lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <de5905fe-214d-4740-8b6d-45386efa50ca@amd.com>
Date: Wed, 6 Nov 2024 11:20:41 -0800
From: "Melody (Huibo) Wang" <huibo.wang@....com>
To: Neeraj Upadhyay <Neeraj.Upadhyay@....com>, <linux-kernel@...r.kernel.org>
CC: <tglx@...utronix.de>, <mingo@...hat.com>, <dave.hansen@...ux.intel.com>,
	<Thomas.Lendacky@....com>, <nikunj@....com>, <Santosh.Shukla@....com>,
	<Vasant.Hegde@....com>, <Suravee.Suthikulpanit@....com>, <bp@...en8.de>,
	<David.Kaplan@....com>, <x86@...nel.org>, <hpa@...or.com>,
	<peterz@...radead.org>, <seanjc@...gle.com>, <pbonzini@...hat.com>,
	<kvm@...r.kernel.org>
Subject: Re: [RFC 03/14] x86/apic: Populate .read()/.write() callbacks of
 Secure AVIC driver

Hi Neeraj,

On 9/13/2024 4:36 AM, Neeraj Upadhyay wrote:
> The x2APIC registers are mapped at an offset within the guest APIC
> backing page which is same as their x2APIC MMIO offset. Secure AVIC
> adds new registers such as ALLOWED_IRRs (which are at 4-byte offset
> within the IRR register offset range) and NMI_REQ to the APIC register
> space. In addition, the APIC_ID register is writable and configured by
> guest.
> 
> Add read() and write() APIC callback functions to read and write x2APIC
> registers directly from the guest APIC backing page.
> 
> The default .read()/.write() callbacks of x2APIC drivers perform
> a rdmsr/wrmsr of the x2APIC registers. When Secure AVIC is enabled,
> these would result in #VC exception (for non-accelerated register
> accesses). The #VC exception handler reads/write the x2APIC register
> in the guest APIC backing page. Since this would increase the latency
> of accessing x2APIC registers, the read() and write() callbacks of
> Secure AVIC driver directly reads/writes to the guest APIC backing page.
> 
I think this is important non-obvious information which should be in a comment in the code
itself, not just in the commit message. 

Thanks,
Melody

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ