Re: [PATCH 0/8] KVM: SEV-ES: fixes for string I/O emulation

From: Paolo Bonzini
Date: Thu Oct 21 2021 - 13:47:58 EST

Next message: Dr. David Alan Gilbert: "Re: [PATCH v6 08/42] x86/sev-es: initialize sev_status/features within #VC handler"
Previous message: Luis Chamberlain: "Re: [PATCH V2 0/4] zram: fix two races and one zram leak"
Next in thread: Sean Christopherson: "Re: [PATCH 0/8] KVM: SEV-ES: fixes for string I/O emulation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 13/10/21 18:56, Paolo Bonzini wrote:

This series, namely patches 1 and 8, fix two bugs in string I/O
emulation for SEV-ES:

- first, the length is completely off for "rep ins" and "rep outs"
operation of size > 1. After setup_vmgexit_scratch, svm->ghcb_sa_len
is in bytes, but kvm_sev_es_string_io expects the number of PIO
operations.

- second, the size of the GHCB buffer can exceed the size of
vcpu->arch.pio_data. If that happens, we need to go over the GHCB
buffer in multiple passes.

The second bug was reported by Felix Wilhelm. The first was found by
me by code inspection; on one hand it seems *too* egregious so I'll be
gladly proven wrong on this, on the other hand... I know I'm bad at code
review, but not _that_ bad.

Ping.

Paolo

Next message: Dr. David Alan Gilbert: "Re: [PATCH v6 08/42] x86/sev-es: initialize sev_status/features within #VC handler"
Previous message: Luis Chamberlain: "Re: [PATCH V2 0/4] zram: fix two races and one zram leak"
Next in thread: Sean Christopherson: "Re: [PATCH 0/8] KVM: SEV-ES: fixes for string I/O emulation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]