Re: [PATCH] KVM: arm64: Harden clock for nvhe/pKVM

[Marc Zyngier]

On Wed, 06 May 2026 16:23:26 +0100,
Vincent Donnefort <vdonnefort@xxxxxxxxxx> wrote:
> 
> On Wed, May 06, 2026 at 04:10:20PM +0100, Mostafa Saleh wrote:
> > On Wed, May 6, 2026 at 4:03 PM Vincent Donnefort <vdonnefort@xxxxxxxxxx> wrote:
> > >
> > > On Thu, Apr 30, 2026 at 10:37:24AM +0000, Mostafa Saleh wrote:
> > > > Sashiko(locally) reports possiblity of division by zero and
> > > > out-of-bounds bitwise shift in trace_clock_update().
> > > >
> > > > Although the clock update is untrusted, we should at least have some
> > > > basic checks to avoid the clock value getting out of sync if the host
> > > > is buggy.
> 
> > >
> > > I am not sure about the gain here. The host can still write values that will
> > > make it out of sync anyway.
> > >
> > > The timestamp is ultimately fed and read by the host.
> > >
> > 
> > This is not about having the clock in sync, but to avoid executing
> > undefined behavior, such as division by zero or large shifts in cases
> > if the host is buggy and not malicious.
> > That was reported by Sashiko
> > https://sashiko.dev/#/patchset/20260501111928.259252-1-smostafa%40google.com
> > 
> > Thanks,
> > Mostafa
> 
> I would then reword that to make it clear it just prevents the host triggering
> UB on the hypervisor. It doesn't really harden much, which is fine because that
> data isn't relevant for the hypervisor.

I can repaint the commit message when applying this.

> 
> Other than that:
> 
> Reviewed-by: Vincent Donnefort <vdonnefort@xxxxxxxxxx>

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.