| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220203140943.wwi2hk3h3wzsjmdv@black.fi.intel.com>
Date: Thu, 3 Feb 2022 17:09:43 +0300
From: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
To: Josh Poimboeuf <jpoimboe@...hat.com>
Cc: Thomas Gleixner <tglx@...utronix.de>, mingo@...hat.com,
bp@...en8.de, dave.hansen@...el.com, luto@...nel.org,
peterz@...radead.org, sathyanarayanan.kuppuswamy@...ux.intel.com,
aarcange@...hat.com, ak@...ux.intel.com, dan.j.williams@...el.com,
david@...hat.com, hpa@...or.com, jgross@...e.com,
jmattson@...gle.com, joro@...tes.org, knsathya@...nel.org,
pbonzini@...hat.com, sdeep@...are.com, seanjc@...gle.com,
tony.luck@...el.com, vkuznets@...hat.com, wanpengli@...cent.com,
x86@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCHv2 01/29] x86/tdx: Detect running as a TDX guest in early
boot
On Wed, Feb 02, 2022 at 04:32:09PM -0800, Josh Poimboeuf wrote:
> On Wed, Feb 02, 2022 at 02:14:59AM +0300, Kirill A. Shutemov wrote:
> > On Tue, Feb 01, 2022 at 08:29:55PM +0100, Thomas Gleixner wrote:
> > > Kirill,
> > >
> > > On Mon, Jan 24 2022 at 18:01, Kirill A. Shutemov wrote:
> > >
> > > Just a nitpick...
> > >
> > > > +static bool tdx_guest_detected __ro_after_init;
> > > > +
> > > > +bool is_tdx_guest(void)
> > > > +{
> > > > + return tdx_guest_detected;
> > > > +}
> > > > +
> > > > +void __init tdx_early_init(void)
> > > > +{
> > > > + u32 eax, sig[3];
> > > > +
> > > > + cpuid_count(TDX_CPUID_LEAF_ID, 0, &eax, &sig[0], &sig[2], &sig[1]);
> > > > +
> > > > + if (memcmp(TDX_IDENT, sig, 12))
> > > > + return;
> > > > +
> > > > + tdx_guest_detected = true;
> > > > +
> > > > + setup_force_cpu_cap(X86_FEATURE_TDX_GUEST);
> > >
> > > So with that we have two ways to detect a TDX guest:
> > >
> > > - tdx_guest_detected
> > >
> > > - X86_FEATURE_TDX_GUEST
> > >
> > > Shouldn't X86_FEATURE_TDX_GUEST be good enough?
> >
> > Right. We have only 3 callers of is_tdx_guest() in cc_platform.c
> > I will replace them with cpu_feature_enabled(X86_FEATURE_TDX_GUEST).
>
> I had the same review comment before. I was told that cc_platform_has()
> was called before caps have been set up properly, so caps can't be
> relied upon this early.
>
> I'm not really convinced that's true. Yes, early_identify_cpu() --
> which runs after tdx_early_init() -- clears all boot_cpu_data's
> capability bits to zero [*].
>
> But shortly after that, early_identify_cpu() restores any "forced" caps
> with a call to get_cpu_cap() -> apply_forced_caps().
>
> So as far as I can tell, while it's subtle, it should work. However, it
> should be tested carefully ;-)
>
>
> [ *] The memset() of boot_cpu_data seems unnecessary since it should
> already be cleared by the compiler when it gets placed in the
> .data..read_mostly section.
>
There are couple of uses of cc_platform_has() before tdx_early_init() is
called: in sme_map_bootdata() and sme_unmap_bootdata(). Both called from
copy_bootdata().
We can move tdx_early_init() before copy_bootdata(), but in this case
tdx_early_init() won't be able to parse kernel command line. This
capability used by patches outside the initial TDX submission.
I just realized that we have moved tdx_early_init() back and forth few
times for this reason. Ughh..
I will rework (or drop) patches that parse command line options from
tdx_early_init() and move tdx_early_init() before copy_bootdata().
--
Kirill A. Shutemov
Powered by blists - more mailing lists