lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 28 Feb 2022 08:44:30 -0800
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
Cc:     tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
        dave.hansen@...el.com, luto@...nel.org, peterz@...radead.org,
        sathyanarayanan.kuppuswamy@...ux.intel.com, aarcange@...hat.com,
        ak@...ux.intel.com, dan.j.williams@...el.com, david@...hat.com,
        hpa@...or.com, jgross@...e.com, jmattson@...gle.com,
        joro@...tes.org, knsathya@...nel.org, pbonzini@...hat.com,
        sdeep@...are.com, seanjc@...gle.com, tony.luck@...el.com,
        vkuznets@...hat.com, wanpengli@...cent.com,
        thomas.lendacky@....com, brijesh.singh@....com, x86@...nel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCHv4 15/30] x86/boot: Allow to hook up alternative port I/O
 helpers

On Mon, Feb 28, 2022 at 07:33:53PM +0300, Kirill A. Shutemov wrote:
> On Sun, Feb 27, 2022 at 02:02:19PM -0800, Josh Poimboeuf wrote:
> > On Thu, Feb 24, 2022 at 06:56:15PM +0300, Kirill A. Shutemov wrote:
> > > Port I/O instructions trigger #VE in the TDX environment. In response to
> > > the exception, kernel emulates these instructions using hypercalls.
> > > 
> > > But during early boot, on the decompression stage, it is cumbersome to
> > > deal with #VE. It is cleaner to go to hypercalls directly, bypassing #VE
> > > handling.
> > > 
> > > Add a way to hook up alternative port I/O helpers in the boot stub.
> > > 
> > > Signed-off-by: Kirill A. Shutemov <kirill.shutemov@...ux.intel.com>
> > 
> > I think you missed my comment from v3.
> 
> I did not missed it, but I failed to acknowledge it.
> 
> To me it is a judgement call. Either way has right to live.
> I talked to Borislav on this and we suggested to keep it as. Rework later
> as needed.
> 
> > Repeating it here:
> > 
> > At least from reading the commit message it's not self-evident why #VE
> > handling would be worse, especially since there's already #VC support in
> > boot.  It would help to give more info about that in the commit message.
> > 
> > The current approach also seems fragile, doesn't it require all future
> > code to remember to not do i/o directly?  How do we make sure that
> > doesn't happen going forward?
> > 
> > How does it fail if some code accidentally does i/o directly?  Or
> > triggers #VE some other way?  Is the error understandable and
> > actionable?
> 
> Dealing with failure in decompression code is a pain. We don't have usual
> infrastructure there. The patch deals with port I/O which is the only way
> to communicate issue to the user. If it fails for whatever reason we are
> screwed. And it doesn't depend on how it was implemented.

In the patch description, please address all of my concerns and
questions.

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ