lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <039bc47c-9b5d-41f3-87da-4500731ad347@intel.com>
Date: Thu, 12 Sep 2024 08:49:21 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
 Sean Christopherson <seanjc@...gle.com>
Cc: Alexey Gladkov <legion@...nel.org>, linux-kernel@...r.kernel.org,
 linux-coco@...ts.linux.dev, Thomas Gleixner <tglx@...utronix.de>,
 Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
 Dave Hansen <dave.hansen@...ux.intel.com>, "H. Peter Anvin" <hpa@...or.com>,
 Andrew Morton <akpm@...ux-foundation.org>, Yuan Yao <yuan.yao@...el.com>,
 Geert Uytterhoeven <geert@...ux-m68k.org>, Yuntao Wang <ytcoode@...il.com>,
 Kai Huang <kai.huang@...el.com>, Baoquan He <bhe@...hat.com>,
 Oleg Nesterov <oleg@...hat.com>, cho@...rosoft.com, decui@...rosoft.com,
 John.Starks@...rosoft.com, Paolo Bonzini <pbonzini@...hat.com>
Subject: Re: [PATCH v6 0/6] x86/tdx: Allow MMIO instructions from userspace

On 9/12/24 02:45, Kirill A. Shutemov wrote:
> On Wed, Sep 11, 2024 at 09:19:04AM -0700, Sean Christopherson wrote:
>> Yep.  Based on the original report[*], it sounds like the userspace program is
>> doing a memcpy(), so it's hard to even argue that userspace is being silly.
> The kernel does MMIO accesses using special helpers that use well-known
> instructions. I believe we should educate userspace to do the same by
> rejecting emulation of anything more complex than plain loads and stores.
> Otherwise these asks will keep coming.

My assumption is that folks have VMM-specific kernel drivers and crusty
old userspace that mmap()'s an MMIO region exposed by that driver. They
want to keep their old userspace.

Once we're dictating that specific instructions be used, the old
userspace doesn't work and it needs to be changed. Once it needs to be
changed, then some _other_ new ABI might as well be considered.

Basically:

	New ABI =~ Specific Kernel-mandated Instructions

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ