| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 12 Feb 2020 14:56:45 +0100
From: Joerg Roedel <joro@...tes.org>
To: Andy Lutomirski <luto@...nel.org>
Cc: X86 ML <x86@...nel.org>, "H. Peter Anvin" <hpa@...or.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Hellstrom <thellstrom@...are.com>,
Jiri Slaby <jslaby@...e.cz>,
Dan Williams <dan.j.williams@...el.com>,
Tom Lendacky <thomas.lendacky@....com>,
Juergen Gross <jgross@...e.com>,
Kees Cook <keescook@...omium.org>,
LKML <linux-kernel@...r.kernel.org>,
kvm list <kvm@...r.kernel.org>,
Linux Virtualization <virtualization@...ts.linux-foundation.org>,
Joerg Roedel <jroedel@...e.de>
Subject: Re: [PATCH 62/62] x86/sev-es: Add NMI state tracking
On Tue, Feb 11, 2020 at 02:50:29PM -0800, Andy Lutomirski wrote:
> On Tue, Feb 11, 2020 at 5:53 AM Joerg Roedel <joro@...tes.org> wrote:
> This patch is overcomplicated IMO. Just do the magic incantation in C
> from do_nmi or from here:
>
> /*
> * For ease of testing, unmask NMIs right away. Disabled by
> * default because IRET is very expensive.
>
> If you do the latter, you'll need to handle the case where the NMI
> came from user mode.
>
> The ideal solution is do_nmi, I think.
>
> if (static_cpu_has(X86_BUG_AMD_FORGOT_ABOUT_NMI))
> sev_es_unmask_nmi();
>
> Feel free to use X86_FEATURE_SEV_ES instead :)
Yeah, I also had that implemented once, but then changed it because I
thought that nested NMIs do not necessarily call into do_nmi(), which
would cause NMIs to stay blocked forever. I need to read through the NMI
entry code again to check if that can really happen.
Regards,
Joerg
Powered by blists - more mailing lists