lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 22 Apr 2022 10:15:08 -0500
From:   Tom Lendacky <thomas.lendacky@....com>
To:     Michael Roth <michael.roth@....com>, linux-kernel@...r.kernel.org
Cc:     Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
        "H . Peter Anvin" <hpa@...or.com>,
        Kees Cook <keescook@...omium.org>,
        "Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>,
        Tony Luck <tony.luck@...el.com>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Kuppuswamy Sathyanarayanan 
        <sathyanarayanan.kuppuswamy@...ux.intel.com>,
        Venu Busireddy <venu.busireddy@...cle.com>,
        Joerg Roedel <jroedel@...e.de>,
        Tianyu Lan <Tianyu.Lan@...rosoft.com>,
        Brijesh Singh <brijesh.singh@....com>
Subject: Re: [PATCH v3 2/2] x86/sev: Get the AP jump table address from
 secrets page

On 4/22/22 08:56, Michael Roth wrote:
> From: Brijesh Singh <brijesh.singh@....com>
> 
> The GHCB specification section 2.7 states that when SEV-SNP is enabled,
> a hypervisor must provide the AP jump table physical address through

I missed this on the first version. It's not the hypervisor, but the guest 
BIOS that directly provides the AP jump table physical address, in our 
case OVMF sets the address in the SNP secrets page. This allows 
communication between UEFI/BIOS and OS without hypervisor involvement.

> the SNP secrets pages.
> 
> Fixes: 0afb6b660a6b ("x86/sev: Use SEV-SNP AP creation to start secondary CPUs")
> Signed-off-by: Brijesh Singh <brijesh.singh@....com>
> [ mroth: improve error handling when ioremap()/memremap() return NULL ]
> [ mroth: don't mix function calls with declarations ]
> [ mroth: add missing __init ]
> Signed-off-by: Michael Roth <michael.roth@....com>

With the commit message change:

Reviewed-by: Tom Lendacky <thomas.lendacky@....com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ