lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <dbbypcttkcgg55rkoxjy4rvdyf3qtychqotmxxrrq3urtgul2j@yzbh62cyv635>
Date: Mon, 8 Jul 2024 15:23:58 +0300
From: "Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>
To: Tim Merrifield <tim.merrifield@...adcom.com>
Cc: Dave Hansen <dave.hansen@...ux.intel.com>, 
	Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, 
	x86@...nel.org, "H . Peter Anvin" <hpa@...or.com>, Xin Li <xin3.li@...el.com>, 
	Ard Biesheuvel <ardb@...nel.org>, Kai Huang <kai.huang@...el.com>, 
	Kevin Loughlin <kevinloughlin@...gle.com>, Thomas Zimmermann <tzimmermann@...e.de>, 
	Rick Edgecombe <rick.p.edgecombe@...el.com>, Kees Cook <kees@...nel.org>, Mike Rapoport <rppt@...nel.org>, 
	Brian Gerst <brgerst@...il.com>, linux-coco@...ts.linux.dev, linux-kernel@...r.kernel.org, 
	Ajay Kaher <ajay.kaher@...adcom.com>, Alexey Makhalov <alexey.amakhalov@...adcom.com>, 
	Broadcom internal kernel review list <bcm-kernel-feedback-list@...adcom.com>, virtualization@...ts.linux.dev, alex.james@...adcom.com, 
	doug.covelli@...adcom.com, jeffrey.sheldon@...adcom.com
Subject: Re: [PATCH 2/2] x86/vmware: VMware support for TDX userspace
 hypercalls

On Wed, Jul 03, 2024 at 11:36:01PM +0000, Tim Merrifield wrote:
> @@ -539,6 +547,24 @@ unsigned long vmware_tdx_hypercall(unsigned long cmd,
>  	return args.r12;
>  }
>  EXPORT_SYMBOL_GPL(vmware_tdx_hypercall);
> +
> +static bool vmware_tdx_user_hcall(struct pt_regs *regs)
> +{
> +	struct tdx_module_args args;

Zero the struct to not leak data to VMM.

> +
> +	vmware_init_tdx_args(&args, true, regs->cx, regs->bx,
> +			     regs->dx, regs->si, regs->di, regs->bp);
> +	__tdx_hypercall(&args);
> +	regs->ax = args.r12;
> +	regs->bx = args.rbx;
> +	regs->cx = args.r13;
> +	regs->dx = args.rdx;
> +	regs->si = args.rsi;
> +	regs->di = args.rdi;
> +	regs->bp = args.r14;
> +
> +	return true;
> +}
>  #endif
>  
>  #ifdef CONFIG_AMD_MEM_ENCRYPT
> @@ -586,4 +612,7 @@ const __initconst struct hypervisor_x86 x86_hyper_vmware = {
>  	.runtime.sev_es_hcall_prepare	= vmware_sev_es_hcall_prepare,
>  	.runtime.sev_es_hcall_finish	= vmware_sev_es_hcall_finish,
>  #endif
> +#ifdef CONFIG_INTEL_TDX_GUEST
> +	.runtime.tdx_hcall              = vmware_tdx_user_hcall,
> +#endif
>  };
> -- 
> 2.40.1
> 

-- 
  Kiryl Shutsemau / Kirill A. Shutemov

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ