lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 13 Mar 2018 15:49:56 +0300
From:   "Kirill A. Shutemov" <kirill@...temov.name>
To:     Kai Huang <kai.huang@...ux.intel.com>
Cc:     dave.hansen@...el.com, peterz@...radead.org, hpa@...or.com,
        mingo@...nel.org, linux-kernel@...r.kernel.org, tglx@...utronix.de,
        torvalds@...ux-foundation.org, kirill.shutemov@...ux.intel.com,
        thomas.lendacky@....com, linux-tip-commits@...r.kernel.org
Subject: Re: [tip:x86/mm] x86/tme: Detect if TME and MKTME is activated by
 BIOS

On Tue, Mar 13, 2018 at 03:12:02PM +1300, Kai Huang wrote:
> It seems setup_pku() will call get_cpu_cap to restore c->x86_phys_bits
> later? In which case I think you need to change setup_pku as well.

Thanks for catching this.

I think setup_pku() shouldn't call get_cpu_cap().

Any objections against this:

diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index 348cf4821240..ce10d8ae4cd6 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -362,6 +362,8 @@ static bool pku_disabled;

 static __always_inline void setup_pku(struct cpuinfo_x86 *c)
 {
+       u32 eax, ebx, ecx, edx;
+
        /* check the boot processor, plus compile options for PKU: */
        if (!cpu_feature_enabled(X86_FEATURE_PKU))
                return;
@@ -377,7 +379,8 @@ static __always_inline void setup_pku(struct cpuinfo_x86 *c)
         * cpuid bit to be set.  We need to ensure that we
         * update that bit in this CPU's "cpu_info".
         */
-       get_cpu_cap(c);
+       cpuid_count(0x00000007, 0, &eax, &ebx, &ecx, &edx);
+       c->x86_capability[CPUID_7_ECX] = ecx;
 }

 #ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS

> And for the comments here, I think it can be refined. It is true that
> VM guest needs to know bits of physical address, but this info is not
> used only by VM. I think the reason we need to update is this is simply
> the fact.

Fair enough. Like this?

diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c
index e8ddc6dcfd53..ac45ba7398d9 100644
--- a/arch/x86/kernel/cpu/intel.c
+++ b/arch/x86/kernel/cpu/intel.c
@@ -612,11 +612,8 @@ static void detect_tme(struct cpuinfo_x86 *c)
 #endif

        /*
-        * Exclude KeyID bits from physical address bits.
-        *
-        * We have to do this even if we are not going to use KeyID bits
-        * ourself. VM guests still have to know that these bits are not usable
-        * for physical address.
+        * KeyID bits effectively lower number of physical address bits.
+        * Let's update cpuinfo_x86::x86_phys_bits to reflect the fact.
         */
        c->x86_phys_bits -= keyid_bits;
 }
-- 
 Kirill A. Shutemov

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ