| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Jun 2024 18:12:13 +0300 From: Nikolay Borisov <nik.borisov@...e.com> To: Kai Huang <kai.huang@...el.com>, linux-kernel@...r.kernel.org Cc: x86@...nel.org, dave.hansen@...el.com, dan.j.williams@...el.com, kirill.shutemov@...ux.intel.com, rick.p.edgecombe@...el.com, peterz@...radead.org, tglx@...utronix.de, bp@...en8.de, mingo@...hat.com, hpa@...or.com, seanjc@...gle.com, pbonzini@...hat.com, kvm@...r.kernel.org, isaku.yamahata@...el.com, binbin.wu@...ux.intel.com Subject: Re: [PATCH 9/9] x86/virt/tdx: Don't initialize module that doesn't support NO_RBP_MOD feature On 16.06.24 г. 15:01 ч., Kai Huang wrote: > Old TDX modules can clobber RBP in the TDH.VP.ENTER SEAMCALL. However > RBP is used as frame pointer in the x86_64 calling convention, and > clobbering RBP could result in bad things like being unable to unwind > the stack if any non-maskable exceptions (NMI, #MC etc) happens in that > gap. > > A new "NO_RBP_MOD" feature was introduced to more recent TDX modules to > not clobber RBP. This feature is reported in the TDX_FEATURES0 global > metadata field via bit 18. > > Don't initialize the TDX module if this feature is not supported [1]. > > Link: https://lore.kernel.org/all/c0067319-2653-4cbd-8fee-1ccf21b1e646@suse.com/T/#mef98469c51e2382ead2c537ea189752360bd2bef [1] > Signed-off-by: Kai Huang <kai.huang@...el.com> Reviewed-by: Nikolay Borisov <nik.borisov@...e.com>
Powered by blists - more mailing lists