lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <568d9945-ed0c-90a7-d9cf-a5662f1dbce2@amd.com>
Date:   Fri, 11 Feb 2022 08:55:54 -0600
From:   Tom Lendacky <thomas.lendacky@....com>
To:     Mario Limonciello <mario.limonciello@....com>,
        Borislav Petkov <bp@...en8.de>,
        "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@...nel.org>
Cc:     Kees Cook <keescook@...omium.org>, hughsient@...il.com,
        Martin Fernandez <martin.fernandez@...ypsium.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] x86: Use CPUID 0x8000001f to confirm SME availability

On 2/10/22 23:36, Mario Limonciello wrote:
> An upcoming change will disable the X86 SME feature flag when the
> kernel hasn't activated SME.  Avoid relying upon that when determining
> whether to call `native_wbinvd` by directly calling the CPUID that
> indicates it.
> 
> Suggested-by: Borislav Petkov <bp@...en8.de>
> Signed-off-by: Mario Limonciello <mario.limonciello@....com>
> ---
>   arch/x86/kernel/process.c | 5 ++++-
>   1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
> index 81d8ef036637..e131d71b3cae 100644
> --- a/arch/x86/kernel/process.c
> +++ b/arch/x86/kernel/process.c
> @@ -765,8 +765,11 @@ void stop_this_cpu(void *dummy)
>   	 * without the encryption bit, they don't race each other when flushed
>   	 * and potentially end up with the wrong entry being committed to
>   	 * memory.
> +	 *
> +	 * Test the CPUID bit directly because the machine might've cleared
> +	 * X86_FEATURE_SME due to cmdline options.
>   	 */
> -	if (boot_cpu_has(X86_FEATURE_SME))
> +	if (cpuid_eax(0x8000001f) & BIT(0))

Please test this by running kexec and alternating between mem_encrypt=on 
boots of the kexec kernel and mem_encrypt=off boots of the kexec kernel to 
ensure there is no memory corruption in the newly booted kernel. This 
testing needs to be done on hardware that doesn't have the 
X86_FEATURE_SME_COHERENT feature.

Or if you post the generated instructions in this area I should be able to 
determine if the change is safe.

Thanks,
Tom

>   		native_wbinvd();
>   	for (;;) {
>   		/*

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ