| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 12 May 2021 15:15:37 +0200
From: Borislav Petkov <bp@...en8.de>
To: Ashish Kalra <Ashish.Kalra@....com>, seanjc@...gle.com
Cc: pbonzini@...hat.com, tglx@...utronix.de, mingo@...hat.com,
hpa@...or.com, joro@...tes.org, thomas.lendacky@....com,
x86@...nel.org, kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
srutherford@...gle.com, venu.busireddy@...cle.com,
brijesh.singh@....com
Subject: Re: [PATCH v2 2/4] mm: x86: Invoke hypercall when page encryption
status is changed
On Fri, Apr 23, 2021 at 03:58:43PM +0000, Ashish Kalra wrote:
> +static inline void notify_page_enc_status_changed(unsigned long pfn,
> + int npages, bool enc)
> +{
> + PVOP_VCALL3(mmu.notify_page_enc_status_changed, pfn, npages, enc);
> +}
Now the question is whether something like that is needed for TDX, and,
if so, could it be shared by both.
Sean?
> +void notify_addr_enc_status_changed(unsigned long vaddr, int npages,
> + bool enc)
Let that line stick out.
> +{
> +#ifdef CONFIG_PARAVIRT
> + unsigned long sz = npages << PAGE_SHIFT;
> + unsigned long vaddr_end = vaddr + sz;
> +
> + while (vaddr < vaddr_end) {
> + int psize, pmask, level;
> + unsigned long pfn;
> + pte_t *kpte;
> +
> + kpte = lookup_address(vaddr, &level);
> + if (!kpte || pte_none(*kpte))
> + return;
What does this mean exactly? On the first failure to lookup the address,
you return? Why not continue so that you can notify about the remaining
pages in [vaddr - vaddr_end)?
Also, what does it mean for the current range if the lookup fails?
Innocuous situation or do you need to signal it with a WARN or so?
> +
> + pfn = pg_level_to_pfn(level, kpte, NULL);
> + if (!pfn)
> + continue;
Same here: if it hits the default case, wouldn't it make sense to
WARN_ONCE or so to catch potential misuse? Or better yet, the WARN_ONCE
should be in pg_level_to_pfn().
> diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c
> index 16f878c26667..45e65517405a 100644
> --- a/arch/x86/mm/pat/set_memory.c
> +++ b/arch/x86/mm/pat/set_memory.c
> @@ -2012,6 +2012,13 @@ static int __set_memory_enc_dec(unsigned long addr, int numpages, bool enc)
> */
> cpa_flush(&cpa, 0);
>
> + /*
> + * Notify hypervisor that a given memory range is mapped encrypted
> + * or decrypted. The hypervisor will use this information during the
> + * VM migration.
> + */
> + notify_addr_enc_status_changed(addr, numpages, enc);
If you notify about a range then that function should be called
notify_range_enc_status_changed
or so.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists