lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 03 May 2022 09:55:52 +1200
From:   Kai Huang <kai.huang@...el.com>
To:     Dave Hansen <dave.hansen@...el.com>, linux-kernel@...r.kernel.org,
        kvm@...r.kernel.org
Cc:     seanjc@...gle.com, pbonzini@...hat.com, len.brown@...el.com,
        tony.luck@...el.com, rafael.j.wysocki@...el.com,
        reinette.chatre@...el.com, dan.j.williams@...el.com,
        peterz@...radead.org, ak@...ux.intel.com,
        kirill.shutemov@...ux.intel.com,
        sathyanarayanan.kuppuswamy@...ux.intel.com,
        isaku.yamahata@...el.com
Subject: Re: [PATCH v3 13/21] x86/virt/tdx: Allocate and set up PAMTs for
 TDMRs

On Mon, 2022-05-02 at 07:17 -0700, Dave Hansen wrote:
> On 5/1/22 22:59, Kai Huang wrote:
> > On Fri, 2022-04-29 at 07:20 -0700, Dave Hansen wrote:
> > How about adding below in the changelog:
> > 
> > "
> > However using alloc_contig_pages() to allocate large physically contiguous
> > memory at runtime may fail.  The larger the allocation, the more likely it is to
> > fail.  Due to the fragmentation, the kernel may need to move pages out of the
> > to-be-allocated contiguous memory range but it may fail to move even the last
> > stubborn page.  A good way (although not foolproof) is to launch a TD VM early
> > in boot to get PAMTs allocated before memory gets fragmented or consumed.
> > "
> 
> Better, although it's getting a bit off topic for this changelog.
> 
> Just be short and sweet:
> 
> 1. the allocation can fail
> 2. Launch a VM early to (badly) mitigate this
> 3. the only way to fix it is to add a boot option
> 
OK. Thanks.

> 
> > > > > > +	/*
> > > > > > +	 * One TDMR must cover at least one (or partial) RAM entry,
> > > > > > +	 * otherwise it is kernel bug.  WARN_ON() in this case.
> > > > > > +	 */
> > > > > > +	if (WARN_ON_ONCE((start >= end) || start >= TDMR_END(tdmr)))
> > > > > > +		return 0;
> > > 
> > > This really means "no RAM found for this TDMR", right?  Can we say that,
> > > please.
> > 
> > OK will add it.  How about:
> > 
> > 	/*
> > 	 * No RAM found for this TDMR.  WARN() in this case, as it
> > 	 * cannot happen otherwise it is a kernel bug.
> > 	 */
> 
> The only useful information in that comment is the first sentence.  The
> jibberish about WARN() is patently obvious from the next two lines of code.
> 
> *WHY* can't this happen?  How might it have actually happened?

When TDMRs are created, we already have made sure one TDMR must cover at least
one or partial RAM entry.

-- 
Thanks,
-Kai

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ