From nobody Wed Sep 22 01:14:09 2021 X-Original-To: freebsd-virtualization@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id A139A17D34EC for ; Wed, 22 Sep 2021 01:14:22 +0000 (UTC) (envelope-from me@anatoli.ws) Received: from out-mx.anatoli.ws (out-mx.anatoli.ws [177.54.157.124]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "out-mx.anatoli.ws", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HDgLP5nNgz3Ckh for ; Wed, 22 Sep 2021 01:14:21 +0000 (UTC) (envelope-from me@anatoli.ws) Received: from [192.168.0.1] (unknown [192.168.0.1]) by out-mx.oprbox.com (Postfix) with ESMTPSA id 1058F1E00BCA for ; Wed, 22 Sep 2021 01:14:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=anatoli.ws; s=vnptcm0lqn; t=1632273252; bh=npER10nnVicx9Z5Fo7yp4lPl+Ml1HPJMbxApJha+x7g=; h=To:From:Subject:Date; b=XFnLKrWYcWQzYUU7Rj8ncCw/l4qgLtqbiB3v+5XYl3o+erkrtjhMSKL8ZB41KyNov v7OfoQANzg9hCKjnPWeJ67jDe1eqqbvvPjFHYtZ3HjpUXKavcqP1NdrH7KJt9oEOOc wgrMn8RI4V6wR6hSoiA9J47Hc13pHATFOeQbxewGzc96eAuwpigCnnSP1xL2CPzBbS M904yRAIRpOrjkmMdK4RYB8+/maxh41aMlI2MhVLpWa4AnPVHSCbdQJDy7tLNbO3g7 dZh3AqZttBCNzhhEwalrJYKG03GERxXtvclsCZO7jQfvmlqhnFQaeYDocyHzoZ0NNU hM3MP8EmFkvBw== To: freebsd-virtualization@freebsd.org Subject: Review of vulnerabilities in other virtualization projects Message-ID: <00a0c3ed-dfa5-4d90-ea10-78d7d1147c63@anatoli.ws> Date: Tue, 21 Sep 2021 22:14:09 -0300 List-Id: Discussion List-Archive: https://lists.freebsd.org/archives/freebsd-virtualization List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-virtualization@freebsd.org X-BeenThere: freebsd-virtualization@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4HDgLP5nNgz3Ckh X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=anatoli.ws header.s=vnptcm0lqn header.b=XFnLKrWY; dmarc=pass (policy=reject) header.from=anatoli.ws; spf=pass (mx1.freebsd.org: domain of me@anatoli.ws designates 177.54.157.124 as permitted sender) smtp.mailfrom=me@anatoli.ws X-Spamd-Result: default: False [-3.50 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[anatoli.ws:s=vnptcm0lqn]; FREEFALL_USER(0.00)[me]; FROM_HAS_DN(0.00)[]; MV_CASE(0.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-virtualization@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_SPF_ALLOW(-0.20)[+a:out-mx.anatoli.ws]; DKIM_TRACE(0.00)[anatoli.ws:+]; MID_RHS_MATCH_FROM(0.00)[]; DMARC_POLICY_ALLOW(-0.50)[anatoli.ws,reject]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:262287, ipnet:177.54.156.0/23, country:BR]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] Reply-To: me@anatoli.ws From: Anatoli via freebsd-virtualization X-Original-From: Anatoli X-ThisMailContainsUnwantedMimeParts: N Hi, Just wanted to ask the virtualization dev team whether some analysis of new vulnerabilities found in other virtualization projects, like KVM on Linux, VMM on OpenBSD, Xen, QEMU, etc. is conducted regularly to see if the same problems are present in bhyve and the FreeBSD virt stack in general? As an example, have the following recent vulnerabilities in KVM and Xen been checked for same problems in bhyve and pci(4)? Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656) Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653) Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing guests to retain access to pages that were freed and perhaps re-used for other purposes. Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered. While these are typically device specific ACPI properties, they can also be specified to apply to a range of devices, or even all devices. On all systems with such regions Xen failed to prevent guests from undoing/replacing such mappings (CVE-2021-28694). On AMD systems, where a discontinuous range is specified by firmware, the supposedly-excluded middle range will also be identity-mapped (CVE-2021-28695). Further, on AMD systems, upon de-assigment of a physical device from a guest, the identity mappings would be left in place, allowing a guest continued access to ranges of memory which it shouldn't have access to anymore (CVE-2021-28696). All these vulnerabilities were published in the past 30 days. Just to clarify, the question is not about whether these specific vulnerabilities apply or not to the way bhyve is implemented, but rather whether there's a process in place to review the newly discovered security problems in other virtualization projects. Regards, Anatoli From nobody Wed Sep 22 15:21:57 2021 X-Original-To: freebsd-virtualization@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 168B617C6CFA for ; Wed, 22 Sep 2021 15:22:10 +0000 (UTC) (envelope-from ionut.mihalache1506@gmail.com) Received: from mail-il1-x133.google.com (mail-il1-x133.google.com [IPv6:2607:f8b0:4864:20::133]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HF28d4C5Dz3ng3 for ; Wed, 22 Sep 2021 15:22:09 +0000 (UTC) (envelope-from ionut.mihalache1506@gmail.com) Received: by mail-il1-x133.google.com with SMTP id b8so3068081ilh.12 for ; Wed, 22 Sep 2021 08:22:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=vz/jCVKlUkDDMpW0zt0IszbXkjM29RHZK0bMY2l/a3I=; b=YYHkHNFgR1KsdNI3eI0Bas+1PjQT59PWytDiUzprEk1mo2tjiG/NQOkPBUtYX22kC+ IVsa0udrfYOlye4uB4DybdCtCR5IMmUwwXL+PRhTjmvMW5mafSmrhJx0WELCuZFVmDGl LZx6vqGbSLHqOaEf/Vt7L6fdhA7I6kZQGh3OdqV5SMQjIYzQD9oJxUrls/cssA6L7xDO UgIS1OUr/fsPCwmqyvKj3ynD4Hy4WQHYd4wDpkJHtcICdFZqeD6QY1f+m0Kv4yFguHVn 61LMmXVabMXhcp1DhvUuZdcsm7f8y6pOixoky7mFLArgEg3KEA+PI5D8JIBUbethiytn 85+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=vz/jCVKlUkDDMpW0zt0IszbXkjM29RHZK0bMY2l/a3I=; b=rATxVmSz2Ngtk3kfiDyRoMi+ZLX+1BTLoKgRQ/dl9G4YTJJeziT0P82JOOimH7oL1J 2F3oKupLPuLx3ph3QI0BhTNse/3fgZfswMHHndUcwPklirK71TqIxGZWH97MLLBRb4wN 04IE+wfNDPxkEwi5gNITaTq+tXKPFBHMMz8WNIsPgDDoXUq/amJiYMhx18ZlhM4FFWfz N8HnrtnSwZ/G1Y7fyWuxu9E6QZpV2QlCIVIeE2itvoFL+Gxc9uEra+u7f9mwCbOW1xFA MaWlulUJxuChgQzAgrs5MmpJk91ZC+Hju+HPOnmQdU9JLxEiYQ48+ytQGK8PCirOdvUb g3tQ== X-Gm-Message-State: AOAM532cUwae5zx2Ra22/0PreC0P1DvjXR8C8MW4zpVPr2d+FF0/eYCk at/1RWsOjUTHNsCN2m+4j5lP9N5XnrRM3iOs+o5TgxQr3NE= X-Google-Smtp-Source: ABdhPJy+J+JUXgCVIRlKNE3+fd1jmetbBxhz5RhcCjq0NWcdk3zsdh31HDzpGI4Gq90TvJa6c2RGoq3viMhoFx0bo1g= X-Received: by 2002:a92:d14e:: with SMTP id t14mr168809ilg.218.1632324128623; Wed, 22 Sep 2021 08:22:08 -0700 (PDT) List-Id: Discussion List-Archive: https://lists.freebsd.org/archives/freebsd-virtualization List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-virtualization@freebsd.org X-BeenThere: freebsd-virtualization@freebsd.org MIME-Version: 1.0 From: =?UTF-8?Q?Ionu=C8=9B_Mihalache?= Date: Wed, 22 Sep 2021 18:21:57 +0300 Message-ID: Subject: bhyve checkpoint with libzfs To: freebsd-virtualization@freebsd.org Content-Type: multipart/alternative; boundary="000000000000d8512005cc971379" X-Rspamd-Queue-Id: 4HF28d4C5Dz3ng3 X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20210112 header.b=YYHkHNFg; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of ionutmihalache1506@gmail.com designates 2607:f8b0:4864:20::133 as permitted sender) smtp.mailfrom=ionutmihalache1506@gmail.com X-Spamd-Result: default: False [-1.50 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_NONE(0.00)[]; MID_RHS_MATCH_FROMTLD(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; R_MIXED_CHARSET(0.83)[subject]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-virtualization@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_SPAM_SHORT(0.67)[0.671]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::133:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] X-ThisMailContainsUnwantedMimeParts: N --000000000000d8512005cc971379 Content-Type: text/plain; charset="UTF-8" Hi, everyone, In the last year, I worked on bringing improvements for the snapshot/checkpoint functionality for bhyve. Because bhyve doesn't yet have a checkpoint mechanism, the last months of my work focused on finding a way to use ZFS functionalities available through libzfs. I managed to implement a daemon that, together with bhyve, and based on ZFS snapshots and ZFS clones, provides a simple checkpoint mechanism for the basic checkpoint operations existent in other hypervisors: CREATE, ROLLBACK and DELETE. The link from [1] presents a tutorial on how to setup everything for using the bhyve checkpoint mechanism based on ZFS. Moreover, you can find at [1] a demo (video) of the ZFS checkpoint functionality. We would like to get your opinion on the proposed checkpoint mechanism and gather as much feedback as possible. Based on the feedback the project can continue with bringing more functionalities and improving the existing ones. Feel free to share your thoughts on the idea. [1] https://github.com/FreeBSD-UPB/freebsd-src/wiki/Checkpoint-for-bhyve-using-zfs-snapshots-and-clones Thank you. --000000000000d8512005cc971379-- From nobody Sun Sep 26 21:00:47 2021 X-Original-To: virtualization@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 7CFD417D626B for ; Sun, 26 Sep 2021 21:00:48 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HHdTX1W3xz513W for ; Sun, 26 Sep 2021 21:00:47 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C15BA2482A for ; Sun, 26 Sep 2021 21:00:47 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 18QL0lsB058377 for ; Sun, 26 Sep 2021 21:00:47 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 18QL0lKD058376 for virtualization@FreeBSD.org; Sun, 26 Sep 2021 21:00:47 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <202109262100.18QL0lKD058376@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: virtualization@FreeBSD.org Subject: Problem reports for virtualization@FreeBSD.org that need special attention Date: Sun, 26 Sep 2021 21:00:47 +0000 List-Id: Discussion List-Archive: https://lists.freebsd.org/archives/freebsd-virtualization List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-virtualization@freebsd.org X-BeenThere: freebsd-virtualization@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="16326900473.26EAC40.56155" Content-Transfer-Encoding: 7bit X-ThisMailContainsUnwantedMimeParts: N --16326900473.26EAC40.56155 Date: Sun, 26 Sep 2021 21:00:47 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- In Progress | 247208 | mpt(4): VMWare virtualized LSI controller panics New | 240945 | [hyper-v] [netvsc] hn network driver incorrectly Open | 244838 | "bectl activate -t" does not honor the -t flag in 3 problems total for which you should take action. --16326900473.26EAC40.56155--