| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <063a42bfe538710931fca183a8d28c8a3d011608.camel@intel.com>
Date: Fri, 5 Jan 2024 19:38:48 +0000
From: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
To: "kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
"tglx@...utronix.de" <tglx@...utronix.de>, "mingo@...hat.com"
<mingo@...hat.com>, "x86@...nel.org" <x86@...nel.org>, "bp@...en8.de"
<bp@...en8.de>, "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>
CC: "kexec@...ts.infradead.org" <kexec@...ts.infradead.org>, "Reshetova,
Elena" <elena.reshetova@...el.com>, "Nakajima, Jun" <jun.nakajima@...el.com>,
"rafael@...nel.org" <rafael@...nel.org>, "peterz@...radead.org"
<peterz@...radead.org>, "Huang, Kai" <kai.huang@...el.com>,
"sathyanarayanan.kuppuswamy@...ux.intel.com"
<sathyanarayanan.kuppuswamy@...ux.intel.com>, "Hunter, Adrian"
<adrian.hunter@...el.com>, "thomas.lendacky@....com"
<thomas.lendacky@....com>, "ashish.kalra@....com" <ashish.kalra@....com>,
"linux-coco@...ts.linux.dev" <linux-coco@...ts.linux.dev>,
"seanjc@...gle.com" <seanjc@...gle.com>, "bhe@...hat.com" <bhe@...hat.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCHv5 10/16] x86/tdx: Convert shared memory back to private on
kexec
The break apart looks good.
On Sat, 2023-12-23 at 02:52 +0300, Kirill A. Shutemov wrote:
> + while (addr < end) {
> + unsigned long size;
> + unsigned int level;
> + pte_t *pte;
> +
> + pte = lookup_address(addr, &level);
> + size = page_level_size(level);
> +
> + if (pte && pte_decrypted(*pte)) {
> + int pages = size / PAGE_SIZE;
> +
> + /*
> + * Touching memory with shared bit set
> triggers implicit
> + * conversion to shared.
> + *
> + * Make sure nobody touches the shared range
> from
> + * now on.
> + */
> + set_pte(pte, __pte(0));
Does this need a full shootdown at this point, at least in the crash
case? A local flush for the non-crash case might be nice too.
Also, probably a barrier() between set_pte() and
tdx_enc_status_changed().
> +
> + if (!tdx_enc_status_changed(addr, pages,
> true)) {
> + pr_err("Failed to unshare range %#lx-
> %#lx\n",
> + addr, addr + size);
> + }
Powered by blists - more mailing lists