| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ba679460-827d-40b1-bc78-bcee1c013f36@broadcom.com>
Date: Tue, 19 Dec 2023 16:27:51 -0800
From: Alexey Makhalov <alexey.makhalov@...adcom.com>
To: kirill.shutemov@...ux.intel.com
Cc: linux-kernel@...r.kernel.org, virtualization@...ts.linux.dev,
bp@...en8.de, hpa@...or.com, dave.hansen@...ux.intel.com, mingo@...hat.com,
tglx@...utronix.de, x86@...nel.org, netdev@...r.kernel.org,
richardcochran@...il.com, linux-input@...r.kernel.org,
dmitry.torokhov@...il.com, zackr@...are.com,
linux-graphics-maintainer@...are.com, pv-drivers@...are.com,
namit@...are.com, timothym@...are.com, akaher@...are.com, jsipek@...are.com,
dri-devel@...ts.freedesktop.org, daniel@...ll.ch, airlied@...il.com,
tzimmermann@...e.de, mripard@...nel.org, maarten.lankhorst@...ux.intel.com,
horms@...nel.org
Subject: Re: [PATCH v3 6/6] x86/vmware: Add TDX hypercall support
On 12/19/23 3:23 PM, kirill.shutemov@...ux.intel.com wrote:
> On Tue, Dec 19, 2023 at 01:57:51PM -0800, Alexey Makhalov wrote:
>> diff --git a/arch/x86/kernel/cpu/vmware.c b/arch/x86/kernel/cpu/vmware.c
>> index 3aa1adaed18f..ef07ab7a07e1 100644
>> --- a/arch/x86/kernel/cpu/vmware.c
>> +++ b/arch/x86/kernel/cpu/vmware.c
>> @@ -428,6 +428,30 @@ static bool __init vmware_legacy_x2apic_available(void)
>> (eax & BIT(VCPU_LEGACY_X2APIC));
>> }
>>
>> +#ifdef CONFIG_INTEL_TDX_GUEST
>> +unsigned long vmware_tdx_hypercall(unsigned long cmd,
>> + struct tdx_module_args *args)
>> +{
>> + if (!hypervisor_is_type(X86_HYPER_VMWARE))
>> + return 0;
>> +
>> + if (cmd & ~VMWARE_CMD_MASK) {
>> + pr_warn("Out of range command %x\n", cmd);
>> + return 0;
>
> Is zero success? Shouldn't it be an error?
VMware hypercalls do not have a standard way of signalling an error.
To generalize expectations from the caller perspective of any existing
hypercalls: error (including hypercall is not supported or disabled) is
when return value is 0 and out1/2 are unchanged or equal to in1/in2.
All existing vmware_hypercall callers will gracefully handle returned 0.
But they should never hit this path, as 0 bail out was introduced as a
protection for the case where exported vmware_tdx_hypercall is used by
random caller (not following VMware hypercall ABI).
>
>> + }
>> +
>> + args->r10 = VMWARE_TDX_VENDOR_LEAF;
>> + args->r11 = VMWARE_TDX_HCALL_FUNC;
>> + args->r12 = VMWARE_HYPERVISOR_MAGIC;
>> + args->r13 = cmd;
>> +
>> + __tdx_hypercall(args);
>> +
>> + return args->r12;
>> +}
>> +EXPORT_SYMBOL_GPL(vmware_tdx_hypercall);
>> +#endif
>> +
>> #ifdef CONFIG_AMD_MEM_ENCRYPT
>> static void vmware_sev_es_hcall_prepare(struct ghcb *ghcb,
>> struct pt_regs *regs)
>> --
>> 2.39.0
>>
>
Powered by blists - more mailing lists