lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 2 Jul 2024 19:44:25 +0200
From: Borislav Petkov <bp@...en8.de>
To: Ard Biesheuvel <ardb@...nel.org>
Cc: Steve Wahl <steve.wahl@....com>, Ashish Kalra <ashish.kalra@....com>,
	Dave Hansen <dave.hansen@...ux.intel.com>,
	Andy Lutomirski <luto@...nel.org>,
	Peter Zijlstra <peterz@...radead.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>, x86@...nel.org,
	"H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org,
	Pavin Joseph <me@...injoseph.com>,
	Eric Hagberg <ehagberg@...il.com>,
	Simon Horman <horms@...ge.net.au>,
	Eric Biederman <ebiederm@...ssion.com>,
	Dave Young <dyoung@...hat.com>, Sarah Brofeldt <srhb@....dk>,
	Russ Anderson <rja@....com>, Dimitri Sivanich <sivanich@....com>,
	Hou Wenlong <houwenlong.hwl@...group.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Baoquan He <bhe@...hat.com>, Yuntao Wang <ytcoode@...il.com>,
	Bjorn Helgaas <bhelgaas@...gle.com>, Joerg Roedel <jroedel@...e.de>,
	Michael Roth <michael.roth@....com>
Subject: Re: [PATCH 0/3] Resolve problems with kexec identity mapping

On Mon, Jul 01, 2024 at 04:27:04PM +0200, Borislav Petkov wrote:
> On Mon, Jun 24, 2024 at 10:13:44AM -0500, Steve Wahl wrote:
> > These accesses are a problem because they happen prior to establishing
> > the page fault interrupt handler that would mend the identity map.  I
> > know very little about the AMD SEV feature but reading the code I
> > think it may be required to do this before setting up that handler.
> 
> Yeah, from looking at it, we should be able to establish a #PF handler that
> early too but the devil's in the detail, especially in that early boot code.
> 
> Lemme poke some things and people...

Ard, from EFI perspective and boot services exiting, do you see any potential
issues if we enable a pagefault handler in load_stage1_idt() in
arch/x86/boot/compressed/head_64.S already or is the EFI pagetable not really
"reliable" then?

Would solve the issue in this thread where the EFI config table ends up not
mapped on some hw configurations, elegantly...

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ