| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 2 Feb 2022 15:48:30 +0300
From: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
To: Thomas Gleixner <tglx@...utronix.de>
Cc: bp@...en8.de, aarcange@...hat.com, ak@...ux.intel.com,
dan.j.williams@...el.com, dave.hansen@...el.com, david@...hat.com,
hpa@...or.com, jgross@...e.com, jmattson@...gle.com,
joro@...tes.org, jpoimboe@...hat.com, knsathya@...nel.org,
linux-kernel@...r.kernel.org, luto@...nel.org, mingo@...hat.com,
pbonzini@...hat.com, peterz@...radead.org,
sathyanarayanan.kuppuswamy@...ux.intel.com, sdeep@...are.com,
seanjc@...gle.com, tony.luck@...el.com, vkuznets@...hat.com,
wanpengli@...cent.com, x86@...nel.org
Subject: Re: [PATCHv2.1 05/29] x86/tdx: Add HLT support for TDX guests
On Tue, Feb 01, 2022 at 10:21:58PM +0100, Thomas Gleixner wrote:
> On Sun, Jan 30 2022 at 01:30, Kirill A. Shutemov wrote:
> > +/*
> > + * Used in __tdx_hypercall() to determine whether to enable interrupts
> > + * before issuing TDCALL for the EXIT_REASON_HLT case.
> > + */
> > +#define ENABLE_IRQS_BEFORE_HLT 0x01
> > +
> > /*
> > * __tdx_module_call() - Used by TDX guests to request services from
> > * the TDX module (does not include VMM services).
> > @@ -230,6 +237,30 @@ SYM_FUNC_START(__tdx_hypercall)
> >
> > movl $TDVMCALL_EXPOSE_REGS_MASK, %ecx
> >
> > + /*
> > + * For the idle loop STI needs to be called directly before
> > + * the TDCALL that enters idle (EXIT_REASON_HLT case). STI
> > + * instruction enables interrupts only one instruction later.
> > + * If there is a window between STI and the instruction that
> > + * emulates the HALT state, there is a chance for interrupts to
> > + * happen in this window, which can delay the HLT operation
> > + * indefinitely. Since this is the not the desired result,
> > + * conditionally call STI before TDCALL.
> > + *
> > + * Since STI instruction is only required for the idle case
> > + * (a special case of EXIT_REASON_HLT), use the r15 register
> > + * value to identify it. Since the R15 register is not used
> > + * by the VMM as per EXIT_REASON_HLT ABI, re-use it in
> > + * software to identify the STI case.
> > + */
> > + cmpl $EXIT_REASON_HLT, %r11d
> > + jne .Lskip_sti
> > + cmpl $ENABLE_IRQS_BEFORE_HLT, %r15d
> > + jne .Lskip_sti
> > + /* Set R15 register to 0, it is unused in EXIT_REASON_HLT case */
> > + xor %r15, %r15
> > + sti
> > +.Lskip_sti:
> > tdcall
>
> This really can be simplified:
>
> cmpl $EXIT_REASON_SAFE_HLT, %r11d
> jne .Lnohalt
> movl $EXIT_REASON_HLT, %r11d
> sti
> .Lnohalt:
> tdcall
>
> and the below becomes:
>
> static bool tdx_halt(void)
> {
> return !!__tdx_hypercall(EXIT_REASON_HLT, !!irqs_disabled(), 0, 0, 0, NULL);
> }
>
> void __cpuidle tdx_safe_halt(void)
> {
> if (__tdx_hypercall(EXIT_REASON_SAFE_HLT, 0, 0, 0, 0, NULL)
> WARN_ONCE(1, "HLT instruction emulation failed\n");
> }
>
> Hmm?
EXIT_REASON_* are architectural, see SDM vol 3D, appendix C. There's no
EXIT_REASON_SAFE_HLT.
Do you want to define a synthetic one? Like
#define EXIT_REASON_SAFE_HLT 0x10000
?
Looks dubious to me, I donno. I worry about possible conflicts with the
spec in the future.
--
Kirill A. Shutemov
Powered by blists - more mailing lists