| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6a777c72a6dc15ad80ecbedd4c6c35d9@foxhound.fi>
Date: Thu, 12 Oct 2023 16:45:30 +0000
From: José Pekkarinen <jose.pekkarinen@...hound.fi>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: seanjc@...gle.com, skhan@...uxfoundation.org, tglx@...utronix.de,
mingo@...hat.com, bp@...en8.de, dave.hansen@...ux.intel.com,
x86@...nel.org, hpa@...or.com, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org,
linux-kernel-mentees@...ts.linuxfoundation.org
Subject: Re: [PATCH] kvm/sev: remove redundant MISC_CG_RES_SEV_ES
On 2023-10-12 13:43, Paolo Bonzini wrote:
> On 10/10/23 19:49, José Pekkarinen wrote:
>> SEV-ES is an extra encrypted state that shares common resources
>> with SEV. Using an extra CG for its purpose doesn't seem to
>> provide much value. This patch will clean up the control group
>> along with multiple checks that become redundant with it.
>>
>> The patch will also remove a redundant logic on sev initialization
>> that produces SEV-ES to be disabled, while supported by the cpu
>> and requested by the user through the sev_es parameter.
>
> In what sense is it shared? The SEV ASIDs and the SEV-ES ASIDs are
> separate (and in both cases limited) resources, and therefore they
> have separate cgroups.
Nevermind this patch, after a painful bios upgrade I got sev-es
available in it, and I was able to launch some test vm on it, so this
may only be breaking things. Sorry for the noise!
José.
Powered by blists - more mailing lists