| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 28 Mar 2024 18:53:41 -0700
From: "Chang S. Bae" <chang.seok.bae@...el.com>
To: linux-kernel@...r.kernel.org,
linux-crypto@...r.kernel.org,
dm-devel@...hat.com
Cc: ebiggers@...nel.org,
luto@...nel.org,
dave.hansen@...ux.intel.com,
tglx@...utronix.de,
bp@...en8.de,
mingo@...nel.org,
x86@...nel.org,
herbert@...dor.apana.org.au,
ardb@...nel.org,
elliott@....com,
dan.j.williams@...el.com,
bernie.keany@...el.com,
charishma1.gairuboyina@...el.com,
chang.seok.bae@...el.com,
Sangwhan Moon <sxm@...gle.com>
Subject: [PATCH v9 09/14] x86/hotplug/keylocker: Ensure wrapping key backup capability
To facilitate CPU hotplug, the wrapping key needs to be loaded during CPU
hotplug bringup. setup_keylocker() already establishes the routine
for the wakeup path by copying the key from the backup state.
Disable the feature if it's missing with CONFIG_HOTPLUG_CPU=y. Also,
update the code comment to indicate support for CPU hotplug.
Signed-off-by: Chang S. Bae <chang.seok.bae@...el.com>
Cc: Sangwhan Moon <sxm@...gle.com>
---
Changes from v8:
* Add as a new patch.
---
arch/x86/kernel/keylocker.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/arch/x86/kernel/keylocker.c b/arch/x86/kernel/keylocker.c
index d5d11d0263b7..1b57e11d93ad 100644
--- a/arch/x86/kernel/keylocker.c
+++ b/arch/x86/kernel/keylocker.c
@@ -69,6 +69,8 @@ static bool copy_keylocker(void)
* On wakeup, APs copy a wrapping key after the boot CPU verifies a valid
* backup status through restore_keylocker(). Subsequently, they adhere
* to the error handling protocol by invalidating the flag.
+ *
+ * This setup routine is also invoked in the hotplug bringup path.
*/
void setup_keylocker(void)
{
@@ -135,11 +137,11 @@ static int __init init_keylocker(void)
/*
* The backup is critical for restoring the wrapping key upon
- * wakeup.
+ * wakeup or during hotplug bringup.
*/
backup_available = !!(ebx & KEYLOCKER_CPUID_EBX_BACKUP);
- if (!backup_available && IS_ENABLED(CONFIG_SUSPEND)) {
- pr_debug("x86/keylocker: No key backup with possible S3/4.\n");
+ if (!backup_available && (IS_ENABLED(CONFIG_SUSPEND) || IS_ENABLED(CONFIG_HOTPLUG_CPU))) {
+ pr_debug("x86/keylocker: No key backup with possible S3/4 or CPU hotplug.\n");
goto clear_cap;
}
--
2.34.1
Powered by blists - more mailing lists