Re: [PATCH] KVM: nVMX: WARN on any attempt to allocate shadow VMCS for vmcs02

From: Paolo Bonzini
Date: Wed Jan 26 2022 - 12:05:45 EST

Next message: Rob Herring: "Re: [RFC V1 06/11] arm64/perf: Drive BRBE from perf event states"
Previous message: David Hildenbrand: "Re: [PATCH 1/2] mm/memory_hotplug: Export shrink span functions for zone and node"
In reply to: Sean Christopherson: "Re: [PATCH] KVM: nVMX: WARN on any attempt to allocate shadow VMCS for vmcs02"
Next in thread: Vitaly Kuznetsov: "Re: [PATCH] KVM: nVMX: WARN on any attempt to allocate shadow VMCS for vmcs02"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/26/22 17:22, Sean Christopherson wrote:

I don't like preceeding, because that will likely lead to a crash and/or WARNs if
KVM call the helper at the right time but with the wrong VMCS loaded, i.e. if
vmcs01.shadow_vmcs is left NULL, as many paths assumes vmcs01 is allocated if they
are reached with VMCS shadowing enabled. At the very least, it will leak memory
because vmcs02.shadow_vmcs is never freed.

Maybe this to try and clarify things? Compile tested only...

Your patch is okay, just with an extra paragraph in the commit message:

The previous code WARNed but continued anyway with the allocation,
presumably in an attempt to avoid NULL pointer dereference.
However, alloc_vmcs (and hence alloc_shadow_vmcs) can fail, and
indeed the sole caller does:

if (enable_shadow_vmcs && !alloc_shadow_vmcs(vcpu))
goto out_shadow_vmcs;

which makes it not a useful attempt.

Paolo

Next message: Rob Herring: "Re: [RFC V1 06/11] arm64/perf: Drive BRBE from perf event states"
Previous message: David Hildenbrand: "Re: [PATCH 1/2] mm/memory_hotplug: Export shrink span functions for zone and node"
In reply to: Sean Christopherson: "Re: [PATCH] KVM: nVMX: WARN on any attempt to allocate shadow VMCS for vmcs02"
Next in thread: Vitaly Kuznetsov: "Re: [PATCH] KVM: nVMX: WARN on any attempt to allocate shadow VMCS for vmcs02"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]