lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <0075eb07-c172-45d0-836e-b1d1a2abe56c@intel.com>
Date: Thu, 14 Nov 2024 12:35:30 +1300
From: "Huang, Kai" <kai.huang@...el.com>
To: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>, "Hansen, Dave"
	<dave.hansen@...el.com>, "seanjc@...gle.com" <seanjc@...gle.com>,
	"bp@...en8.de" <bp@...en8.de>, "peterz@...radead.org" <peterz@...radead.org>,
	"hpa@...or.com" <hpa@...or.com>, "mingo@...hat.com" <mingo@...hat.com>,
	"kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
	"tglx@...utronix.de" <tglx@...utronix.de>, "pbonzini@...hat.com"
	<pbonzini@...hat.com>, "Williams, Dan J" <dan.j.williams@...el.com>
CC: "nik.borisov@...e.com" <nik.borisov@...e.com>, "Hunter, Adrian"
	<adrian.hunter@...el.com>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>, "x86@...nel.org" <x86@...nel.org>, "Yamahata,
 Isaku" <isaku.yamahata@...el.com>
Subject: Re: [PATCH v8 0/9] TDX host: metadata reading tweaks and bug fixes



On 14/11/2024 11:53 am, Edgecombe, Rick P wrote:
> On Thu, 2024-11-14 at 11:40 +1300, Huang, Kai wrote:
>>> So I think it is not part of the "bare minimum". I don't have any objection
>>> with
>>> it going upstream with rest of this series if it doesn't delay it. But I
>>> want to
>>> make sure we don't have any more confusion that will cause further delays.
>>
>> We have two issues that need to be addressed.  Addressing them could
>> bring the infrastructure that is needed for KVM TDX as well, so this is
>> the "minimal code" given the goal I want to achieve here.
> 
> I'm confused by this. "could bring the infrastructure"? What is the "goal I want
> to achieve"?

The goal is mentioned in beginning of the cover letter:

1) address two issues in the current TDX module initialization code, and
2) have an extendable infrastructure which is super easy to read more
    metadata and share with KVM for KVM TDX support (and other kernel
    components for TDX Connect in the future).

> 
> Let me ask it another way, if we drop patches 7 and 8 and pushed them in a later
> series. (say after TDX gets upstream for the sake of this question, but I'm not
> suggesting a schedule). Then what is the consequence to the goal of booting a TD
> on some HW?

The patch to fix the bug is not a dependency of KVM TDX, but it is a 
real issue.  Customers have reported this issue, requested the fix and 
integrated the fix to their environment while we are still in middle of 
upstreaming KVM TDX.

So I don't see anything wrong to include it here.  It also gives us an 
additional user of the new metadata infrastructure.

> 
> I'm not questioning that the patches are in order, or that they should be fixed
> urgently. I'm just trying to make sure we are clear to Dave on why this is all
> needed.

Yeah I'll certainly follow Dave's request.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ