| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1542cb57-7e3a-5881-a81c-031349ae8507@intel.com>
Date: Fri, 28 Oct 2022 08:41:59 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
luto@...nel.org, peterz@...radead.org
Cc: sathyanarayanan.kuppuswamy@...ux.intel.com, ak@...ux.intel.com,
dan.j.williams@...el.com, david@...hat.com, hpa@...or.com,
seanjc@...gle.com, thomas.lendacky@....com,
elena.reshetova@...el.com, x86@...nel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] x86/tdx: Do not allow #VE due to EPT violation on the
private memory
On 10/28/22 07:12, Kirill A. Shutemov wrote:
> arch/x86/coco/tdx/tdx.c | 49 +++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 49 insertions(+)
The patch is good, but I'm not crazy about the changelog or the big ol'
comment.
Really, this would do:
/*
* The kernel can not handle #VE's when accessing normal kernel
* memory. Ensure that no #VE will be delivered for accesses to
* TD-private memory. Only VMM-shared memory (MMIO) will #VE.
*/
if (!(td_attr & ATTR_SEPT_VE_DISABLE))
panic("TD misconfiguration: SEPT_VE_DISABLE attibute must be set.\n");
I'll probably trim both of them down. If I chop out something that's
critical, let me know, otherwise let's follow up and stick all of those
details in Documentation.
Powered by blists - more mailing lists