KMSAN: uninit-value in kvm

Title	Replies (including bot)	Last reply
[PATCH 5.14 000/172] 5.14.10-rc1 review	184 (184)	2021/10/05 06:41
[syzbot] KMSAN: uninit-value in kvm_cpuid	1 (2)	2021/10/01 15:13
[PATCH 0/2] KVM: x86: Fix mostly theoretical undefined behavior	8 (8)	2021/09/30 16:45

L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. ===================================================== BUG: KMSAN: uninit-value in cpuid_entry2_find arch/x86/kvm/cpuid.c:68 [inline] BUG: KMSAN: uninit-value in kvm_find_cpuid_entry arch/x86/kvm/cpuid.c:1103 [inline] BUG: KMSAN: uninit-value in kvm_cpuid+0x456/0x28f0 arch/x86/kvm/cpuid.c:1183 cpuid_entry2_find arch/x86/kvm/cpuid.c:68 [inline] kvm_find_cpuid_entry arch/x86/kvm/cpuid.c:1103 [inline] kvm_cpuid+0x456/0x28f0 arch/x86/kvm/cpuid.c:1183 kvm_vcpu_reset+0x13fb/0x1c20 arch/x86/kvm/x86.c:10885 kvm_apic_accept_events+0x58f/0x8c0 arch/x86/kvm/lapic.c:2923 vcpu_enter_guest+0xfd2/0x6d80 arch/x86/kvm/x86.c:9534 vcpu_run+0x7f5/0x18d0 arch/x86/kvm/x86.c:9788 kvm_arch_vcpu_ioctl_run+0x245b/0x2d10 arch/x86/kvm/x86.c:10020 kvm_vcpu_ioctl+0x1055/0x1e00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3749 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:874 [inline] __se_sys_ioctl+0x2df/0x4a0 fs/ioctl.c:860 __x64_sys_ioctl+0xd8/0x110 fs/ioctl.c:860 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae Local variable ----dummy@kvm_vcpu_reset created at: kvm_vcpu_reset+0x1fb/0x1c20 arch/x86/kvm/x86.c:10812 kvm_apic_accept_events+0x58f/0x8c0 arch/x86/kvm/lapic.c:2923 ===================================================== Kernel panic - not syncing: panic_on_kmsan set ... CPU: 1 PID: 6364 Comm: syz-executor072 Tainted: G B 5.15.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x1ff/0x28e lib/dump_stack.c:106 dump_stack+0x25/0x28 lib/dump_stack.c:113 panic+0x44f/0xdeb kernel/panic.c:232 kmsan_report+0x2ee/0x300 mm/kmsan/report.c:186 __msan_warning+0xd7/0x150 mm/kmsan/instrumentation.c:208 cpuid_entry2_find arch/x86/kvm/cpuid.c:68 [inline] kvm_find_cpuid_entry arch/x86/kvm/cpuid.c:1103 [inline] kvm_cpuid+0x456/0x28f0 arch/x86/kvm/cpuid.c:1183 kvm_vcpu_reset+0x13fb/0x1c20 arch/x86/kvm/x86.c:10885 kvm_apic_accept_events+0x58f/0x8c0 arch/x86/kvm/lapic.c:2923 vcpu_enter_guest+0xfd2/0x6d80 arch/x86/kvm/x86.c:9534 vcpu_run+0x7f5/0x18d0 arch/x86/kvm/x86.c:9788 kvm_arch_vcpu_ioctl_run+0x245b/0x2d10 arch/x86/kvm/x86.c:10020 kvm_vcpu_ioctl+0x1055/0x1e00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3749 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:874 [inline] __se_sys_ioctl+0x2df/0x4a0 fs/ioctl.c:860 __x64_sys_ioctl+0xd8/0x110 fs/ioctl.c:860 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f51eb544a19 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffe2fe74dc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f51eb544a19 RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffe2fe74f68 R10: 0000000000009120 R11: 0000000000000246 R12: 00007f51eb507c80 R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 Kernel Offset: disabled Rebooting in 86400 seconds..

Crashes (22):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Manager	Title
2021/09/25 03:57	https://github.com/google/kmsan.git master	cd2c05533838	8cac236e	.config	console log	report	syz	C		ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/25 16:23	https://github.com/google/kmsan.git master	82e66ad2e586	4f0000ee	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/24 05:35	https://github.com/google/kmsan.git master	82e66ad2e586	282f03fb	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/23 20:15	https://github.com/google/kmsan.git master	82e66ad2e586	282f03fb	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/23 08:35	https://github.com/google/kmsan.git master	82e66ad2e586	282f03fb	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/21 20:53	https://github.com/google/kmsan.git master	d6493d2046c4	c5cb7da8	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/21 20:23	https://github.com/google/kmsan.git master	d6493d2046c4	c5cb7da8	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/20 14:21	https://github.com/google/kmsan.git master	d6493d2046c4	418a00eb	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/16 20:18	https://github.com/google/kmsan.git master	d6493d2046c4	0c5d9412	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/16 19:55	https://github.com/google/kmsan.git master	d6493d2046c4	0c5d9412	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/16 19:55	https://github.com/google/kmsan.git master	d6493d2046c4	0c5d9412	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/16 01:51	https://github.com/google/kmsan.git master	8bdd014d5dc7	0c5d9412	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/10 02:53	https://github.com/google/kmsan.git master	c7f84f4e1147	838e7e2c	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/10 02:53	https://github.com/google/kmsan.git master	c7f84f4e1147	838e7e2c	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/10/02 22:54	https://github.com/google/kmsan.git master	90f502f5d016	db0f5787	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/09/28 04:07	https://github.com/google/kmsan.git master	cd2c05533838	78494d16	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/09/28 01:31	https://github.com/google/kmsan.git master	cd2c05533838	78494d16	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/09/27 23:47	https://github.com/google/kmsan.git master	cd2c05533838	78494d16	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/09/24 23:01	https://github.com/google/kmsan.git master	cd2c05533838	8cac236e	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/09/24 22:55	https://github.com/google/kmsan.git master	cd2c05533838	8cac236e	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/09/24 21:56	https://github.com/google/kmsan.git master	cd2c05533838	8cac236e	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid
2021/09/24 21:35	https://github.com/google/kmsan.git master	cd2c05533838	8cac236e	.config	console log	report			info	ci-upstream-kmsan-gce	KMSAN: uninit-value in kvm_cpuid

Crashes (22):

Assets (help?)

2021/09/25 03:57

https://github.com/google/kmsan.git master