| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241029155739.GNZyEF88OV1m-tU94h@fat_crate.local>
Date: Tue, 29 Oct 2024 16:57:39 +0100
From: Borislav Petkov <bp@...en8.de>
To: Xiaoyao Li <xiaoyao.li@...el.com>
Cc: "Nikunj A. Dadhania" <nikunj@....com>, linux-kernel@...r.kernel.org,
thomas.lendacky@....com, x86@...nel.org, kvm@...r.kernel.org,
mingo@...hat.com, tglx@...utronix.de, dave.hansen@...ux.intel.com,
pgonda@...gle.com, seanjc@...gle.com, pbonzini@...hat.com
Subject: Re: [PATCH v14 03/13] x86/sev: Add Secure TSC support for SNP guests
On Tue, Oct 29, 2024 at 11:14:29PM +0800, Xiaoyao Li wrote:
> However, how secure TSC related to memory encryption?
Are you kidding me?
Secure TSC is a SNP feature.
I don't think you're getting it so lemme elaborate:
mem_encrypt.c is only *trying* to be somewhat generic but there is stuff like:
if (cc_platform_has(CC_ATTR_HOST_SEV_SNP))
snp_fixup_e820_tables();
for example.
Both TDX and SEV/SNP need to call *something* at different times during boot
for various reasons.
We could aim for generalizing things by doing per-vendor early init functions,
which is ok, but hasn't been the main goal so far. So far the goal is to do
the proper init/setup calls at the right time during boot and not allow the
code to grow into an unmaintainable mess while doing so.
But both vendors need to do different things at different times during the
lifetime of the kernel depending on what they need/want to support.
IOW, the memory encryption code is still shaping up...
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists