| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220511011906.el4m54fns7ilh7fr@box.shutemov.name>
Date: Wed, 11 May 2022 04:19:06 +0300
From: "Kirill A. Shutemov" <kirill@...temov.name>
To: Borislav Petkov <bp@...en8.de>
Cc: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
Andy Lutomirski <luto@...nel.org>,
Sean Christopherson <seanjc@...gle.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Joerg Roedel <jroedel@...e.de>,
Ard Biesheuvel <ardb@...nel.org>,
Andi Kleen <ak@...ux.intel.com>,
Kuppuswamy Sathyanarayanan
<sathyanarayanan.kuppuswamy@...ux.intel.com>,
David Rientjes <rientjes@...gle.com>,
Vlastimil Babka <vbabka@...e.cz>,
Tom Lendacky <thomas.lendacky@....com>,
Thomas Gleixner <tglx@...utronix.de>,
Peter Zijlstra <peterz@...radead.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Ingo Molnar <mingo@...hat.com>,
Varad Gautam <varad.gautam@...e.com>,
Dario Faggioli <dfaggioli@...e.com>,
Dave Hansen <dave.hansen@...el.com>,
Brijesh Singh <brijesh.singh@....com>,
Mike Rapoport <rppt@...nel.org>,
David Hildenbrand <david@...hat.com>, x86@...nel.org,
linux-mm@...ck.org, linux-coco@...ts.linux.dev,
linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCHv5 10/12] x86/tdx: Unaccepted memory support
On Fri, May 06, 2022 at 11:44:23PM +0300, Kirill A. Shutemov wrote:
> > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> > > index 7021ec725dd3..e4c31dbea6d7 100644
> > > --- a/arch/x86/Kconfig
> > > +++ b/arch/x86/Kconfig
> > > @@ -885,6 +885,7 @@ config INTEL_TDX_GUEST
> > > select ARCH_HAS_CC_PLATFORM
> > > select X86_MEM_ENCRYPT
> > > select X86_MCE
> > > + select UNACCEPTED_MEMORY
> >
> > WARNING: unmet direct dependencies detected for UNACCEPTED_MEMORY
> > Depends on [n]: EFI [=y] && EFI_STUB [=y] && !KEXEC_CORE [=y]
> > Selected by [y]:
> > - INTEL_TDX_GUEST [=y] && HYPERVISOR_GUEST [=y] && X86_64 [=y] && CPU_SUP_INTEL [=y] && X86_X2APIC [=y]
> >
> > WARNING: unmet direct dependencies detected for UNACCEPTED_MEMORY
> > Depends on [n]: EFI [=y] && EFI_STUB [=y] && !KEXEC_CORE [=y]
> > Selected by [y]:
> > - INTEL_TDX_GUEST [=y] && HYPERVISOR_GUEST [=y] && X86_64 [=y] && CPU_SUP_INTEL [=y] && X86_X2APIC [=y]
>
> Ughh. Any ideas how to get around it? (Except for implementing kexec
> support right away?)
I reworked this to boot-time kexec disable.
> > Also, it doesn't need to be bool - you can simply return accept_size on
> > success and 0 on error so that you don't have an I/O argument.
>
> So on the calling side it would look like:
>
> accepted = try_accept_one(start, len, PG_LEVEL_1G)
> if (accepted) {
> start += accepted;
> continue;
> }
>
> And the similar for other levels. Is it really better?
JFYI, I've reworked it as
accepted = try_accept_one(start, len, PG_LEVEL_1G);
if (!accepted)
accepted = try_accept_one(start, len, PG_LEVEL_2M);
if (!accepted)
accepted = try_accept_one(start, len, PG_LEVEL_4K);
if (!accepted)
return false;
start += accepted;
looks good to me.
--
Kirill A. Shutemov
Powered by blists - more mailing lists