lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20221205122623.2px6y63rkkgvpxo5@box.shutemov.name>
Date:   Mon, 5 Dec 2022 15:26:23 +0300
From:   kirill@...temov.name
To:     Juergen Gross <jgross@...e.com>
Cc:     linux-kernel@...r.kernel.org, x86@...nel.org,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Andy Lutomirski <luto@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH 1/2] x86/pat: fix TDX guest PAT initialization

On Mon, Dec 05, 2022 at 09:04:32AM +0100, Juergen Gross wrote:
> With the decoupling of PAT and MTRR initialization, PAT will be used
> even with MTRRs disabled. This seems to break booting up as TDX guest,
> as the recommended sequence to set the PAT MSR across CPUs can't work
> in TDX guests due to disabling caches via setting CR0.CD isn't allowed
> in TDX mode.
> 
> This is an inconsistency in the Intel documentation between the SDM
> and the TDX specification. For now handle TDX mode the same way as Xen
> PV guest mode by just accepting the current PAT MSR setting without
> trying to modify it.
> 
> Signed-off-by: Juergen Gross <jgross@...e.com>

Good enough for now. I will follow up if something comes up from the
discussion around the topic.

Acked-by: Kirill A. Shutemov <kirill.shutemov@...ux.intel.com>

> ---
>  arch/x86/mm/pat/memtype.c | 6 +++++-
>  1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/mm/pat/memtype.c b/arch/x86/mm/pat/memtype.c
> index 9aab17d660cd..4e50add760ad 100644
> --- a/arch/x86/mm/pat/memtype.c
> +++ b/arch/x86/mm/pat/memtype.c
> @@ -296,8 +296,12 @@ void __init pat_bp_init(void)
>  	/*
>  	 * Xen PV doesn't allow to set PAT MSR, but all cache modes are
>  	 * supported.
> +	 * When running as TDX guest setting the PAT MSR won't work either
> +	 * due to the requirement to set CR0.CD when doing so. Rely on
> +	 * firmware to have set the PAT MSR correctly.

s/firmware/TDX module/

>  	 */
> -	if (pat_disabled || cpu_feature_enabled(X86_FEATURE_XENPV)) {
> +	if (pat_disabled || cpu_feature_enabled(X86_FEATURE_XENPV) ||
> +	    cpu_feature_enabled(X86_FEATURE_TDX_GUEST)) {
>  		init_cache_modes(pat_msr_val);
>  		return;
>  	}

-- 
  Kiryl Shutsemau / Kirill A. Shutemov

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ