| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210609011030.751451-1-sathyanarayanan.kuppuswamy@linux.intel.com>
Date: Tue, 8 Jun 2021 18:10:30 -0700
From: Kuppuswamy Sathyanarayanan
<sathyanarayanan.kuppuswamy@...ux.intel.com>
To: Peter Zijlstra <peterz@...radead.org>,
Andy Lutomirski <luto@...nel.org>,
Dave Hansen <dave.hansen@...el.com>,
Tony Luck <tony.luck@...el.com>,
Dan Williams <dan.j.williams@...el.com>
Cc: Andi Kleen <ak@...ux.intel.com>,
Kirill Shutemov <kirill.shutemov@...ux.intel.com>,
Kuppuswamy Sathyanarayanan <knsathya@...nel.org>,
Raj Ashok <ashok.raj@...el.com>,
Sean Christopherson <seanjc@...gle.com>,
linux-kernel@...r.kernel.org,
Kuppuswamy Sathyanarayanan
<sathyanarayanan.kuppuswamy@...ux.intel.com>
Subject: [RFC v2-fix-v4 1/1] x86/tdx: Skip WBINVD instruction for TDX guest
Current TDX spec does not have support to emulate the WBINVD
instruction. If any feature that uses WBINVD is enabled/used
in TDX guest, it will lead to un-handled #VE exception, which
will be handled as #GP fault.
ACPI drivers also uses WBINVD instruction for cache flushes in
reboot or shutdown code path. Since TDX guest has requirement
to support shutdown feature, skip WBINVD instruction usage
in ACPI drivers for TDX guest.
Since cache is always coherent in TDX guests, making wbinvd as
noop should not cause any issues in above mentioned code path.
The end-behavior is the same as KVM guest (treat as noops).
In future, once TDX guest specification adds support for WBINVD
hypercall, we can pass the handle to KVM to handle it.
Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@...ux.intel.com>
---
Changes since RFC v2-fix-v3:
* Fixed commit log as per review comments.
* Instead of fixing all usages of ACPI_FLUSH_CPU_CACHE(),
created TDX specific exception for it in its implementation.
Changes since RFC v2-fix-v2:
* Instead of handling WBINVD #VE exception as nop, we skip its
usage in currently enabled drivers.
* Adapted commit log for above change.
arch/x86/include/asm/acenv.h | 7 ++++++-
arch/x86/kernel/tdx.c | 1 +
include/linux/protected_guest.h | 2 ++
3 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/acenv.h b/arch/x86/include/asm/acenv.h
index 9aff97f0de7f..36c87b69366b 100644
--- a/arch/x86/include/asm/acenv.h
+++ b/arch/x86/include/asm/acenv.h
@@ -10,10 +10,15 @@
#define _ASM_X86_ACENV_H
#include <asm/special_insns.h>
+#include <linux/protected_guest.h>
/* Asm macros */
-#define ACPI_FLUSH_CPU_CACHE() wbinvd()
+#define ACPI_FLUSH_CPU_CACHE() \
+do { \
+ if (!prot_guest_has(PR_GUEST_DISABLE_WBINVD)) \
+ wbinvd(); \
+} while (0)
int __acpi_acquire_global_lock(unsigned int *lock);
int __acpi_release_global_lock(unsigned int *lock);
diff --git a/arch/x86/kernel/tdx.c b/arch/x86/kernel/tdx.c
index 06fcbca402cb..fd27cf651f0b 100644
--- a/arch/x86/kernel/tdx.c
+++ b/arch/x86/kernel/tdx.c
@@ -92,6 +92,7 @@ bool tdx_protected_guest_has(unsigned long flag)
case PR_GUEST_MEM_ENCRYPT_ACTIVE:
case PR_GUEST_UNROLL_STRING_IO:
case PR_GUEST_SHARED_MAPPING_INIT:
+ case PR_GUEST_DISABLE_WBINVD:
return true;
}
diff --git a/include/linux/protected_guest.h b/include/linux/protected_guest.h
index adfa62e2615e..0ec4dab86f67 100644
--- a/include/linux/protected_guest.h
+++ b/include/linux/protected_guest.h
@@ -18,6 +18,8 @@
#define PR_GUEST_HOST_MEM_ENCRYPT 0x103
/* Support for shared mapping initialization (after early init) */
#define PR_GUEST_SHARED_MAPPING_INIT 0x104
+/* Support to disable WBINVD */
+#define PR_GUEST_DISABLE_WBINVD 0x105
#if defined(CONFIG_INTEL_TDX_GUEST) || defined(CONFIG_AMD_MEM_ENCRYPT)
--
2.25.1
Powered by blists - more mailing lists