| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YfFZ+SRutJhDoAkz@suse.de>
Date: Wed, 26 Jan 2022 15:26:01 +0100
From: Joerg Roedel <jroedel@...e.de>
To: Borislav Petkov <bp@...en8.de>
Cc: Joerg Roedel <joro@...tes.org>, x86@...nel.org,
Eric Biederman <ebiederm@...ssion.com>,
kexec@...ts.infradead.org, hpa@...or.com,
Andy Lutomirski <luto@...nel.org>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Peter Zijlstra <peterz@...radead.org>,
Jiri Slaby <jslaby@...e.cz>,
Dan Williams <dan.j.williams@...el.com>,
Tom Lendacky <thomas.lendacky@....com>,
Juergen Gross <jgross@...e.com>,
Kees Cook <keescook@...omium.org>,
David Rientjes <rientjes@...gle.com>,
Cfir Cohen <cfir@...gle.com>,
Erdem Aktas <erdemaktas@...gle.com>,
Masami Hiramatsu <mhiramat@...nel.org>,
Mike Stunes <mstunes@...are.com>,
Sean Christopherson <seanjc@...gle.com>,
Martin Radev <martin.b.radev@...il.com>,
Arvind Sankar <nivedita@...m.mit.edu>,
linux-coco@...ts.linux.dev, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org, virtualization@...ts.linux-foundation.org
Subject: Re: [PATCH v2 07/12] x86/sev: Setup code to park APs in the AP Jump
Table
On Wed, Nov 10, 2021 at 05:37:32PM +0100, Borislav Petkov wrote:
> On Mon, Sep 13, 2021 at 05:55:58PM +0200, Joerg Roedel wrote:
> > extern unsigned char real_mode_blob[];
> > diff --git a/arch/x86/include/asm/sev-ap-jumptable.h b/arch/x86/include/asm/sev-ap-jumptable.h
> > new file mode 100644
> > index 000000000000..1c8b2ce779e2
> > --- /dev/null
> > +++ b/arch/x86/include/asm/sev-ap-jumptable.h
>
> Why a separate header? arch/x86/include/asm/sev.h looks small enough.
The header is included in assembly, so I made a separate one.
> > +void __init sev_es_setup_ap_jump_table_data(void *base, u32 pa)
>
> Why is this a separate function?
>
> It is all part of the jump table setup.
Right, but the sev_es_setup_ap_jump_table_blob() function is already
pretty big and I wanted to keep things readable.
>
> > + return 0;
>
> Why are you returning 0 here and below?
This is in an initcall and it returns just 0 when the environment is not
ready to setup the ap jump table. Returning non-zero would create a
warning message in the caller for something that is not a bug in the
kernel.
> > + * This file contains the source code for the binary blob which gets copied to
> > + * the SEV-ES AP Jumptable to park APs while offlining CPUs or booting a new
>
> I've seen "Jumptable", "Jump Table" and "jump table" at least. I'd say, do
> the last one everywhere pls.
Fair, sorry for my english being too german :) I changed everything to
'jump table'.
> > + /* Reset remaining registers */
> > + movl $0, %esp
> > + movl $0, %eax
> > + movl $0, %ebx
> > + movl $0, %edx
>
> All 4: use xor
XOR changes EFLAGS, can not use them here.
> > +
> > + /* Reset CR0 to get out of protected mode */
> > + movl $0x60000010, %ecx
>
> Another magic naked number.
This is the CR0 reset value. I have updated the comment to make this
more clear.
Thanks,
--
Jörg Rödel
jroedel@...e.de
SUSE Software Solutions Germany GmbH
Maxfeldstr. 5
90409 Nürnberg
Germany
(HRB 36809, AG Nürnberg)
Geschäftsführer: Ivo Totev
Powered by blists - more mailing lists