| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220304003157.diqytybw6gpwn5sa@amd.com>
Date: Thu, 3 Mar 2022 18:31:57 -0600
From: Michael Roth <michael.roth@....com>
To: Borislav Petkov <bp@...en8.de>
CC: Brijesh Singh <brijesh.singh@....com>, <x86@...nel.org>,
<linux-kernel@...r.kernel.org>, <kvm@...r.kernel.org>,
<linux-efi@...r.kernel.org>, <platform-driver-x86@...r.kernel.org>,
<linux-coco@...ts.linux.dev>, <linux-mm@...ck.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Joerg Roedel <jroedel@...e.de>,
Tom Lendacky <thomas.lendacky@....com>,
"H. Peter Anvin" <hpa@...or.com>, Ard Biesheuvel <ardb@...nel.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Sean Christopherson <seanjc@...gle.com>,
"Vitaly Kuznetsov" <vkuznets@...hat.com>,
Jim Mattson <jmattson@...gle.com>,
"Andy Lutomirski" <luto@...nel.org>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Sergio Lopez <slp@...hat.com>, Peter Gonda <pgonda@...gle.com>,
"Peter Zijlstra" <peterz@...radead.org>,
Srinivas Pandruvada <srinivas.pandruvada@...ux.intel.com>,
David Rientjes <rientjes@...gle.com>,
Dov Murik <dovmurik@...ux.ibm.com>,
Tobin Feldman-Fitzthum <tobin@....com>,
Vlastimil Babka <vbabka@...e.cz>,
"Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>,
Andi Kleen <ak@...ux.intel.com>,
"Dr . David Alan Gilbert" <dgilbert@...hat.com>,
<brijesh.ksingh@...il.com>, <tony.luck@...el.com>,
<marcorr@...gle.com>, <sathyanarayanan.kuppuswamy@...ux.intel.com>
Subject: Re: [PATCH v11 39/45] x86/sev: Use firmware-validated CPUID for
SEV-SNP guests
On Thu, Mar 03, 2022 at 12:51:20PM +0100, Borislav Petkov wrote:
> On Thu, Feb 24, 2022 at 10:56:19AM -0600, Brijesh Singh wrote:
> > Also add an "sev_debug" kernel command-line parameter that will be used
> > (initially) to dump the CPUID table for debugging/analysis.
>
> No, not "sev_debug" - "sev=debug".
>
> I'm pretty sure there will be need for other SEV-specific cmdline
> options so this thing should be a set, i.e.,
> "sev=(option1,option2?,option3?,...)"
>
> etc.
>
> See mcheck_enable() and the comment above it for an example.
If I do it the mce_check() way it ends up looking something like the
below, is that what you add in mind?
In that case it seems to expect "mce=option1 mce=option2" etc. I could
open-code a parser to handle multiple options like sev=option1,option2
etc., but wanted to check with you first.
Also, should I go ahead and introduce struct sev_options now, or
just use a regular bool until more options are added later?
Thanks!
struct sev_options {
bool debug;
};
static struct sev_options sev_cmdline_opts;
...
static int __init process_sev_options(char *str)
{
if ((*str) == '=')
str++;
if (!strcmp(str, "debug")) {
sev_cmdline_opts.debug = true;
} else {
pr_info("SEV command-line option '%s' was not ecognized\n", str);
return 1;
}
return 0;
}
__setup("sev", process_sev_options);
static int __init report_cpuid_table(void)
{
...
if (sev_cmdline_opts.debug)
dump_cpuid_table();
}
arch_initcall(report_cpuid_table)
>
> --
> Regards/Gruss,
> Boris.
>
> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpeople.kernel.org%2Ftglx%2Fnotes-about-netiquette&data=04%7C01%7CMichael.Roth%40amd.com%7C98ed7057691e4faf205e08d9fd0c2768%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637819050942268665%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=SxTMowEey9CFaqlUHfWKVuEqThTEGktHAO3JgQIttRE%3D&reserved=0
Powered by blists - more mailing lists