lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Nov 2022 07:19:17 -0700 From: Peter Gonda <pgonda@...gle.com> To: Tom Lendacky <thomas.lendacky@....com> Cc: Borislav Petkov <bp@...e.de>, Michael Roth <michael.roth@....com>, Haowen Bai <baihaowen@...zu.com>, Yang Yingliang <yangyingliang@...wei.com>, Marc Orr <marcorr@...gle.com>, David Rientjes <rientjes@...gle.com>, Dionna Glaze <dionnaglaze@...gle.com>, Ashish Kalra <Ashish.Kalra@....com>, stable@...r.kernel.org, linux-kernel@...r.kernel.org, kvm@...r.kernel.org Subject: Re: [PATCH V5] virt: sev: Prevent IV reuse in SNP guest driver On Wed, Nov 16, 2022 at 12:02 PM Tom Lendacky <thomas.lendacky@....com> wrote: > > On 11/16/22 11:55, Peter Gonda wrote: > > The AMD Secure Processor (ASP) and an SNP guest use a series of > > AES-GCM keys called VMPCKs to communicate securely with each other. > > The IV to this scheme is a sequence number that both the ASP and the > > guest track. Currently this sequence number in a guest request must > > exactly match the sequence number tracked by the ASP. This means that > > if the guest sees an error from the host during a request it can only > > retry that exact request or disable the VMPCK to prevent an IV reuse. > > AES-GCM cannot tolerate IV reuse see: "Authentication Failures in NIST > > version of GCM" - Antoine Joux et al. > > > > In order to address this make handle_guest_request() delete the VMPCK > > on any non successful return. To allow userspace querying the cert_data > > length make handle_guest_request() safe the number of pages required by > > s/safe/save/ > > > the host, then handle_guest_request() retry the request without > > ... then have handle_guest_request() ... > > > requesting the extended data, then return the number of pages required > > back to userspace. > > > > Fixes: fce96cf044308 ("virt: Add SEV-SNP guest driver") > > Signed-off-by: Peter Gonda <pgonda@...gle.com> > > Reported-by: Peter Gonda <pgonda@...gle.com> > > Just some nits on the commit message and comments below, otherwise > > Reviewed-by: Tom Lendacky <thomas.lendacky@....com> Thanks Tom. I'll update with all the feedback after Boris chimes in.
Powered by blists - more mailing lists