lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <YS/xSIvhS5GySXlQ@google.com>
Date:   Wed, 1 Sep 2021 21:31:52 +0000
From:   Sean Christopherson <seanjc@...gle.com>
To:     Joerg Roedel <joro@...tes.org>
Cc:     Paolo Bonzini <pbonzini@...hat.com>,
        Vitaly Kuznetsov <vkuznets@...hat.com>,
        Wanpeng Li <wanpengli@...cent.com>,
        Jim Mattson <jmattson@...gle.com>,
        Brijesh Singh <brijesh.singh@....com>,
        Tom Lendacky <thomas.lendacky@....com>, kvm@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-coco@...ts.linux.dev,
        Joerg Roedel <jroedel@...e.de>
Subject: Re: [PATCH v2 1/4] KVM: SVM: Get rid of *ghcb_msr_bits() functions

On Wed, Sep 01, 2021, Sean Christopherson wrote:
> > -static u64 get_ghcb_msr_bits(struct vcpu_svm *svm, u64 mask, unsigned int pos)
> > -{
> > -	return (svm->vmcb->control.ghcb_gpa >> pos) & mask;
> > +	msr  = GHCB_MSR_CPUID_RESP;
> > +	msr |= (reg & GHCB_MSR_CPUID_REG_MASK) << GHCB_MSR_CPUID_REG_POS;
> > +	msr |= (value & GHCB_MSR_CPUID_VALUE_MASK) << GHCB_MSR_CPUID_VALUE_POS;
> > +
> > +	svm->vmcb->control.ghcb_gpa = msr;
> 
> I would rather have the get/set pairs be roughly symmetric, i.e. both functions
> or both macros, and both work on svm->vmcb->control.ghcb_gpa or both be purely
> functional (that may not be the correct word).
> 
> I don't have a strong preference on function vs. macro.  But for the second one,
> my preference would be to have the helper generate the value as opposed to taken
> and filling a pointer, e.g. to yield something like:
> 
> 		cpuid_reg = GHCB_MSR_CPUID_REG(control->ghcb_gpa);
> 
> 		if (cpuid_reg == 0)
> 			cpuid_value = vcpu->arch.regs[VCPU_REGS_RAX];
> 		else if (cpuid_reg == 1)
> 			cpuid_value = vcpu->arch.regs[VCPU_REGS_RBX];
> 		else if (cpuid_reg == 2)
> 			cpuid_value = vcpu->arch.regs[VCPU_REGS_RCX];
> 		else
> 			cpuid_value = vcpu->arch.regs[VCPU_REGS_RDX];
> 
> 		control->ghcb_gpa = MAKE_GHCB_MSR_RESP(cpuid_reg, cpuid_value);
> 
> 
> The advantage is that it's obvious from the code that control->ghcb_gpa is being
> read _and_ written.

Ah, but in the next path I see there's the existing ghcb_set_sw_exit_info_2().
Hrm.  I think I still prefer open coding "control->ghcb_gpa = ..." with the right
hand side being a macro.  That would gel with the INFO_REQ, e.g.

	case GHCB_MSR_SEV_INFO_REQ:
		control->ghcb_gpa = GHCB_MSR_SEV_INFO(GHCB_VERSION_MAX,
						      GHCB_VERSION_MIN,
						      sev_enc_bit));
		break;

and drop set_ghcb_msr() altogether.

Side topic, what about renaming control->ghcb_gpa => control->ghcb_msr so that
the code for the MSR protocol is a bit more self-documenting?  The APM defines
the field as "Guest physical address of GHCB", so it's not exactly prescribing a
specific name.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ