| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 1 Feb 2024 16:39:00 +0200
From: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
To: "Huang, Kai" <kai.huang@...el.com>
Cc: Dave Hansen <dave.hansen@...el.com>, linux-kernel@...r.kernel.org,
x86@...nel.org, tglx@...utronix.de, bp@...en8.de, mingo@...hat.com,
hpa@...or.com, luto@...nel.org, peterz@...radead.org, thomas.lendacky@....com,
chao.gao@...el.com, bhe@...hat.com, nik.borisov@...e.com, pbonzini@...hat.com
Subject: Re: [PATCH 3/4] x86/kexec(): Reset TDX private memory on platforms
with TDX erratum
On Thu, Feb 01, 2024 at 10:22:18PM +0800, Huang, Kai wrote:
>
>
> On 1/02/2024 6:03 am, Kirill A. Shutemov wrote:
> > On Wed, Jan 31, 2024 at 01:21:39PM -0800, Dave Hansen wrote:
> > > > #ifdef CONFIG_KEXEC_JUMP
> > > > if (image->preserve_context)
> > > > save_processor_state();
> > > > + else
> > > > + tdx_reset_memory();
> > > > +#else
> > > > + tdx_reset_memory();
> > > > #endif
> > >
> > > Wow, that's awfully hard to read. I really wish folks' gag reflex would
> > > kick in when they see stuff like this to get them to spend an additional
> > > 15 seconds to turn this into:
> > >
> > > if (IS_ENABLED(CONFIG_KEXEC_JUMP) && image->preserve_context)
> > > save_processor_state();
> > > else
> > > tdx_reset_memory();
> >
> > save_processor_state() is declared under CONFIG_PM_SLEEP, so I guess your
> > variant might break build in some cases without updated suspend.h.
>
> I tried. If I turn off both SUSPEND and HIBERNATION in the Kconfig I got
> build error:
>
> arch/x86/kernel/machine_kexec_64.c:325:17: error: implicit declaration of
> function ‘save_processor_state’ [-Werror=implicit-function-declaration]
> 325 | save_processor_state();
> | ^~~~~~~~~~~~~~~~~~~~
Moving save_processor_state() declaration outside all defines would do the
trick.
Something like the patch below.
But finding the right spot for the move can be tricky. I don't particular
like where I moved it.
diff --git a/include/linux/suspend.h b/include/linux/suspend.h
index ef503088942d..1c17059df039 100644
--- a/include/linux/suspend.h
+++ b/include/linux/suspend.h
@@ -201,6 +201,9 @@ struct platform_s2idle_ops {
void (*end)(void);
};
+void save_processor_state(void);
+void restore_processor_state(void);
+
#ifdef CONFIG_SUSPEND
extern suspend_state_t pm_suspend_target_state;
extern suspend_state_t mem_sleep_current;
@@ -491,8 +494,6 @@ static inline int is_hibernate_resume_dev(dev_t dev) { return 0; }
extern struct mutex system_transition_mutex;
#ifdef CONFIG_PM_SLEEP
-void save_processor_state(void);
-void restore_processor_state(void);
/* kernel/power/main.c */
extern int register_pm_notifier(struct notifier_block *nb);
--
Kiryl Shutsemau / Kirill A. Shutemov
Powered by blists - more mailing lists