| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Dec 2020 10:45:20 -0600
From: Tom Lendacky <thomas.lendacky@....com>
To: Paolo Bonzini <pbonzini@...hat.com>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, x86@...nel.org
Cc: Jim Mattson <jmattson@...gle.com>, Joerg Roedel <joro@...tes.org>,
Sean Christopherson <seanjc@...gle.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Borislav Petkov <bp@...en8.de>, Ingo Molnar <mingo@...hat.com>,
Thomas Gleixner <tglx@...utronix.de>,
Brijesh Singh <brijesh.singh@....com>
Subject: Re: [PATCH v5 02/34] KVM: SVM: Remove the call to
sev_platform_status() during setup
On 12/14/20 6:29 AM, Paolo Bonzini wrote:
> On 10/12/20 18:09, Tom Lendacky wrote:
>> From: Tom Lendacky <thomas.lendacky@....com>
>>
>> When both KVM support and the CCP driver are built into the kernel instead
>> of as modules, KVM initialization can happen before CCP initialization. As
>> a result, sev_platform_status() will return a failure when it is called
>> from sev_hardware_setup(), when this isn't really an error condition.
>>
>> Since sev_platform_status() doesn't need to be called at this time anyway,
>> remove the invocation from sev_hardware_setup().
>>
>> Signed-off-by: Tom Lendacky <thomas.lendacky@....com>
>> ---
>> arch/x86/kvm/svm/sev.c | 22 +---------------------
>> 1 file changed, 1 insertion(+), 21 deletions(-)
>>
>> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
>> index c0b14106258a..a4ba5476bf42 100644
>> --- a/arch/x86/kvm/svm/sev.c
>> +++ b/arch/x86/kvm/svm/sev.c
>> @@ -1127,9 +1127,6 @@ void sev_vm_destroy(struct kvm *kvm)
>> int __init sev_hardware_setup(void)
>> {
>> - struct sev_user_data_status *status;
>> - int rc;
>> -
>> /* Maximum number of encrypted guests supported simultaneously */
>> max_sev_asid = cpuid_ecx(0x8000001F);
>> @@ -1148,26 +1145,9 @@ int __init sev_hardware_setup(void)
>> if (!sev_reclaim_asid_bitmap)
>> return 1;
>> - status = kmalloc(sizeof(*status), GFP_KERNEL);
>> - if (!status)
>> - return 1;
>> -
>> - /*
>> - * Check SEV platform status.
>> - *
>> - * PLATFORM_STATUS can be called in any state, if we failed to query
>> - * the PLATFORM status then either PSP firmware does not support SEV
>> - * feature or SEV firmware is dead.
>> - */
>> - rc = sev_platform_status(status, NULL);
>> - if (rc)
>> - goto err;
>> -
>> pr_info("SEV supported\n");
>> -err:
>> - kfree(status);
>> - return rc;
>> + return 0;
>> }
>> void sev_hardware_teardown(void)
>>
>
> Queued with Cc: stable.
>
> Note that sev_platform_status now can become static within
> drivers/crypto/ccp/sev-dev.c.
Nice catch. I'll look at doing a follow-on patch to change that.
Thanks,
Tom
>
> Paolo
Powered by blists - more mailing lists