lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <280669ec-d43a-83af-55ba-ad03411538b5@linux.intel.com>
Date:   Mon, 31 May 2021 11:45:38 -0700
From:   "Kuppuswamy, Sathyanarayanan" 
        <sathyanarayanan.kuppuswamy@...ux.intel.com>
To:     Borislav Petkov <bp@...en8.de>
Cc:     Tom Lendacky <thomas.lendacky@....com>,
        Sean Christopherson <seanjc@...gle.com>,
        Dave Hansen <dave.hansen@...el.com>,
        Andi Kleen <ak@...ux.intel.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Andy Lutomirski <luto@...nel.org>,
        Dan Williams <dan.j.williams@...el.com>,
        Tony Luck <tony.luck@...el.com>,
        Kirill Shutemov <kirill.shutemov@...ux.intel.com>,
        Kuppuswamy Sathyanarayanan <knsathya@...nel.org>,
        Raj Ashok <ashok.raj@...el.com>, linux-kernel@...r.kernel.org,
        Brijesh Singh <brijesh.singh@....com>
Subject: Re: [RFC v2 28/32] x86/tdx: Make pages shared in ioremap()



On 5/31/21 10:55 AM, Borislav Petkov wrote:
> On Mon, May 31, 2021 at 10:32:44AM -0700, Kuppuswamy, Sathyanarayanan wrote:
>> I think above requirement is satisfied in following implementation.
> 
> Well, I suggested a single protected_guest_has() function which does:
> 
>          if (AMD)
>                  amd_protected_guest_has(...)
>          else if (Intel)
>                  intel_protected_guest_has(...)
>          else
>                  WARN()
> 
> where amd_protected_guest_has() is implemented in arch/x86/kernel/sev.c
> and intel_protected_guest_has() is implemented in, as far as I can
> follow your paths in the diff, in arch/x86/kernel/tdx.c.
> 
> No is_protected_guest() 

is_protected_guest() is a helper function added to check for VM guest type
(protected or normal). Andi is going to add some security hardening code in
virto and other some other generic drivers. He wants a helper function to
selective enable them for all protected guests. Since these are generic
drivers we need generic (non arch specific) helper call. is_protected_guest()
is proposed for this purpose.

We can also use protected_guest_has(VM_VIRTIO_SECURE_FIX) or something
similar for this purpose. Andi, any comments?

> and no ARCH_HAS_PROTECTED_GUEST.

IMHO, its better to use above generic config option in common header
file (linux/protected_guest.h). Any architecture that implements
protected guest feature can enable it. This will help is hide arch
specific config options in arch specific header file.

This seems to be a cleaner solution than including ARCH specific
CONFIG option options in common header file (linux/protected_guest.h)

#ifdef CONFIG_ARCH_HAS_PROTECTED_GUEST
#include <asm/protected_guest.h>
#else
blah
#endif

is better than

#ifdef (AMD)
amd_call()
#endif

#ifdef (INTEL)
intel_call()
#endif

#ifdef (ARM)
arm_call()
#endif


> 
> Just the above controlled by CONFIG_INTEL_TDX_GUEST or whatever
> the TDX config item is gonna end up being and on the AMD side by
> CONFIG_AMD_MEM_ENCRYPT.
> 
> Thx.
> 

-- 
Sathyanarayanan Kuppuswamy
Linux Kernel Developer

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ