lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <09574173-6a93-765e-a9e6-de12c8de2f32@gmail.com>
Date:   Wed, 27 Jul 2022 23:20:43 +0800
From:   Tianyu Lan <ltykernel@...il.com>
To:     Borislav Petkov <bp@...en8.de>,
        Tom Lendacky <thomas.lendacky@....com>,
        Tianyu Lan <Tianyu.Lan@...rosoft.com>,
        Wei Liu <wei.liu@...nel.org>
Cc:     x86-ml <x86@...nel.org>, lkml <linux-kernel@...r.kernel.org>
Subject: Re: [EXTERNAL] [PATCH] Revert "x86/sev: Expose sev_es_ghcb_hv_call()
 for use by HyperV"

On 7/27/2022 10:48 PM, Borislav Petkov wrote:
> This reverts commit 007faec014cb5d26983c1f86fd08c6539b41392e.
> 
> Now that hyperv does its own protocol negotiation:
> 
>    49d6a3c062a1 ("x86/Hyper-V: Add SEV negotiate protocol support in Isolation VM")
> 
> revert this exposure of the sev_es_ghcb_hv_call() helper.
> 
> Cc: Tianyu Lan <Tianyu.Lan@...rosoft.com>
> Cc: Wei Liu <wei.liu@...nel.org>
> Signed-off-by: Borislav Petkov <bp@...e.de>
> Link: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Flore.kernel.org%2Fr%2F20220614014553.1915929-1-ltykernel%40gmail.com&amp;data=05%7C01%7CTianyu.Lan%40microsoft.com%7Ca4ab2172b0c147eab3d608da6fdf0b7d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637945301113063277%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=1ITuubB%2FfGQ7PzGmKbEnJUt7zV8S3ZH4%2FKxq4e9%2FC88%3D&amp;reserved=0
> ---
> 
> My plan is to queue this now and send it to Linus as an urgent fix so
> that 5.19 gets released clean, without that export.
> 
> So if you folks see an issue, holler now pls.
> 
> Thx.

Reviewed-by:Tianyu Lan <tiala@...rosoft.com>


> 
>   arch/x86/include/asm/sev.h   |  7 +------
>   arch/x86/kernel/sev-shared.c | 25 +++++++++----------------
>   arch/x86/kernel/sev.c        | 17 ++++++++---------
>   3 files changed, 18 insertions(+), 31 deletions(-)
> 
> diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
> index 19514524f0f8..4a23e52fe0ee 100644
> --- a/arch/x86/include/asm/sev.h
> +++ b/arch/x86/include/asm/sev.h
> @@ -72,7 +72,6 @@ static inline u64 lower_bits(u64 val, unsigned int bits)
>   
>   struct real_mode_header;
>   enum stack_type;
> -struct ghcb;
>   
>   /* Early IDT entry points for #VC handler */
>   extern void vc_no_ghcb(void);
> @@ -156,11 +155,7 @@ static __always_inline void sev_es_nmi_complete(void)
>   		__sev_es_nmi_complete();
>   }
>   extern int __init sev_es_efi_map_ghcbs(pgd_t *pgd);
> -extern enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb,
> -					  bool set_ghcb_msr,
> -					  struct es_em_ctxt *ctxt,
> -					  u64 exit_code, u64 exit_info_1,
> -					  u64 exit_info_2);
> +
>   static inline int rmpadjust(unsigned long vaddr, bool rmp_psize, unsigned long attrs)
>   {
>   	int rc;
> diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c
> index b478edf43bec..3a5b0c9c4fcc 100644
> --- a/arch/x86/kernel/sev-shared.c
> +++ b/arch/x86/kernel/sev-shared.c
> @@ -219,9 +219,10 @@ static enum es_result verify_exception_info(struct ghcb *ghcb, struct es_em_ctxt
>   	return ES_VMM_ERROR;
>   }
>   
> -enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, bool set_ghcb_msr,
> -				   struct es_em_ctxt *ctxt, u64 exit_code,
> -				   u64 exit_info_1, u64 exit_info_2)
> +static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb,
> +					  struct es_em_ctxt *ctxt,
> +					  u64 exit_code, u64 exit_info_1,
> +					  u64 exit_info_2)
>   {
>   	/* Fill in protocol and format specifiers */
>   	ghcb->protocol_version = ghcb_version;
> @@ -231,14 +232,7 @@ enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, bool set_ghcb_msr,
>   	ghcb_set_sw_exit_info_1(ghcb, exit_info_1);
>   	ghcb_set_sw_exit_info_2(ghcb, exit_info_2);
>   
> -	/*
> -	 * Hyper-V unenlightened guests use a paravisor for communicating and
> -	 * GHCB pages are being allocated and set up by that paravisor. Linux
> -	 * should not change the GHCB page's physical address.
> -	 */
> -	if (set_ghcb_msr)
> -		sev_es_wr_ghcb_msr(__pa(ghcb));
> -
> +	sev_es_wr_ghcb_msr(__pa(ghcb));
>   	VMGEXIT();
>   
>   	return verify_exception_info(ghcb, ctxt);
> @@ -795,7 +789,7 @@ static enum es_result vc_handle_ioio(struct ghcb *ghcb, struct es_em_ctxt *ctxt)
>   		 */
>   		sw_scratch = __pa(ghcb) + offsetof(struct ghcb, shared_buffer);
>   		ghcb_set_sw_scratch(ghcb, sw_scratch);
> -		ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_IOIO,
> +		ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_IOIO,
>   					  exit_info_1, exit_info_2);
>   		if (ret != ES_OK)
>   			return ret;
> @@ -837,8 +831,7 @@ static enum es_result vc_handle_ioio(struct ghcb *ghcb, struct es_em_ctxt *ctxt)
>   
>   		ghcb_set_rax(ghcb, rax);
>   
> -		ret = sev_es_ghcb_hv_call(ghcb, true, ctxt,
> -					  SVM_EXIT_IOIO, exit_info_1, 0);
> +		ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_IOIO, exit_info_1, 0);
>   		if (ret != ES_OK)
>   			return ret;
>   
> @@ -894,7 +887,7 @@ static enum es_result vc_handle_cpuid(struct ghcb *ghcb,
>   		/* xgetbv will cause #GP - use reset value for xcr0 */
>   		ghcb_set_xcr0(ghcb, 1);
>   
> -	ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_CPUID, 0, 0);
> +	ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_CPUID, 0, 0);
>   	if (ret != ES_OK)
>   		return ret;
>   
> @@ -919,7 +912,7 @@ static enum es_result vc_handle_rdtsc(struct ghcb *ghcb,
>   	bool rdtscp = (exit_code == SVM_EXIT_RDTSCP);
>   	enum es_result ret;
>   
> -	ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, exit_code, 0, 0);
> +	ret = sev_es_ghcb_hv_call(ghcb, ctxt, exit_code, 0, 0);
>   	if (ret != ES_OK)
>   		return ret;
>   
> diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c
> index c05f0124c410..63dc626627a0 100644
> --- a/arch/x86/kernel/sev.c
> +++ b/arch/x86/kernel/sev.c
> @@ -786,7 +786,7 @@ static int vmgexit_psc(struct snp_psc_desc *desc)
>   		ghcb_set_sw_scratch(ghcb, (u64)__pa(data));
>   
>   		/* This will advance the shared buffer data points to. */
> -		ret = sev_es_ghcb_hv_call(ghcb, true, &ctxt, SVM_VMGEXIT_PSC, 0, 0);
> +		ret = sev_es_ghcb_hv_call(ghcb, &ctxt, SVM_VMGEXIT_PSC, 0, 0);
>   
>   		/*
>   		 * Page State Change VMGEXIT can pass error code through
> @@ -1212,8 +1212,7 @@ static enum es_result vc_handle_msr(struct ghcb *ghcb, struct es_em_ctxt *ctxt)
>   		ghcb_set_rdx(ghcb, regs->dx);
>   	}
>   
> -	ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_MSR,
> -				  exit_info_1, 0);
> +	ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_MSR, exit_info_1, 0);
>   
>   	if ((ret == ES_OK) && (!exit_info_1)) {
>   		regs->ax = ghcb->save.rax;
> @@ -1452,7 +1451,7 @@ static enum es_result vc_do_mmio(struct ghcb *ghcb, struct es_em_ctxt *ctxt,
>   
>   	ghcb_set_sw_scratch(ghcb, ghcb_pa + offsetof(struct ghcb, shared_buffer));
>   
> -	return sev_es_ghcb_hv_call(ghcb, true, ctxt, exit_code, exit_info_1, exit_info_2);
> +	return sev_es_ghcb_hv_call(ghcb, ctxt, exit_code, exit_info_1, exit_info_2);
>   }
>   
>   /*
> @@ -1628,7 +1627,7 @@ static enum es_result vc_handle_dr7_write(struct ghcb *ghcb,
>   
>   	/* Using a value of 0 for ExitInfo1 means RAX holds the value */
>   	ghcb_set_rax(ghcb, val);
> -	ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_WRITE_DR7, 0, 0);
> +	ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_WRITE_DR7, 0, 0);
>   	if (ret != ES_OK)
>   		return ret;
>   
> @@ -1658,7 +1657,7 @@ static enum es_result vc_handle_dr7_read(struct ghcb *ghcb,
>   static enum es_result vc_handle_wbinvd(struct ghcb *ghcb,
>   				       struct es_em_ctxt *ctxt)
>   {
> -	return sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_WBINVD, 0, 0);
> +	return sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_WBINVD, 0, 0);
>   }
>   
>   static enum es_result vc_handle_rdpmc(struct ghcb *ghcb, struct es_em_ctxt *ctxt)
> @@ -1667,7 +1666,7 @@ static enum es_result vc_handle_rdpmc(struct ghcb *ghcb, struct es_em_ctxt *ctxt
>   
>   	ghcb_set_rcx(ghcb, ctxt->regs->cx);
>   
> -	ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_RDPMC, 0, 0);
> +	ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_RDPMC, 0, 0);
>   	if (ret != ES_OK)
>   		return ret;
>   
> @@ -1708,7 +1707,7 @@ static enum es_result vc_handle_vmmcall(struct ghcb *ghcb,
>   	if (x86_platform.hyper.sev_es_hcall_prepare)
>   		x86_platform.hyper.sev_es_hcall_prepare(ghcb, ctxt->regs);
>   
> -	ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_VMMCALL, 0, 0);
> +	ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_VMMCALL, 0, 0);
>   	if (ret != ES_OK)
>   		return ret;
>   
> @@ -2197,7 +2196,7 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned
>   		ghcb_set_rbx(ghcb, input->data_npages);
>   	}
>   
> -	ret = sev_es_ghcb_hv_call(ghcb, true, &ctxt, exit_code, input->req_gpa, input->resp_gpa);
> +	ret = sev_es_ghcb_hv_call(ghcb, &ctxt, exit_code, input->req_gpa, input->resp_gpa);
>   	if (ret)
>   		goto e_put;
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ