lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 10 Aug 2023 23:43:45 +0000
From:   Dexuan Cui <decui@...rosoft.com>
To:     Tianyu Lan <ltykernel@...il.com>,
        KY Srinivasan <kys@...rosoft.com>,
        Haiyang Zhang <haiyangz@...rosoft.com>,
        "wei.liu@...nel.org" <wei.liu@...nel.org>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "mingo@...hat.com" <mingo@...hat.com>,
        "bp@...en8.de" <bp@...en8.de>,
        "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
        "x86@...nel.org" <x86@...nel.org>, "hpa@...or.com" <hpa@...or.com>,
        "daniel.lezcano@...aro.org" <daniel.lezcano@...aro.org>,
        "arnd@...db.de" <arnd@...db.de>,
        "Michael Kelley (LINUX)" <mikelley@...rosoft.com>
CC:     Tianyu Lan <Tianyu.Lan@...rosoft.com>,
        "linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>,
        "linux-hyperv@...r.kernel.org" <linux-hyperv@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        vkuznets <vkuznets@...hat.com>
Subject: RE: [PATCH V5 5/8] x86/hyperv: Use vmmcall to implement Hyper-V
 hypercall in sev-snp enlightened guest

> From: Tianyu Lan <ltykernel@...il.com>
> Sent: Thursday, August 10, 2023 9:04 AM
>  [...]
> @@ -103,7 +103,8 @@ static inline u64 _hv_do_fast_hypercall8(u64 control,
> u64 input1)
> 
>  #ifdef CONFIG_X86_64
>  	{
> -		__asm__ __volatile__(CALL_NOSPEC
> +		__asm__ __volatile__("mov %[thunk_target], %%r8\n"

The "mov %[thunk_target], %%r8\n" is dubious.

I removed it and the kernel still worked fine for my regular VM (on an AMD host)
and for my SNP VM (with HCL). 

I suspect a fully enlightened SNP VM also doesn't need it as this hypercall
doesn't really need an output param. 

I noticed your 
[PATCH V5 8/8] x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES
exposes r8 to the hypervisor:

+static void hv_sev_es_hcall_prepare(struct ghcb *ghcb, struct pt_regs *regs)
+{
+       /* RAX and CPL are already in the GHCB */
+       ghcb_set_rcx(ghcb, regs->cx);
+       ghcb_set_rdx(ghcb, regs->dx);
+       ghcb_set_r8(ghcb, regs->r8);
+}

I guess the intent here is that we want to pass a deterministic value in R8 (rather
a random value) to the hypervisor for security's purpose. If so, can we just set
R8 to 0 rather than %[thunk_target]?

Please add a comment.

Sorry, I was not in the earlier discussion, so I may be missing something.

> +				     ALTERNATIVE(CALL_NOSPEC, "vmmcall",
> X86_FEATURE_SEV_ES)
>  				     : "=a" (hv_status),
> ASM_CALL_CONSTRAINT,
>  				       "+c" (control), "+d" (input1)
>  				     : THUNK_TARGET(hv_hypercall_pg)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ