lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <468ea253c2b641dc826bce5e219ff0e6@baidu.com>
Date: Thu, 4 Jul 2024 01:00:44 +0000
From: "Li,Rongqing" <lirongqing@...du.com>
To: "kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
	"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>, "x86@...nel.org"
	<x86@...nel.org>, "linux-coco@...ts.linux.dev" <linux-coco@...ts.linux.dev>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"rick.p.edgecombe@...el.com" <rick.p.edgecombe@...el.com>
Subject: RE: [PATCH][v4] virt: tdx-guest: Don't free decrypted memory

> In CoCo VMs it is possible for the untrusted host to cause
> set_memory_decrypted() to fail such that an error is returned and the resulting
> memory is shared. Callers need to take care to handle these errors to avoid
> returning decrypted (shared) memory to the page allocator, which could lead to
> functional or security issues.
> 
> Leak the decrypted memory when set_memory_decrypted() fails, and don't
> need to print an error since set_memory_decrypted() will call WARN_ONCE().
> 
> Reviewed-by: Rick Edgecombe <rick.p.edgecombe@...el.com>
> Reviewed-by: Kirill A. Shutemov <kirill.shutemov@...ux.intel.com>
> Signed-off-by: Li RongQing <lirongqing@...du.com>
> ---


 Ping

Thank

-LiRongQing

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ