lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 25 Nov 2021 00:40:49 +0100
From:   Thomas Gleixner <tglx@...utronix.de>
To:     Kuppuswamy Sathyanarayanan 
        <sathyanarayanan.kuppuswamy@...ux.intel.com>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org
Cc:     "H . Peter Anvin" <hpa@...or.com>, Tony Luck <tony.luck@...el.com>,
        Dan Williams <dan.j.williams@...el.com>,
        Andi Kleen <ak@...ux.intel.com>,
        Kirill Shutemov <kirill.shutemov@...ux.intel.com>,
        Kuppuswamy Sathyanarayanan <knsathya@...nel.org>,
        Kuppuswamy Sathyanarayanan 
        <sathyanarayanan.kuppuswamy@...ux.intel.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] x86/tdx: Don't write CSTAR MSR on Intel

Kuppuswamy,

On Thu, Nov 18 2021 at 19:58, Kuppuswamy Sathyanarayanan wrote:

almost. The subject line is bogus:

        x86/tdx: Don't write CSTAR MSR on Intel

This has nothing to do with TDX in the first place as the actual check
is for CPU vendor == Intel. It's absolutely no requirement to remove
this for TDX. TDX could just handle the #VE and ignore the write.

It's an obvious optimization without TDX because the write is pointless
independent of TDX. There is no value to slap TDX on everything just
because.

Also 'write on Intel' should be 'write on Intel CPUs' to make sense.
  
> +/* Don't write CSTAR MSR on Intel platforms */

How is this comment useful? The proper explanation is below.

> +static void wrmsrl_cstar(unsigned long val)
> +{
> +	/*
> +	 * Intel CPUs do not support 32-bit SYSCALL. Writing to MSR_CSTAR
> +	 * is normally ignored by the CPU, but raises a #VE trap in a TDX
> +	 * guest.
> +	 */
> +	if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL)
> +		wrmsrl(MSR_CSTAR, val);
> +}

I fixed it up for you because of Thanksgiving.

Thanks,

        tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ