| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <06a97eaa-d54f-9f7e-d207-4ff3e576169f@amd.com>
Date: Wed, 14 Sep 2016 08:50:25 -0500
From: Tom Lendacky <thomas.lendacky@....com>
To: Borislav Petkov <bp@...en8.de>
CC: <linux-arch@...r.kernel.org>, <linux-efi@...r.kernel.org>,
<kvm@...r.kernel.org>, <linux-doc@...r.kernel.org>,
<x86@...nel.org>, <linux-kernel@...r.kernel.org>,
<kasan-dev@...glegroups.com>, <linux-mm@...ck.org>,
<iommu@...ts.linux-foundation.org>,
Radim Krčmář <rkrcmar@...hat.com>,
Arnd Bergmann <arnd@...db.de>,
Jonathan Corbet <corbet@....net>,
Matt Fleming <matt@...eblueprint.co.uk>,
Joerg Roedel <joro@...tes.org>,
Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
Andrey Ryabinin <aryabinin@...tuozzo.com>,
Ingo Molnar <mingo@...hat.com>,
Andy Lutomirski <luto@...nel.org>,
"H. Peter Anvin" <hpa@...or.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Alexander Potapenko <glider@...gle.com>,
Thomas Gleixner <tglx@...utronix.de>,
Dmitry Vyukov <dvyukov@...gle.com>
Subject: Re: [RFC PATCH v2 16/20] x86: Check for memory encryption on the APs
On 09/12/2016 07:17 AM, Borislav Petkov wrote:
> On Mon, Aug 22, 2016 at 05:38:29PM -0500, Tom Lendacky wrote:
>> Add support to check if memory encryption is active in the kernel and that
>> it has been enabled on the AP. If memory encryption is active in the kernel
>> but has not been enabled on the AP then do not allow the AP to continue
>> start up.
>>
>> Signed-off-by: Tom Lendacky <thomas.lendacky@....com>
>> ---
>> arch/x86/include/asm/msr-index.h | 2 ++
>> arch/x86/include/asm/realmode.h | 12 ++++++++++++
>> arch/x86/realmode/init.c | 4 ++++
>> arch/x86/realmode/rm/trampoline_64.S | 19 +++++++++++++++++++
>> 4 files changed, 37 insertions(+)
>
> ...
>
>> diff --git a/arch/x86/realmode/rm/trampoline_64.S b/arch/x86/realmode/rm/trampoline_64.S
>> index dac7b20..94e29f4 100644
>> --- a/arch/x86/realmode/rm/trampoline_64.S
>> +++ b/arch/x86/realmode/rm/trampoline_64.S
>> @@ -30,6 +30,7 @@
>> #include <asm/msr.h>
>> #include <asm/segment.h>
>> #include <asm/processor-flags.h>
>> +#include <asm/realmode.h>
>> #include "realmode.h"
>>
>> .text
>> @@ -92,6 +93,23 @@ ENTRY(startup_32)
>> movl %edx, %fs
>> movl %edx, %gs
>>
>> + /* Check for memory encryption support */
>> + bt $TH_FLAGS_SME_ENABLE_BIT, pa_tr_flags
>> + jnc .Ldone
>> + movl $MSR_K8_SYSCFG, %ecx
>> + rdmsr
>> + bt $MSR_K8_SYSCFG_MEM_ENCRYPT_BIT, %eax
>> + jc .Ldone
>> +
>> + /*
>> + * Memory encryption is enabled but the MSR has not been set on this
>> + * CPU so we can't continue
>
> Hmm, let me try to parse this correctly: BSP has SME enabled but the
> BIOS might not've set this on the AP? Really? Is that even possible?
Anything is possible, although it's highly unlikely.
>
> Because if SME is enabled, that means that MSR_K8_SYSCFG[23] on the BSP
> is set, right?
Correct.
>
> Also, I want to rule out here simple BIOS idiocy: if the only problem
> with the bit not being set in the AP is because some BIOS monkey forgot
> to do so, then we should try to set it ourselves and not die for no real
> reason.
Yes, we can do that. I was debating on which way to go with this. Most
likely this would never happen, but if it did... I can change this to
set the MSR bit and continue.
Thanks,
Tom
>
> Or is there another issue?
>
Powered by blists - more mailing lists