lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 27 Oct 2023 08:24:49 -0700
From:   Dave Hansen <dave.hansen@...el.com>
To:     Yi Sun <yi.sun@...el.com>, tglx@...utronix.de, mingo@...hat.com,
        bp@...en8.de, dave.hansen@...ux.intel.com, peterz@...radead.org,
        x86@...nel.org
Cc:     kirill.shutemov@...ux.intel.com,
        sathyanarayanan.kuppuswamy@...ux.intel.com, kai.huang@...el.com,
        nik.borisov@...e.com, linux-kernel@...r.kernel.org,
        heng.su@...el.com, yi.sun@...ux.intel.com,
        Dongcheng Yan <dongcheng.yan@...el.com>
Subject: Re: [PATCH v7] x86/tdx: Dump TDX Version During TD Bootup

On 10/26/23 21:52, Yi Sun wrote:
> Different versions of TDX have significant differences, as stated in the
> "IntelĀ® TDX Module Incompatibilities between v1.0 and v1.5" reference.
> It would be useful for TD users to be aware of the vendor and version of
> the current TDX in use. Users could expect different results when
> checking CPIUD or reading MSR in the user space, depending on the TDX
> version. Additionally, refer to the TDX version when reporting issues.

Hi Folks,

I tried to get some of this across in my last message.  I think I was
being too subtle.  Please stop sending this patch.

dmesg is not the right place for this information.  dmesg is a ring
buffer.  All data there goes away eventually.

If users *need* this -- and your changelog seems to be making the case
that they do -- it can't be from a source that goes away.

On another note, there used to be a "TDX versions in sysfs" patch
somewhere.  Maybe it was just on the host side, I don't remember.  But,
either way, could you please go have a chat with Kai and see what he's
doing around TDX module version exporting?  *Whatever* gets done, it
needs to be _consistent_ across host and guest, if not have the exact
same user<->kernel ABI.

Then, someone is going to want to update the TDX module, just like
firmware.  When that happens, this information in dmesg (if even still
there) is going to be outright wrong.  So those folks that *need* it are
going to be getting stale info.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ