != kvm_vcpu_apicv_active(vcpu));
+ /* Check that CVE-2021-3656 can't happen again */
+ if (!svm_is_intercept(svm, INTERCEPT_VMSAVE) ||
+ !svm_is_intercept(svm, INTERCEPT_VMSAVE))
+ WARN_ON(!(svm->vmcb->control.virt_ext &
+ VIRTUAL_VMLOAD_VMSAVE_ENABLE_MASK));
+
sync_lapic_to_cr8(vcpu);
if (unlikely(svm->asid != svm->vmcb->control.asid)) {

While it's nice to be "proactive", this does adds some extra work. Maybe it should be under CONFIG_DEBUG_KERNEL. It could be useful to make it into its own function so we can add similar intercept invariants in the same place.

Paolo

Next message: Michael Straube: "[PATCH] staging: r8188eu: remove rtw_proc_{init,remove}_one()"
Previous message: Jakub Kicinski: "Re: [PATCH net-next] ptp: clockmatrix: use rsmu driver to access i2c/spi bus"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]