lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 19 Mar 2024 01:48:43 +0000
From: Kai Huang <kai.huang@...el.com>
To: linux-kernel@...r.kernel.org
Cc: x86@...nel.org,
	dave.hansen@...el.com,
	bp@...en8.de,
	kirill.shutemov@...ux.intel.com,
	tglx@...utronix.de,
	mingo@...hat.com,
	hpa@...or.com,
	luto@...nel.org,
	peterz@...radead.org,
	rick.p.edgecombe@...el.com,
	thomas.lendacky@....com,
	ashish.kalra@....com,
	chao.gao@...el.com,
	bhe@...hat.com,
	nik.borisov@...e.com,
	pbonzini@...hat.com,
	seanjc@...gle.com
Subject: [PATCH v2 0/5] TDX host: kexec() support

Currently kexec() support and TDX host are muturally exclusive in the
Kconfig.  This series adds the TDX host kexec support so that they can
work together and can be enabled at the same time in the Kconfig.

v1 -> v2:
 - Do unconditional WBINVD during kexec() -- Boris
 - Change to cover crash kexec() -- Rick
 - Add a new patch (last one) to add a mechanism to reset all TDX private
   pages due to having to cover crash kexec().
 - Other code improvements  -- Dave
 - Rebase to latest tip/master.

Hi Dave, Sean, Paolo,

The last patch provides a new mechanism to handle all other TDX private
pages when they become possible to exist, e.g., when KVM is ready to run
TDX guests.  It's not mandatory at this stage because currently we only
have PAMT as private pages, but if we agree it's the right way to do then
it can be applied together with rest patches too.

KVM will be the first user of this, could you help to review?

Thanks in advance.

Hi Tom, Ashish,

This series touches AMD SME code too, and I don't have AMD machine to
test.  I appreciate if you can help to review and/or test.

Kai Huang (5):
  x86/kexec: do unconditional WBINVD in stop_this_cpu()
  x86/kexec: do unconditional WBINVD in relocate_kernel()
  x86/kexec: Reset TDX private memory on platforms with TDX erratum
  x86/virt/tdx: Remove the !KEXEC_CORE dependency
  x86/virt/tdx: Add TDX memory reset notifier to reset other private
    pages

 arch/x86/Kconfig                     |   1 -
 arch/x86/include/asm/kexec.h         |   3 +-
 arch/x86/include/asm/tdx.h           |  16 +++++
 arch/x86/kernel/machine_kexec_64.c   |  30 ++++++--
 arch/x86/kernel/process.c            |  17 ++---
 arch/x86/kernel/relocate_kernel_64.S |  13 +---
 arch/x86/virt/vmx/tdx/tdx.c          | 100 +++++++++++++++++++++++++++
 7 files changed, 150 insertions(+), 30 deletions(-)


base-commit: 7e19a79344df2ed5e106091c29338962261b0290
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ