lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <378228c30a12a12620fddd87d1c2c33fde07a25e.camel@intel.com>
Date:   Wed, 29 Jun 2022 21:17:48 +1200
From:   Kai Huang <kai.huang@...el.com>
To:     Yuan Yao <yuan.yao@...ux.intel.com>
Cc:     Chao Gao <chao.gao@...el.com>, linux-kernel@...r.kernel.org,
        kvm@...r.kernel.org, seanjc@...gle.com, pbonzini@...hat.com,
        dave.hansen@...el.com, len.brown@...el.com, tony.luck@...el.com,
        rafael.j.wysocki@...el.com, reinette.chatre@...el.com,
        dan.j.williams@...el.com, peterz@...radead.org, ak@...ux.intel.com,
        kirill.shutemov@...ux.intel.com,
        sathyanarayanan.kuppuswamy@...ux.intel.com,
        isaku.yamahata@...el.com, thomas.lendacky@....com,
        Tianyu.Lan@...rosoft.com
Subject: Re: [PATCH v5 04/22] x86/virt/tdx: Prevent ACPI CPU hotplug and
 ACPI memory hotplug

On Wed, 2022-06-29 at 16:35 +0800, Yuan Yao wrote:
> On Fri, Jun 24, 2022 at 11:21:59PM +1200, Kai Huang wrote:
> > On Fri, 2022-06-24 at 09:41 +0800, Chao Gao wrote:
> > > On Wed, Jun 22, 2022 at 11:16:07PM +1200, Kai Huang wrote:
> > > > -static bool intel_cc_platform_has(enum cc_attr attr)
> > > > +#ifdef CONFIG_INTEL_TDX_GUEST
> > > > +static bool intel_tdx_guest_has(enum cc_attr attr)
> > > > {
> > > > 	switch (attr) {
> > > > 	case CC_ATTR_GUEST_UNROLL_STRING_IO:
> > > > @@ -28,6 +31,33 @@ static bool intel_cc_platform_has(enum cc_attr attr)
> > > > 		return false;
> > > > 	}
> > > > }
> > > > +#endif
> > > > +
> > > > +#ifdef CONFIG_INTEL_TDX_HOST
> > > > +static bool intel_tdx_host_has(enum cc_attr attr)
> > > > +{
> > > > +	switch (attr) {
> > > > +	case CC_ATTR_ACPI_CPU_HOTPLUG_DISABLED:
> > > > +	case CC_ATTR_ACPI_MEMORY_HOTPLUG_DISABLED:
> > > > +		return true;
> > > > +	default:
> > > > +		return false;
> > > > +	}
> > > > +}
> > > > +#endif
> > > > +
> > > > +static bool intel_cc_platform_has(enum cc_attr attr)
> > > > +{
> > > > +#ifdef CONFIG_INTEL_TDX_GUEST
> > > > +	if (boot_cpu_has(X86_FEATURE_TDX_GUEST))
> > > > +		return intel_tdx_guest_has(attr);
> > > > +#endif
> > > > +#ifdef CONFIG_INTEL_TDX_HOST
> > > > +	if (platform_tdx_enabled())
> > > > +		return intel_tdx_host_has(attr);
> > > > +#endif
> > > > +	return false;
> > > > +}
> > > 
> > > how about:
> > > 
> > > static bool intel_cc_platform_has(enum cc_attr attr)
> > > {
> > > 	switch (attr) {
> > > 	/* attributes applied to TDX guest only */
> > > 	case CC_ATTR_GUEST_UNROLL_STRING_IO:
> > > 	...
> > > 		return boot_cpu_has(X86_FEATURE_TDX_GUEST);
> > > 
> > > 	/* attributes applied to TDX host only */
> > > 	case CC_ATTR_ACPI_CPU_HOTPLUG_DISABLED:
> > > 	case CC_ATTR_ACPI_MEMORY_HOTPLUG_DISABLED:
> > > 		return platform_tdx_enabled();
> > > 
> > > 	default:
> > > 		return false;
> > > 	}
> > > }
> > > 
> > > so that we can get rid of #ifdef/endif.
> > 
> > Personally I don't quite like this way.  To me having separate function for host
> > and guest is more clear and more flexible.  And I don't think having
> > #ifdef/endif has any problem.  I would like to leave to maintainers.
> 
> I see below statement, for you reference:
> 
> "Wherever possible, don't use preprocessor conditionals (#if, #ifdef) in .c"
> From Documentation/process/coding-style.rst, 21) Conditional Compilation.
> 
> > 

This is perhaps a general rule.  If you take a look at existing code, you will
immediately find AMD has a #ifdef too:

static bool amd_cc_platform_has(enum cc_attr attr)
{
#ifdef CONFIG_AMD_MEM_ENCRYPT
        switch (attr) {
        case CC_ATTR_MEM_ENCRYPT:
                return sme_me_mask;

        case CC_ATTR_HOST_MEM_ENCRYPT:
                return sme_me_mask && !(sev_status & MSR_AMD64_SEV_ENABLED);

        case CC_ATTR_GUEST_MEM_ENCRYPT:
                return sev_status & MSR_AMD64_SEV_ENABLED;

        case CC_ATTR_GUEST_STATE_ENCRYPT:
                return sev_status & MSR_AMD64_SEV_ES_ENABLED;

        /*
         * With SEV, the rep string I/O instructions need to be unrolled
         * but SEV-ES supports them through the #VC handler.
         */
        case CC_ATTR_GUEST_UNROLL_STRING_IO:
                return (sev_status & MSR_AMD64_SEV_ENABLED) &&
                        !(sev_status & MSR_AMD64_SEV_ES_ENABLED);

        default:
                return false;
        }
#else
        return false;
#endif
}

So I'll leave to maintainers.

Anyway as Christoph commented I'll give up introducing new CC attributes, so
doesn't matter anymore.

-- 
Thanks,
-Kai


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ