| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <0676101a-e781-81e0-2e0f-7f5e72595e5c@intel.com>
Date: Fri, 8 Sep 2023 09:21:19 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: Kai Huang <kai.huang@...el.com>, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org
Cc: x86@...nel.org, kirill.shutemov@...ux.intel.com,
tony.luck@...el.com, peterz@...radead.org, tglx@...utronix.de,
bp@...en8.de, mingo@...hat.com, hpa@...or.com, seanjc@...gle.com,
pbonzini@...hat.com, david@...hat.com, dan.j.williams@...el.com,
rafael.j.wysocki@...el.com, ashok.raj@...el.com,
reinette.chatre@...el.com, len.brown@...el.com, ak@...ux.intel.com,
isaku.yamahata@...el.com, ying.huang@...el.com, chao.gao@...el.com,
sathyanarayanan.kuppuswamy@...ux.intel.com, nik.borisov@...e.com,
bagasdotme@...il.com, sagis@...gle.com, imammedo@...hat.com
Subject: Re: [PATCH v13 05/22] x86/virt/tdx: Handle SEAMCALL no entropy error
in common code
On 8/25/23 05:14, Kai Huang wrote:
> Some SEAMCALLs use the RDRAND hardware and can fail for the same reasons
> as RDRAND. Use the kernel RDRAND retry logic for them.
>
> There are three __seamcall*() variants. Add a macro to do the SEAMCALL
> retry in the common code and define a wrapper for each __seamcall*()
> variant.
>
> Signed-off-by: Kai Huang <kai.huang@...el.com>
> ---
>
> v12 -> v13:
> - New implementation due to TDCALL assembly series.
>
> ---
> arch/x86/include/asm/tdx.h | 27 +++++++++++++++++++++++++++
> 1 file changed, 27 insertions(+)
>
> diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h
> index a252328734c7..cfae8b31a2e9 100644
> --- a/arch/x86/include/asm/tdx.h
> +++ b/arch/x86/include/asm/tdx.h
> @@ -24,6 +24,11 @@
> #define TDX_SEAMCALL_GP (TDX_SW_ERROR | X86_TRAP_GP)
> #define TDX_SEAMCALL_UD (TDX_SW_ERROR | X86_TRAP_UD)
>
> +/*
> + * TDX module SEAMCALL leaf function error codes
> + */
> +#define TDX_RND_NO_ENTROPY 0x8000020300000000ULL
> +
> #ifndef __ASSEMBLY__
>
> /*
> @@ -82,6 +87,28 @@ u64 __seamcall(u64 fn, struct tdx_module_args *args);
> u64 __seamcall_ret(u64 fn, struct tdx_module_args *args);
> u64 __seamcall_saved_ret(u64 fn, struct tdx_module_args *args);
>
> +#include <asm/archrandom.h>
> +
> +#define SEAMCALL_NO_ENTROPY_RETRY(__seamcall_func, __fn, __args) \
> +({ \
> + int ___retry = RDRAND_RETRY_LOOPS; \
> + u64 ___sret; \
> + \
> + do { \
> + ___sret = __seamcall_func((__fn), (__args)); \
> + } while (___sret == TDX_RND_NO_ENTROPY && --___retry); \
> + ___sret; \
> +})
This is a *LOT* less eye-bleedy if you do it without macros:
typedef u64 (*sc_func_t)(u64 fn, struct tdx_module_args *args);
static inline
u64 sc_retry(sc_func_t func, u64 fn, struct tdx_module_args *args)
{
int retry = RDRAND_RETRY_LOOPS;
u64 ret;
do {
ret = func(fn, args);
} while (ret == TDX_RND_NO_ENTROPY && --retry);
return ret;
}
#define seamcall(_fn, _args) sc_retry(_seamcall,
(_fn), (_args))
#define seamcall_ret(_fn, _args) sc_retry(_seamcall_ret,
(_fn), (_args))
#define seamcall_saved_ret(_fn, _args) sc_retry(_seamcall_saved_ret,
(_fn), (_args))
The compiler can figure it out and avoid making func() an indirect call
since it knows the call location at compile time.
You can also do the seamcall() #define as a static inline, but it does
take up more screen real estate. Oh, and going a wee bit over 80
columns is OK for those #defines.
Powered by blists - more mailing lists