| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YgAp9yat6M7f1THf@zn.tnic>
Date: Sun, 6 Feb 2022 21:05:11 +0100
From: Borislav Petkov <bp@...en8.de>
To: Brijesh Singh <brijesh.singh@....com>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
linux-efi@...r.kernel.org, platform-driver-x86@...r.kernel.org,
linux-coco@...ts.linux.dev, linux-mm@...ck.org,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Joerg Roedel <jroedel@...e.de>,
Tom Lendacky <thomas.lendacky@....com>,
"H. Peter Anvin" <hpa@...or.com>, Ard Biesheuvel <ardb@...nel.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Sean Christopherson <seanjc@...gle.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Jim Mattson <jmattson@...gle.com>,
Andy Lutomirski <luto@...nel.org>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Sergio Lopez <slp@...hat.com>, Peter Gonda <pgonda@...gle.com>,
Peter Zijlstra <peterz@...radead.org>,
Srinivas Pandruvada <srinivas.pandruvada@...ux.intel.com>,
David Rientjes <rientjes@...gle.com>,
Dov Murik <dovmurik@...ux.ibm.com>,
Tobin Feldman-Fitzthum <tobin@....com>,
Michael Roth <michael.roth@....com>,
Vlastimil Babka <vbabka@...e.cz>,
"Kirill A . Shutemov" <kirill@...temov.name>,
Andi Kleen <ak@...ux.intel.com>,
"Dr . David Alan Gilbert" <dgilbert@...hat.com>,
brijesh.ksingh@...il.com, tony.luck@...el.com, marcorr@...gle.com,
sathyanarayanan.kuppuswamy@...ux.intel.com
Subject: Re: [PATCH v9 40/43] x86/sev: Register SEV-SNP guest request
platform device
On Fri, Jan 28, 2022 at 11:18:01AM -0600, Brijesh Singh wrote:
> Version 2 of GHCB specification provides Non Automatic Exit (NAE) that can
^ ^ ^
the a event type
> be used by the SEV-SNP guest to communicate with the PSP without risk from
> a malicious hypervisor who wishes to read, alter, drop or replay the
> messages sent.
>
> SNP_LAUNCH_UPDATE can insert two special pages into the guest’s memory:
> the secrets page and the CPUID page. The PSP firmware populate the contents
"populates"
> of the secrets page. The secrets page contains encryption keys used by the
> guest to interact with the firmware. Because the secrets page is encrypted
> with the guest’s memory encryption key, the hypervisor cannot read the
> keys. See SEV-SNP firmware spec for further details on the secrets page
> format.
>
> Create a platform device that the SEV-SNP guest driver can bind to get the
> platform resources such as encryption key and message id to use to
> communicate with the PSP. The SEV-SNP guest driver provides a userspace
> interface to get the attestation report, key derivation, extended
> attestation report etc.
...
> +static int __init init_snp_platform_device(void)
snp_init_platform_device()
> +{
> + struct snp_guest_platform_data data;
> + u64 gpa;
> +
> + if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP))
> + return -ENODEV;
> +
> + gpa = get_secrets_page();
> + if (!gpa)
> + return -ENODEV;
> +
> + data.secrets_gpa = gpa;
> + if (platform_device_add_data(&guest_req_device, &data, sizeof(data)))
> + goto e_fail;
> +
> + if (platform_device_register(&guest_req_device))
> + goto e_fail;
> +
> + pr_info("SNP guest platform device initialized.\n");
> + return 0;
> +
> +e_fail:
> + pr_err("Failed to initialize SNP guest device\n");
> + return -ENODEV;
So when someone tries to debug why the platform device doesn't register
properly, this error message is ambiguous and two of the error paths
don't even issue one.
Either issue a different error message before you return each time or
remove it completely and let someone who really needs it, add it.
I'd vote for former...
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists