linux-kernel - Re: [RFC PATCH v5 102/104] KVM: TDX: Add methods to ignore accesses to CPU state

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Date:   Tue, 12 Apr 2022 08:52:50 +0200
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     Xiaoyao Li <xiaoyao.li@...el.com>, isaku.yamahata@...el.com,
        kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:     isaku.yamahata@...il.com, Jim Mattson <jmattson@...gle.com>,
        erdemaktas@...gle.com, Connor Kuehl <ckuehl@...hat.com>,
        Sean Christopherson <seanjc@...gle.com>
Subject: Re: [RFC PATCH v5 102/104] KVM: TDX: Add methods to ignore accesses
 to CPU state

On 4/12/22 08:49, Xiaoyao Li wrote:
> 
>> +void tdx_cache_reg(struct kvm_vcpu *vcpu, enum kvm_reg reg)
>> +{
>> +    kvm_register_mark_available(vcpu, reg);
>> +    switch (reg) {
>> +    case VCPU_REGS_RSP:
>> +    case VCPU_REGS_RIP:
>> +    case VCPU_EXREG_PDPTR:
>> +    case VCPU_EXREG_CR0:
>> +    case VCPU_EXREG_CR3:
>> +    case VCPU_EXREG_CR4:
>> +        break;
>> +    default:
>> +        KVM_BUG_ON(1, vcpu->kvm);
>> +        break;
>> +    }
>> +}
> 
> Isaku,
> 
> We missed one case that some GPRs are accessible by KVM/userspace for 
> TDVMCALL exit.

If a register is not in the VMX_REGS_LAZY_LOAD_SET it will never be 
passed to tdx_cache_reg.  As far as I understand those TDVMCALL 
registers do not include either RSP or RIP.

Paolo