lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <64074f04-fd72-488b-831a-ad744bbcd950@broadcom.com>
Date:   Thu, 7 Dec 2023 18:27:39 -0800
From:   Alexey Makhalov <alexey.makhalov@...adcom.com>
To:     Dave Hansen <dave.hansen@...el.com>, linux-kernel@...r.kernel.org,
        virtualization@...ts.linux.dev, hpa@...or.com,
        dave.hansen@...ux.intel.co, bp@...en8.d, mingo@...hat.com,
        tglx@...utronix.de, dave.hansen@...ux.intel.com
Cc:     x86@...nel.org, netdev@...r.kernel.org, richardcochran@...il.com,
        linux-input@...r.kernel.org, dmitry.torokhov@...il.com,
        zackr@...are.com, linux-graphics-maintainer@...are.com,
        pv-drivers@...are.com, namit@...are.com, timothym@...are.com,
        akaher@...are.com, jsipek@...are.com,
        dri-devel@...ts.freedesktop.org, daniel@...ll.ch,
        airlied@...il.com, tzimmermann@...e.de, mripard@...nel.org,
        maarten.lankhorst@...ux.intel.com, horms@...nel.org
Subject: Re: [PATCH] x86/vmware: Add TDX hypercall support



On 12/7/23 9:12 AM, Dave Hansen wrote:
> On 12/5/23 23:15, Alexey Makhalov wrote:
>> +#ifdef CONFIG_INTEL_TDX_GUEST
>> +/* Export tdx hypercall and allow it only for VMware guests. */
>> +void vmware_tdx_hypercall_args(struct tdx_module_args *args)
>> +{
>> +	if (hypervisor_is_type(X86_HYPER_VMWARE))
>> +		__tdx_hypercall(args);
>> +}
>> +EXPORT_SYMBOL_GPL(vmware_tdx_hypercall_args);
>> +#endif
> 
> I think this is still too generic.  This still allows anything setting
> X86_HYPER_VMWARE to make any TDX hypercall.
> 
> I'd *much* rather you export something like vmware_tdx_hypercall() or
> even the high-level calls like hypervisor_ppn_reset_all().  The higher
> level and more specialized the interface, the less likely it is to be
> abused.

Dave, I understood your point. Please take a look on the next version of 
the patch.

I export vmware_tdx_hypercall(), while vmware_tdx_hypercall_args() is a
static inline wrapper on top.
Most of the vmware hypercall logic plus sanity checks are now in 
exported function. While only input and output argument handling remains 
in the wrapper to allow compiler optimization for hypercalls with few 
argument. Exporting vmware_tdx_hypercall1, vmware_tdx_hypercall3, and so 
on is not an option either.

Regards,
--Alexey

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ