lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <52255968-a158-6f03-0e6b-bcee9a96e37e@suse.com>
Date:   Mon, 6 Sep 2021 07:07:48 +0200
From:   Juergen Gross <jgross@...e.com>
To:     Lai Jiangshan <jiangshanlai+lkml@...il.com>,
        Joerg Roedel <joro@...tes.org>
Cc:     X86 ML <x86@...nel.org>, Joerg Roedel <jroedel@...e.de>,
        "H. Peter Anvin" <hpa@...or.com>,
        Andy Lutomirski <luto@...nel.org>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Jiri Slaby <jslaby@...e.cz>,
        Dan Williams <dan.j.williams@...el.com>,
        Tom Lendacky <thomas.lendacky@....com>,
        Kees Cook <keescook@...omium.org>,
        David Rientjes <rientjes@...gle.com>,
        Cfir Cohen <cfir@...gle.com>,
        Erdem Aktas <erdemaktas@...gle.com>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Mike Stunes <mstunes@...are.com>,
        Sean Christopherson <sean.j.christopherson@...el.com>,
        Martin Radev <martin.b.radev@...il.com>,
        LKML <linux-kernel@...r.kernel.org>, kvm@...r.kernel.org,
        virtualization@...ts.linux-foundation.org
Subject: Re: [PATCH v6 42/76] x86/sev-es: Setup early #VC handler

On 04.09.21 11:39, Lai Jiangshan wrote:
>> @@ -363,6 +370,33 @@ SYM_CODE_START_LOCAL(early_idt_handler_common)
>>          jmp restore_regs_and_return_to_kernel
>>   SYM_CODE_END(early_idt_handler_common)
>>
>> +#ifdef CONFIG_AMD_MEM_ENCRYPT
>> +/*
>> + * VC Exception handler used during very early boot. The
>> + * early_idt_handler_array can't be used because it returns via the
>> + * paravirtualized INTERRUPT_RETURN and pv-ops don't work that early.
> 
> Hello Joerg, Juergen
> 
> The commit ae755b5a4548 ("x86/paravirt: Switch iret pvops to ALTERNATIVE")
> ( https://lore.kernel.org/lkml/20210311142319.4723-12-jgross@suse.com/ )
> had been merged and the paravirt_iret is deferenced based via %rip.
> 
> Can INTERRUPT_RETURN still be a problem if early_idt_handler_array
> is used instead for bringup IDT?

Even before my patch the dereferencing was done via %rip.

I vaguely remember having discussed the pvops usage with Joerg when he
wrote the SEV support. I'm not sure why pvops shouldn't have worked, but
I'm sure its usage makes no sense at all, as long as we don't have SEV
support for Xen PV guests.


Juergen

Download attachment "OpenPGP_0xB0DE9DD628BF132F.asc" of type "application/pgp-keys" (3092 bytes)

Download attachment "OpenPGP_signature" of type "application/pgp-signature" (496 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ