| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Jan 2023 13:59:56 +0100
From: Peter Zijlstra <peterz@...radead.org>
To: Joan Bruguera <joanbrugueram@...il.com>
Cc: linux-kernel@...r.kernel.org, Juergen Gross <jgross@...e.com>,
"Rafael J. Wysocki" <rafael@...nel.org>,
xen-devel <xen-devel@...ts.xenproject.org>,
Jan Beulich <jbeulich@...e.com>,
Roger Pau Monne <roger.pau@...rix.com>,
Kees Cook <keescook@...omium.org>, mark.rutland@....com,
x86@...nel.org
Subject: Re: [RFC][PATCH 0/6] x86: Fix suspend vs retbleed=stuff
On Fri, Jan 13, 2023 at 10:17:46AM +0100, Peter Zijlstra wrote:
> > (2) Tracing with QEMU I still see two `sarq $5, %gs:0x1337B33F` before
> > `%gs` is restored. Those correspond to the calls from
> > `secondary_startup_64` in `arch/x86/kernel/head_64.S` to
> > `verify_cpu` and `sev_verify_cbit`.
> > Those don't cause a crash but look suspicious, are they correct?
> >
> > (There are also some `sarq`s in the call to `early_setup_idt` from
> > `secondary_startup_64`, but `%gs` is restored immediately before)
>
> OK, I'll have a look, thanks!
Definitely fishy and I'm not sure why SMP bringup doesn't burn. Trying
to figure out what to do about this.
One thing I noticed is that trampoline_start already does verify_cpu,
and perhaps we can make startup_64 also do it, then secodary_startup_64
doesn't have to do it (and the realmode trampolines aren't patched).
Doing that would also require pushing the whole SEV thing into the
trampoline which them also gets rid of sev_verify_cbit I think.
But this definitely needs more thinking -- this is not an area I've
poked at much before.
Powered by blists - more mailing lists