lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 21 Aug 2018 11:07:38 -0500
From:   Brijesh Singh <brijesh.singh@....com>
To:     Borislav Petkov <bp@...e.de>
Cc:     brijesh.singh@....com, "x86@...nel.org" <x86@...nel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "Lendacky, Thomas" <Thomas.Lendacky@....com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Pavel Tatashin <pasha.tatashin@...cle.com>
Subject: Re: SEV guest regression in 4.18



On 08/21/2018 10:19 AM, Borislav Petkov wrote:
> On Tue, Aug 21, 2018 at 09:37:56AM -0500, Brijesh Singh wrote:
>> Those variables are accessed immediately by the tsc calibration code
>> path hence we will not able to delay the allocation.
> 
> If you mean, check_tsc_sync_source/_target(), those are called pretty
> late, AFAICT.
> 
> And I see a setup_arch() -> init_mem_mapping -> ... ->
> kernel_physical_mapping_init() call which happens much earlier.
> 
> Again, AFAICT. You probably should try it though, to make sure.
> 

Here is a typical flow:

setup_arch()
   ....

   init_hypervisor_platform()
     kvmclock_init()
       kvm_register_clock("primary cpu clock")
         /* this shares the physical address of variable with HV.
          * Ideally you want C-bit to be cleared before we give
          * the address to HV because HV may start using the
          * variable as soon as we issue wrmsrl(MSR_KVM_SYSTEM_TIME).
          *
          * we may able to relax rules that variable should be mapped
          * with C=0 before making the wrmsrl(). Since HV will anyways
          * write the data with C=0. The important thing is when guest
          * tries to read it must map the address as C=0.
          */
        Later part of kvmclock_init provides a hooks for tsc calibration

   tsc_early_init()
      determine_cpu_tsc_frequencies()
        /* this will call tsc calibration hooks registered by the
         * kvmclock_init. The hooks basically reads those variables.
         * These variable must be mapped with C=0 otherwise we will
         * not be able to get the data written by the hypervisor.
         */

   ...
   ...
   ...
   ...

   trim_low_memory_range
   init_mem_mapping()

   ...

The tsc_early_init() is called before setup_arch() -> init_mem_mapping.

-Brijesh

Powered by blists - more mailing lists