lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Apr 2022 15:31:48 +0800 From: Xiaoyao Li <xiaoyao.li@...el.com> To: Paolo Bonzini <pbonzini@...hat.com>, isaku.yamahata@...el.com, kvm@...r.kernel.org, linux-kernel@...r.kernel.org Cc: isaku.yamahata@...il.com, Jim Mattson <jmattson@...gle.com>, erdemaktas@...gle.com, Connor Kuehl <ckuehl@...hat.com>, Sean Christopherson <seanjc@...gle.com> Subject: Re: [RFC PATCH v5 102/104] KVM: TDX: Add methods to ignore accesses to CPU state On 4/12/2022 2:52 PM, Paolo Bonzini wrote: > On 4/12/22 08:49, Xiaoyao Li wrote: >> >>> +void tdx_cache_reg(struct kvm_vcpu *vcpu, enum kvm_reg reg) >>> +{ >>> + kvm_register_mark_available(vcpu, reg); >>> + switch (reg) { >>> + case VCPU_REGS_RSP: >>> + case VCPU_REGS_RIP: >>> + case VCPU_EXREG_PDPTR: >>> + case VCPU_EXREG_CR0: >>> + case VCPU_EXREG_CR3: >>> + case VCPU_EXREG_CR4: >>> + break; >>> + default: >>> + KVM_BUG_ON(1, vcpu->kvm); >>> + break; >>> + } >>> +} >> >> Isaku, >> >> We missed one case that some GPRs are accessible by KVM/userspace for >> TDVMCALL exit. > > If a register is not in the VMX_REGS_LAZY_LOAD_SET it will never be > passed to tdx_cache_reg. As far as I understand those TDVMCALL > registers do not include either RSP or RIP. Sorry, I should not keep the code snippet of tdx_cache_reg() as reference to mislead you and other people. I just want to remind that in the certain case of TDVMCALL, GPRs might be accessible. > Paolo >
Powered by blists - more mailing lists