Re: [PATCH Part1 RFC v4 15/36] x86/mm: Add support to validate memory when changing C-bit

From: Brijesh Singh
Date: Tue Aug 17 2021 - 16:34:50 EST

Next message: Colin Ian King: "Re: bpf: Implement minimal BPF perf link"
Previous message: Rob Herring: "Re: [PATCH v5, 05/15] dt-bindings: media: mtk-vcodec: Separate video encoder and decoder dt-bindings"
In reply to: Brijesh Singh: "Re: [PATCH Part1 RFC v4 15/36] x86/mm: Add support to validate memory when changing C-bit"
Next in thread: Borislav Petkov: "Re: [PATCH Part1 RFC v4 15/36] x86/mm: Add support to validate memory when changing C-bit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Boris,

On 8/17/21 12:27 PM, Borislav Petkov wrote:

+ /* Lets verify that reserved bit is not set in the header*/
+ if (WARN(hdr->reserved, "Reserved bit is set in the PSC header\n"))

psc_entry has a ->reserved field too and since we're iterating over the
entries...

I am not seeing any strong reason to sanity check the reserved bit in the psc_entry. The fields in the psc_entry are input from guest to the hypervisor. The hypervisor cannot trick a guest by changing anything in the psc_entry because guest does not read the hypervisor filled value. I am okay with the psc_hdr because we need to read the current and end entry after the PSC completes to determine whether it was successful and sanity checking PSC header makes much more sense. Let me know if you are okay with it ?

thanks

Next message: Colin Ian King: "Re: bpf: Implement minimal BPF perf link"
Previous message: Rob Herring: "Re: [PATCH v5, 05/15] dt-bindings: media: mtk-vcodec: Separate video encoder and decoder dt-bindings"
In reply to: Brijesh Singh: "Re: [PATCH Part1 RFC v4 15/36] x86/mm: Add support to validate memory when changing C-bit"
Next in thread: Borislav Petkov: "Re: [PATCH Part1 RFC v4 15/36] x86/mm: Add support to validate memory when changing C-bit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]