| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9888a920-37b8-9a1f-b887-6630492955c6@intel.com>
Date: Wed, 10 Aug 2022 16:44:20 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: Daniel Sneddon <daniel.sneddon@...ux.intel.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
"Shutemov, Kirill" <kirill.shutemov@...el.com>,
"Huang, Kai" <kai.huang@...el.com>
Cc: "H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org,
"Gomez Iglesias, Antonio" <antonio.gomez.iglesias@...el.com>,
Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>
Subject: Re: [PATCH] x86/apic: Don't disable x2APIC if locked
On 8/10/22 16:38, Daniel Sneddon wrote:
>>
>> config INTEL_TDX_GUEST
>> bool "Intel TDX (Trust Domain Extensions) - Guest Support"
>> depends on X86_64 && CPU_SUP_INTEL
>> depends on X86_X2APIC
> So I got some more input. SPR and newer will lock the APIC.
Could you get a _little_ more clarity on this, please? Exactly how and
when will it be locked? What does the BIOS writer's guide say? Will
there be an explicit x2APIC lock option? Or, will it be implicitly
locked when SGX or TDX is enabled?
> Older products will get a ucode update, but that ucode update won't
> include the APIClock. So, on non-SPR parts do we still want to make
> SGX depend on X2APIC?
Yes. It's a small price to pay.
Powered by blists - more mailing lists