lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <d97c6518-b434-42da-bd12-88cf432d1163@amd.com>
Date: Wed, 17 Apr 2024 13:29:53 +0530
From: "Nikunj A. Dadhania" <nikunj@....com>
To: Borislav Petkov <bp@...en8.de>
Cc: linux-kernel@...r.kernel.org, thomas.lendacky@....com, x86@...nel.org,
 kvm@...r.kernel.org, mingo@...hat.com, tglx@...utronix.de,
 dave.hansen@...ux.intel.com, pgonda@...gle.com, seanjc@...gle.com,
 pbonzini@...hat.com
Subject: Re: [PATCH v8 05/16] x86/sev: Cache the secrets page address

On 4/17/2024 10:57 AM, Nikunj A. Dadhania wrote:
> On 4/16/2024 8:15 PM, Borislav Petkov wrote:
>> On Thu, Feb 15, 2024 at 05:01:17PM +0530, Nikunj A Dadhania wrote:
>>> +/* Secrets page physical address from the CC blob */
>>> +static u64 secrets_pa __ro_after_init;
>>
>> Since you're going to use this during runtime (are you?), 
> 
> Yes, this is used during runtime, during initial boot will be used by Secure TSC and later by sev-guest driver.
> 
>> why don't you put in here the result of:
>>
>> 	ioremap_encrypted(secrets_pa, PAGE_SIZE);
>>
>> so that you can have it ready and not even have to ioremap each time?
> 

> @@ -2118,6 +2083,14 @@ bool __init snp_init(struct boot_params *bp)
>  	if (!cc_info)
>  		return false;
>  
> +	if (cc_info->secrets_phys && cc_info->secrets_len == PAGE_SIZE) {
> +		secrets_page = ioremap_encrypted(cc_info->secrets_phys, PAGE_SIZE);

ioremap_encrypted() does not work this early, snp guest boot fails, will debug further.

Regards,
Nikunj


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ