| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 8 Jul 2021 21:54:15 +0800
From: Tianyu Lan <ltykernel@...il.com>
To: Dave Hansen <dave.hansen@...el.com>, kys@...rosoft.com,
haiyangz@...rosoft.com, sthemmin@...rosoft.com, wei.liu@...nel.org,
decui@...rosoft.com, tglx@...utronix.de, mingo@...hat.com,
bp@...en8.de, x86@...nel.org, hpa@...or.com,
dave.hansen@...ux.intel.com, luto@...nel.org, peterz@...radead.org,
konrad.wilk@...cle.com, boris.ostrovsky@...cle.com,
jgross@...e.com, sstabellini@...nel.org, joro@...tes.org,
will@...nel.org, davem@...emloft.net, kuba@...nel.org,
jejb@...ux.ibm.com, martin.petersen@...cle.com, arnd@...db.de,
hch@....de, m.szyprowski@...sung.com, robin.murphy@....com,
kirill.shutemov@...ux.intel.com, akpm@...ux-foundation.org,
rppt@...nel.org, Tianyu.Lan@...rosoft.com, thomas.lendacky@....com,
ardb@...nel.org, robh@...nel.org, nramas@...ux.microsoft.com,
pgonda@...gle.com, martin.b.radev@...il.com, david@...hat.com,
krish.sadhukhan@...cle.com, saravanand@...com,
xen-devel@...ts.xenproject.org, keescook@...omium.org,
rientjes@...gle.com, hannes@...xchg.org,
michael.h.kelley@...rosoft.com
Cc: iommu@...ts.linux-foundation.org, linux-arch@...r.kernel.org,
linux-hyperv@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-scsi@...r.kernel.org, netdev@...r.kernel.org,
vkuznets@...hat.com, brijesh.singh@....com, anparri@...rosoft.com
Subject: Re: [Resend RFC PATCH V4 13/13] x86/HV: Not set memory
decrypted/encrypted during kexec alloc/free page in IVM
Hi Dave:
Thanks for your review.
On 7/8/2021 12:14 AM, Dave Hansen wrote:
> On 7/7/21 8:46 AM, Tianyu Lan wrote:
>> @@ -598,7 +599,7 @@ void arch_kexec_unprotect_crashkres(void)
>> */
>> int arch_kexec_post_alloc_pages(void *vaddr, unsigned int pages, gfp_t gfp)
>> {
>> - if (sev_active())
>> + if (sev_active() || hv_is_isolation_supported())
>> return 0;
>>
>> /*
>> @@ -611,7 +612,7 @@ int arch_kexec_post_alloc_pages(void *vaddr, unsigned int pages, gfp_t gfp)
>>
>> void arch_kexec_pre_free_pages(void *vaddr, unsigned int pages)
>> {
>> - if (sev_active())
>> + if (sev_active() || hv_is_isolation_supported())
>> return;
>
> You might want to take a look through the "protected guest" patches. I
> think this series is touching a few of the same locations that TDX and
> recent SEV work touch.
>
> https://lore.kernel.org/lkml/20210618225755.662725-5-sathyanarayanan.kuppuswamy@linux.intel.com/
Thanks for reminder. You are right. There will be a generic API to check
"proteced guest" type.
Powered by blists - more mailing lists