lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 28 Sep 2018 18:09:04 +0800
From:   lijiang <lijiang@...hat.com>
To:     Borislav Petkov <bp@...en8.de>
Cc:     linux-kernel@...r.kernel.org, kexec@...ts.infradead.org,
        tglx@...utronix.de, mingo@...hat.com, hpa@...or.com,
        x86@...nel.org, akpm@...ux-foundation.org,
        dan.j.williams@...el.com, thomas.lendacky@....com,
        bhelgaas@...gle.com, baiyaowei@...s.chinamobile.com, tiwai@...e.de,
        brijesh.singh@....com, dyoung@...hat.com, bhe@...hat.com,
        jroedel@...e.de
Subject: Re: [PATCH v7 RESEND 2/4] kexec: allocate unencrypted control pages
 for kdump in case SME is enabled

在 2018年09月28日 15:57, Borislav Petkov 写道:
> On Fri, Sep 28, 2018 at 11:52:21AM +0800, lijiang wrote:
>> There are two functions that are usually called in pairs, they are:
>> arch_kexec_post_alloc_pages() and arch_kexec_pre_free_pages().
>>
>> One marks the pages as decrypted, another one marks the pages as encrypted.
>>
>> But for the crash control pages, no need to call arch_kexec_pre_free_pages(),
>> there are three reasons:
>> 1. Crash pages are reserved in memblock, these pages are only used by kdump,
>>    no other people uses these pages;
>>
>> 2. Whenever crash pages are allocated, these pages are always marked as
>>    decrypted(when SME is active);
>>
>> 3. If we plan to call the arch_kexe_pre_free_pages(), we have to store these
>> pages to somewhere, which will have more code changes.
> 
> I don't think any of that answers the question *why* control pages do
> not need to be marked encrypted again. And I think the reason is simple:
> because you don't really need to, because once the crash kernel is done,
> you reboot the box.
> 
Thanks for your comment, your explanation is very good.

But there are another cases, we might load or unload the crash kernel image and
initrafms, maybe again and again for test or debug, we don't reboot at once. For
example, repeat the following steps:

systemctl start kdump.service
...
systemctl stop kdump.service

But we always mark these pages as decrypted whenever these control pages are
allocated, because other people can't use these pages(reserved memory), which
are only used by kdump, so no need to mark these pages as encrypted again.

Regards,
Lianbo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ