[v3,0/5] KVM: Reject vCPU IDs above 2^32

Message ID	20240614202859.3597745-1-minipli@grsecurity.net (mailing list archive)
Headers	show Received: from mail-ej1-f47.google.com (mail-ej1-f47.google.com [209.85.218.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 101691487F4 for <kvm@vger.kernel.org>; Fri, 14 Jun 2024 20:29:04 +0000 (UTC) From: Mathias Krause <minipli@grsecurity.net> To: Paolo Bonzini <pbonzini@redhat.com>, Sean Christopherson <seanjc@google.com> Cc: kvm@vger.kernel.org, Mathias Krause <minipli@grsecurity.net> Subject: [PATCH v3 0/5] KVM: Reject vCPU IDs above 2^32 Date: Fri, 14 Jun 2024 22:28:54 +0200 Message-Id: <20240614202859.3597745-1-minipli@grsecurity.net> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	KVM: Reject vCPU IDs above 2^32 \| expand [v3,0/5] KVM: Reject vCPU IDs above 2^32 [v3,1/5] KVM: Reject overly excessive IDs in KVM_CREATE_VCPU [v3,2/5] KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID [v3,3/5] KVM: x86: Prevent excluding the BSP on setting max_vcpu_ids [v3,4/5] KVM: selftests: Test max vCPU IDs corner cases [v3,5/5] KVM: selftests: Test vCPU boot IDs above 2^32

Message ID

20240614202859.3597745-1-minipli@grsecurity.net (mailing list archive)

Headers

From: Mathias Krause <minipli@grsecurity.net>
To: Paolo Bonzini <pbonzini@redhat.com>,
	Sean Christopherson <seanjc@google.com>
Cc: kvm@vger.kernel.org,
	Mathias Krause <minipli@grsecurity.net>
Subject: [PATCH v3 0/5] KVM: Reject vCPU IDs above 2^32
Date: Fri, 14 Jun 2024 22:28:54 +0200
Message-Id: <20240614202859.3597745-1-minipli@grsecurity.net>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

KVM: Reject vCPU IDs above 2^32 | expand

Message

Mathias Krause June 14, 2024, 8:28 p.m. UTC

This small series evolved from a single vCPU ID limit check to
multiple ones, including sanity checks among them and enhanced
selftests.

Please apply!

Thanks,
Mathias

v2: https://lore.kernel.org/kvm/20240612215415.3450952-1-minipli@grsecurity.net/

changes v2->v3:
- test max_vcpu_ids on bsp_vcpu_id limit check if already set (Sean)
- add patch to check max_vcpu_ids to not exclude bsp_vcpu_id (Sean)
- reorder series to have selftests at the end
- minor commit log cosmetics

changes v1->v2:
- add comment and build bug to make truncation check more obvious (Sean)
- handle KVM_SET_BOOT_CPU_ID similar

Mathias Krause (4):
  KVM: Reject overly excessive IDs in KVM_CREATE_VCPU
  KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID
  KVM: selftests: Test max vCPU IDs corner cases
  KVM: selftests: Test vCPU boot IDs above 2^32

Sean Christopherson (1):
  KVM: x86: Prevent excluding the BSP on setting max_vcpu_ids

 arch/x86/kvm/x86.c                            |  7 +++++-
 .../kvm/x86_64/max_vcpuid_cap_test.c          | 22 +++++++++++++++++--
 .../selftests/kvm/x86_64/set_boot_cpu_id.c    | 11 ++++++++++
 virt/kvm/kvm_main.c                           | 10 ++++++++-
 4 files changed, 46 insertions(+), 4 deletions(-)

Comments

Sean Christopherson June 18, 2024, 9:41 p.m. UTC | #1

On Fri, 14 Jun 2024 22:28:54 +0200, Mathias Krause wrote:
> This small series evolved from a single vCPU ID limit check to
> multiple ones, including sanity checks among them and enhanced
> selftests.

Applied to kvm-x86 generic, with a few tweaks (emails incoming).  Thanks!

[1/5] KVM: Reject overly excessive IDs in KVM_CREATE_VCPU
      https://github.com/kvm-x86/linux/commit/8b8e57e5096e
[2/5] KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID
      https://github.com/kvm-x86/linux/commit/7c305d5118e6
[3/5] KVM: x86: Prevent excluding the BSP on setting max_vcpu_ids
      https://github.com/kvm-x86/linux/commit/d29bf2ca1404
[4/5] KVM: selftests: Test max vCPU IDs corner cases
      https://github.com/kvm-x86/linux/commit/4b451a57809c
[5/5] KVM: selftests: Test vCPU boot IDs above 2^32
      https://github.com/kvm-x86/linux/commit/438a496b9041

--
https://github.com/kvm-x86/linux/tree/next

Mathias Krause June 19, 2024, 6:28 a.m. UTC | #2

On 18.06.24 23:41, Sean Christopherson wrote:
> On Fri, 14 Jun 2024 22:28:54 +0200, Mathias Krause wrote:
>> This small series evolved from a single vCPU ID limit check to
>> multiple ones, including sanity checks among them and enhanced
>> selftests.
> 
> Applied to kvm-x86 generic, with a few tweaks (emails incoming).  Thanks!
> 
> [1/5] KVM: Reject overly excessive IDs in KVM_CREATE_VCPU
>       https://github.com/kvm-x86/linux/commit/8b8e57e5096e
> [2/5] KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID
>       https://github.com/kvm-x86/linux/commit/7c305d5118e6
> [3/5] KVM: x86: Prevent excluding the BSP on setting max_vcpu_ids
>       https://github.com/kvm-x86/linux/commit/d29bf2ca1404
> [4/5] KVM: selftests: Test max vCPU IDs corner cases
>       https://github.com/kvm-x86/linux/commit/4b451a57809c
> [5/5] KVM: selftests: Test vCPU boot IDs above 2^32
>       https://github.com/kvm-x86/linux/commit/438a496b9041

Looking good, thanks Sean!

Mathias