| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alkew673cceojzmhsp3wj43yv76cek5ydh2iosfcphuv6ro26q@pj6whxcoetht> Date: Wed, 5 Jun 2024 15:21:42 +0300 From: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com> To: Borislav Petkov <bp@...en8.de> Cc: Dave Hansen <dave.hansen@...el.com>, adrian.hunter@...el.com, ardb@...nel.org, ashish.kalra@....com, bhe@...hat.com, dave.hansen@...ux.intel.com, elena.reshetova@...el.com, haiyangz@...rosoft.com, hpa@...or.com, jun.nakajima@...el.com, kai.huang@...el.com, kexec@...ts.infradead.org, kys@...rosoft.com, linux-acpi@...r.kernel.org, linux-coco@...ts.linux.dev, linux-hyperv@...r.kernel.org, linux-kernel@...r.kernel.org, ltao@...hat.com, mingo@...hat.com, peterz@...radead.org, rafael@...nel.org, rick.p.edgecombe@...el.com, sathyanarayanan.kuppuswamy@...ux.intel.com, seanjc@...gle.com, tglx@...utronix.de, thomas.lendacky@....com, x86@...nel.org Subject: Re: [PATCHv11.1 11/19] x86/tdx: Convert shared memory back to private on kexec On Tue, Jun 04, 2024 at 08:05:54PM +0200, Borislav Petkov wrote: > On Tue, Jun 04, 2024 at 07:14:00PM +0300, Kirill A. Shutemov wrote: > > /* > > * If tdx_enc_status_changed() fails, it leaves memory > > * in an unknown state. If the memory remains shared, > > * it can result in an unrecoverable guest shutdown on > > * the first accessed through a private mapping. > > "access" Okay. > So this sentence above can go too, right? I don't think so. > Because that comment is in tdx_kexec_finish() and we're basically going > off to kexec. So can a guest even access it through a private mapping? > We're shutting down so nothing is running anymore... This kernel can't. But the next kernel can. If a page can be accessed via private mapping is determined by the presence in Secure EPT. This state persist across kexec. > > * The kdump kernel boot is not impacted as it uses > > * a pre-reserved memory range that is always private. > > * However, gathering crash information could lead to > > * a crash if it accesses unconverted memory through > > * a private mapping. > > When does the kexec kernel even get such a private mapping? It is not > even up yet... Crash kernel provides access to this memory via /proc/vmcore. Crash kernel will assume all memory there is private. > > * pr_err() may assist in understanding such crashes. > > "Print error info in order to leave bread crumbs for debugging." is what > I'd say. Okay. -- Kiryl Shutsemau / Kirill A. Shutemov
Powered by blists - more mailing lists