lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Oct 2020 16:40:36 +0800 From: Shuo A Liu <shuo.a.liu@...el.com> To: Borislav Petkov <bp@...en8.de> Cc: linux-kernel@...r.kernel.org, x86@...nel.org, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, "H . Peter Anvin" <hpa@...or.com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Sean Christopherson <sean.j.christopherson@...el.com>, Yu Wang <yu1.wang@...el.com>, Reinette Chatre <reinette.chatre@...el.com>, Yin Fengwei <fengwei.yin@...el.com>, Dave Hansen <dave.hansen@...el.com>, Dan Williams <dan.j.williams@...el.com>, Zhi Wang <zhi.a.wang@...el.com>, Zhenyu Wang <zhenyuw@...ux.intel.com> Subject: Re: [PATCH v4 03/17] x86/acrn: Introduce an API to check if a VM is privileged Hi Boris, On Wed 30.Sep'20 at 10:09:59 +0200, Borislav Petkov wrote: >On Tue, Sep 22, 2020 at 07:42:57PM +0800, shuo.a.liu@...el.com wrote: >> +static u32 acrn_cpuid_base(void) >> +{ >> + static u32 acrn_cpuid_base; >> + >> + if (!acrn_cpuid_base && boot_cpu_has(X86_FEATURE_HYPERVISOR)) >> + acrn_cpuid_base = hypervisor_cpuid_base("ACRNACRNACRN", 0); >> + >> + return acrn_cpuid_base; >> +} >> + >> +bool acrn_is_privileged_vm(void) >> +{ >> + return cpuid_eax(acrn_cpuid_base() | ACRN_CPUID_FEATURES) & > >What's that dance and acrn_cpuid_base static thing needed for? Why not >simply: > > cpuid_eax(ACRN_CPUID_FEATURES) & ... > >? hypervisor_cpuid_base() searches reserved hypervisor cpuid region and return the base matched the right signature, the base might vary. So i put it here. > >> + ACRN_FEATURE_PRIVILEGED_VM; >> +} >> +EXPORT_SYMBOL_GPL(acrn_is_privileged_vm); > >Also, if you're going to need more of those bit checkers acrn_is_<something> >which look at ACRN_CPUID_FEATURES, just stash CPUID_0x40000001_EAX locally and >use a > > acrn_has(ACRN_FEATURE_PRIVILEGED_VM) > >which does the bit testing. Thanks. Currently, there is only one feature bit. I will introduce that you suggested with more feature bits to be tested. Thanks shuo
Powered by blists - more mailing lists