Re: [PATCH 05/12] KVM: MMU: avoid NULL-pointer dereference on page freeing bugs

From: Paolo Bonzini
Date: Fri Feb 11 2022 - 06:21:25 EST

Next message: John Ogness: "Re: [PATCH v2] printk: defer_console_output: use atomic update"
Previous message: Krzysztof Kozlowski: "Re: [PATCH] dt-bindings: can: xilinx_can: Convert Xilinx CAN binding to YAML"
In reply to: Sean Christopherson: "Re: [PATCH 05/12] KVM: MMU: avoid NULL-pointer dereference on page freeing bugs"
Next in thread: Paolo Bonzini: "[PATCH 08/12] KVM: MMU: do not consult levels when freeing roots"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2/11/22 01:24, Sean Christopherson wrote:

sp = to_shadow_page(*root_hpa & PT64_BASE_ADDR_MASK);
+ if (WARN_ON(!sp))

Should this be KVM_BUG_ON()? I.e. when you triggered these, would continuing on
potentially corrupt guest data, or was it truly benign-ish?

It only triggered on the mode_switch SVM unit test (with npt=0); so, in a very small test which just hung after the bug. The WARN however was the 10-minute difference between rmmod and reboot...

I didn't use KVM_BUG_ON because we're in a pretty deep call stack (kvm_mmu_new_pgd, itself called from nested vmentry) and all sort of stuff will happen before bailing out. My mental model is to use KVM_BUG_ON in situations for which error propagation is possible and clean.

Paolo

Next message: John Ogness: "Re: [PATCH v2] printk: defer_console_output: use atomic update"
Previous message: Krzysztof Kozlowski: "Re: [PATCH] dt-bindings: can: xilinx_can: Convert Xilinx CAN binding to YAML"
In reply to: Sean Christopherson: "Re: [PATCH 05/12] KVM: MMU: avoid NULL-pointer dereference on page freeing bugs"
Next in thread: Paolo Bonzini: "[PATCH 08/12] KVM: MMU: do not consult levels when freeing roots"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]