lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20200117130047.GA3685@8bytes.org>
Date:   Fri, 17 Jan 2020 14:00:47 +0100
From:   Joerg Roedel <joro@...tes.org>
To:     Tom Lendacky <thomas.lendacky@....com>
Cc:     linux-kernel@...r.kernel.org, x86@...nel.org,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Brijesh Singh <brijesh.singh@....com>, stable@...r.kernel.org
Subject: Re: [PATCH] x86/CPU/AMD: Ensure clearing of SME/SEV features is
 maintained

On Wed, Jan 15, 2020 at 04:05:16PM -0600, Tom Lendacky wrote:
> If the SME and SEV features are present via CPUID, but memory encryption
> support is not enabled (MSR 0xC001_0010[23]), the features are cleared
> using clear_cpu_cap(). However, if get_cpu_cap() is later called, these
> features will be reset back to present, which is not desired.
> 
> Change from using clear_cpu_cap() to setup_clear_cpu_cap() so that the
> clearing of the features is maintained.
> 
> Cc: <stable@...r.kernel.org> # 4.16.x-
> Signed-off-by: Tom Lendacky <thomas.lendacky@....com>

Reviewed-by: Joerg Roedel <jroedel@...e.de>

> ---
>  arch/x86/kernel/cpu/amd.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
> index 90f75e515876..62c30279be77 100644
> --- a/arch/x86/kernel/cpu/amd.c
> +++ b/arch/x86/kernel/cpu/amd.c
> @@ -615,9 +615,9 @@ static void early_detect_mem_encrypt(struct cpuinfo_x86 *c)
>  		return;
>  
>  clear_all:
> -		clear_cpu_cap(c, X86_FEATURE_SME);
> +		setup_clear_cpu_cap(X86_FEATURE_SME);
>  clear_sev:
> -		clear_cpu_cap(c, X86_FEATURE_SEV);
> +		setup_clear_cpu_cap(X86_FEATURE_SEV);
>  	}
>  }
>  
> -- 
> 2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ