lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <9120e074-52af-4ae5-a08c-e62a879c7ebb@intel.com>
Date: Thu, 20 Feb 2025 13:47:03 -0800
From: Dave Hansen <dave.hansen@...el.com>
To: Vishal Annapurve <vannapurve@...gle.com>, x86@...nel.org,
 linux-kernel@...r.kernel.org, linux-coco@...ts.linux.dev,
 virtualization@...ts.linux.dev
Cc: pbonzini@...hat.com, seanjc@...gle.com, erdemaktas@...gle.com,
 ackerleytng@...gle.com, jxgao@...gle.com, sagis@...gle.com,
 oupton@...gle.com, pgonda@...gle.com, kirill@...temov.name,
 dave.hansen@...ux.intel.com, chao.p.peng@...ux.intel.com,
 isaku.yamahata@...il.com, sathyanarayanan.kuppuswamy@...ux.intel.com,
 jgross@...e.com, ajay.kaher@...adcom.com, alexey.amakhalov@...adcom.com,
 "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
 stable@...r.kernel.org, Andi Kleen <ak@...ux.intel.com>,
 Tony Luck <tony.luck@...el.com>
Subject: Re: [PATCH V5 1/4] x86/paravirt: Move halt paravirt calls under
 CONFIG_PARAVIRT

On 2/20/25 13:16, Vishal Annapurve wrote:
> Since enabling CONFIG_PARAVIRT_XXL is too bloated for TDX guest
> like platforms, move HLT and SAFE_HLT paravirt calls under
> CONFIG_PARAVIRT.

I guess it's just one patch, but doesn't this expose CONFIG_PARAVIRT=y
users to what _was_ specific to CONFIG_PARAVIRT_XXL=y? According to the
changelog, TDX users shouldn't have to use use PARAVIRT_XXL, so
PARAVIRT=y and PARAVIRT_XXL=n must be an *IMPORTANT* configuration for
TDX users.

Before this patch, those users would have no way to hit the
unsafe-for-TDX pv_native_safe_halt(). After this patch, they will hit it.

So, there are two possibilities:

 1. This patch breaks bisection for an important TDX configuration
 2. This patch's conjecture that PARAVIRT_XXL=n is important for TDX
    is wrong and it is not necessary in the first place.

What am I missing?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ