| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 Jun 2021 20:24:02 +0200
From: Borislav Petkov <bp@...en8.de>
To: Sean Christopherson <seanjc@...gle.com>
Cc: Tom Lendacky <thomas.lendacky@....com>, Pu Wen <puwen@...on.cn>,
Joerg Roedel <jroedel@...e.de>, x86@...nel.org,
joro@...tes.org, dave.hansen@...ux.intel.com, peterz@...radead.org,
tglx@...utronix.de, mingo@...hat.com, hpa@...or.com,
sashal@...nel.org, gregkh@...uxfoundation.org,
linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
stable@...r.kernel.org
Subject: Re: [PATCH] x86/sev: Check whether SEV or SME is supported first
On Tue, Jun 01, 2021 at 06:08:19PM +0000, Sean Christopherson wrote:
> But we have not yet verified that 0x8000001f is supported, only that the result
> of CPUID.0x8000001f can be trusted (to handle Intel CPUs which return data from
> the highest supported leaf if the provided leaf function is greater than the max
> supported leaf). Verifying that 0x8000001f is supported doesn't happen until
> 0x8000001f is actually read, which is currently done after the RDMSR that #GPs
> and explodes.
Yeah yeah, Tom just convinced me on IRC that the patch is ok after
all... so let's do that. And again, we cannot stop hypervisors from
doing shady things here so I don't even wanna try to. People should run
SNP/TDX guests only anyway if they care about this stuff.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists