| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 5 Dec 2022 15:26:23 +0300
From: kirill@...temov.name
To: Juergen Gross <jgross@...e.com>
Cc: linux-kernel@...r.kernel.org, x86@...nel.org,
Dave Hansen <dave.hansen@...ux.intel.com>,
Andy Lutomirski <luto@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
"H. Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH 1/2] x86/pat: fix TDX guest PAT initialization
On Mon, Dec 05, 2022 at 09:04:32AM +0100, Juergen Gross wrote:
> With the decoupling of PAT and MTRR initialization, PAT will be used
> even with MTRRs disabled. This seems to break booting up as TDX guest,
> as the recommended sequence to set the PAT MSR across CPUs can't work
> in TDX guests due to disabling caches via setting CR0.CD isn't allowed
> in TDX mode.
>
> This is an inconsistency in the Intel documentation between the SDM
> and the TDX specification. For now handle TDX mode the same way as Xen
> PV guest mode by just accepting the current PAT MSR setting without
> trying to modify it.
>
> Signed-off-by: Juergen Gross <jgross@...e.com>
Good enough for now. I will follow up if something comes up from the
discussion around the topic.
Acked-by: Kirill A. Shutemov <kirill.shutemov@...ux.intel.com>
> ---
> arch/x86/mm/pat/memtype.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/mm/pat/memtype.c b/arch/x86/mm/pat/memtype.c
> index 9aab17d660cd..4e50add760ad 100644
> --- a/arch/x86/mm/pat/memtype.c
> +++ b/arch/x86/mm/pat/memtype.c
> @@ -296,8 +296,12 @@ void __init pat_bp_init(void)
> /*
> * Xen PV doesn't allow to set PAT MSR, but all cache modes are
> * supported.
> + * When running as TDX guest setting the PAT MSR won't work either
> + * due to the requirement to set CR0.CD when doing so. Rely on
> + * firmware to have set the PAT MSR correctly.
s/firmware/TDX module/
> */
> - if (pat_disabled || cpu_feature_enabled(X86_FEATURE_XENPV)) {
> + if (pat_disabled || cpu_feature_enabled(X86_FEATURE_XENPV) ||
> + cpu_feature_enabled(X86_FEATURE_TDX_GUEST)) {
> init_cache_modes(pat_msr_val);
> return;
> }
--
Kiryl Shutsemau / Kirill A. Shutemov
Powered by blists - more mailing lists