From: Borislav Petkov <bp@alien8.de>
To: Gleb Natapov <gleb@kernel.org>
Cc: "Jan Kiszka" <jan.kiszka@web.de>,
"Paolo Bonzini" <pbonzini@redhat.com>,
lkml <linux-kernel@vger.kernel.org>,
"Peter Zijlstra" <peterz@infradead.org>,
"Steven Rostedt" <rostedt@goodmis.org>, x86-ml <x86@kernel.org>,
kvm@vger.kernel.org, "Jörg Rödel" <joro@8bytes.org>
Subject: Re: __schedule #DF splat
Date: Sun, 29 Jun 2014 16:01:04 +0200 [thread overview]
Message-ID: <20140629140104.GB12528@pd.tnic> (raw)
In-Reply-To: <20140629134247.GG18167@minantech.com>
On Sun, Jun 29, 2014 at 04:42:47PM +0300, Gleb Natapov wrote:
> Please do so and let us know.
Yep, just did. Reverting ae9fedc793 fixes the issue.
> reinj:1 means that previous injection failed due to another #PF that
> happened during the event injection itself This may happen if GDT or fist
> instruction of a fault handler is not mapped by shadow pages, but here
> it says that the new page fault is at the same address as the previous
> one as if GDT is or #PF handler is mapped there. Strange. Especially
> since #DF is injected successfully, so GDT should be fine. May be wrong
> cpl makes svm crazy?
Well, I'm not going to even pretend to know kvm to know *when* we're
saving VMCB state but if we're saving the wrong CPL and then doing the
pagetable walk, I can very well imagine if the walker gets confused. One
possible issue could be U/S bit (bit 2) in the PTE bits which allows
access to supervisor pages only when CPL < 3. I.e., CPL has effect on
pagetable walk and a wrong CPL level could break it.
All a conjecture though...
--
Regards/Gruss,
Boris.
Sent from a fat crate under my desk. Formatting is fine.
--
next prev parent reply other threads:[~2014-06-29 14:01 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-25 15:32 __schedule #DF splat Borislav Petkov
2014-06-25 20:26 ` Borislav Petkov
2014-06-27 10:18 ` Borislav Petkov
2014-06-27 11:41 ` Paolo Bonzini
2014-06-27 11:55 ` Borislav Petkov
2014-06-27 12:01 ` Paolo Bonzini
2014-06-27 12:10 ` Borislav Petkov
2014-06-28 11:44 ` Borislav Petkov
2014-06-29 6:46 ` Gleb Natapov
2014-06-29 9:56 ` Jan Kiszka
2014-06-29 10:24 ` Gleb Natapov
2014-06-29 10:31 ` Jan Kiszka
2014-06-29 10:53 ` Gleb Natapov
2014-06-29 10:59 ` Jan Kiszka
2014-06-29 11:51 ` Borislav Petkov
2014-06-29 12:22 ` Jan Kiszka
2014-06-29 13:14 ` Borislav Petkov
2014-06-29 13:42 ` Gleb Natapov
2014-06-29 14:01 ` Borislav Petkov [this message]
2014-06-29 14:27 ` Gleb Natapov
2014-06-29 14:32 ` Jan Kiszka
2014-06-29 14:51 ` Jan Kiszka
2014-06-29 15:12 ` [PATCH] KVM: SVM: Fix CPL export via SS.DPL Jan Kiszka
2014-06-29 18:00 ` Borislav Petkov
2014-06-30 15:01 ` Paolo Bonzini
2014-06-30 15:03 ` Jan Kiszka
2014-06-30 15:15 ` Borislav Petkov
2014-06-30 15:25 ` Gleb Natapov
2014-06-30 15:26 ` Paolo Bonzini
2014-06-29 13:46 ` __schedule #DF splat Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140629140104.GB12528@pd.tnic \
--to=bp@alien8.de \
--cc=gleb@kernel.org \
--cc=jan.kiszka@web.de \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.