| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Aug 2023 10:32:50 +0530
From: "Nikunj A. Dadhania" <nikunj@....com>
To: Tom Lendacky <thomas.lendacky@....com>,
linux-kernel@...r.kernel.org, x86@...nel.org
Cc: bp@...en8.de, dionnaglaze@...gle.com, pgonda@...gle.com,
seanjc@...gle.com, pbonzini@...hat.com
Subject: Re: [PATCH v3 05/14] virt: sev-guest: Add vmpck_id to snp_guest_dev
struct
On 8/2/2023 10:25 PM, Tom Lendacky wrote:
> On 8/1/23 23:12, Nikunj A. Dadhania wrote:
>> On 8/1/2023 10:00 PM, Tom Lendacky wrote:
>>> On 7/22/23 06:19, Nikunj A Dadhania wrote:
>>>> Drop vmpck and os_area_msg_seqno pointers so that secret page layout
>>>> does not need to be exposed to the sev-guest driver after the rework.
>>>> Instead, add helper APIs to access vmpck and os_area_msg_seqno when
>>>> needed.
>>>>
>>>> Signed-off-by: Nikunj A Dadhania <nikunj@....com>
>>>> ---
>>>> drivers/virt/coco/sev-guest/sev-guest.c | 84 +++++++++++++------------
>>>> 1 file changed, 43 insertions(+), 41 deletions(-)
>>>>
>>>> diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c
>>>> index d4241048b397..8ad43e007d3b 100644
>>>> --- a/drivers/virt/coco/sev-guest/sev-guest.c
>>>> +++ b/drivers/virt/coco/sev-guest/sev-guest.c
>>>> @@ -50,8 +50,7 @@ struct snp_guest_dev {
>>>> struct snp_secrets_page_layout *layout;
>>>> struct snp_req_data input;
>>>> - u32 *os_area_msg_seqno;
>>>> - u8 *vmpck;
>>>> + unsigned int vmpck_id;
>>>> };
>>>> static u32 vmpck_id;
>>>> @@ -67,12 +66,23 @@ static inline unsigned int get_ctx_authsize(struct snp_guest_dev *snp_dev)
>>>> return 0;
>>>> }
>>>> -static bool is_vmpck_empty(struct snp_guest_dev *snp_dev)
>>>> +static inline u8 *snp_get_vmpck(struct snp_guest_dev *snp_dev)
>>>> +{
>>>> + return snp_dev->layout->vmpck0 + snp_dev->vmpck_id * VMPCK_KEY_LEN;
>>>> +}
>>>> +
>>>> +static inline u32 *snp_get_os_area_msg_seqno(struct snp_guest_dev *snp_dev)
>>>> +{
>>>> + return &snp_dev->layout->os_area.msg_seqno_0 + snp_dev->vmpck_id;
>>>> +}
>>>> +
>>>> +static bool snp_is_vmpck_empty(struct snp_guest_dev *snp_dev)
>>>
>>> I noticed this name change from is_vmpck_empty() to snp_is_vmpck_empty(). Is that in prep for moving, too? Is so, maybe call that out in the commit message.
>>
>> Yes, will add to the commit.
>>
>>>
>>>> {
>>>> char zero_key[VMPCK_KEY_LEN] = {0};
>>>> + u8 *key = snp_get_vmpck(snp_dev);
>>>> - if (snp_dev->vmpck)
>>>> - return !memcmp(snp_dev->vmpck, zero_key, VMPCK_KEY_LEN);
>>>> + if (key)
>>>> + return !memcmp(key, zero_key, VMPCK_KEY_LEN);
>>>
>>> I believe key can't be NULL, so this check isn't required.
>>
>> Sure, will update.
>
> Ah, although I noticed that when the various functions are moved over to the other file, the key return value can be NULL, so probably not worth changing here.
I have removed the check in this patch, but the check is retained in the later patch where key can be NULL.
Regards
Nikunj
Powered by blists - more mailing lists