| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250401224312.3264346-1-dave.hansen@linux.intel.com>
Date: Tue, 1 Apr 2025 15:43:12 -0700
From: Dave Hansen <dave.hansen@...ux.intel.com>
To: torvalds@...ux-foundation.org
Cc: x86@...nel.org,
linux-kernel@...r.kernel.org,
Dave Hansen <dave.hansen@...ux.intel.com>
Subject: [GIT PULL] x86/tdx for 6.15-rc1
Hi Linus,
Please pull some x86/tdx changes for 6.15-rc1. This is coming during the
merge window, but it is really a bug fix.
TDX guests aren't expected to use the HLT instruction directly. It
causes a virtualization exception (#VE). While the #VE _can_ be
handled, the current handling is slow and buggy and the easiest thing
is just to avoid HLT in the first place. Plus, the kernel already has
paravirt infrastructure that makes it relatively painless.
Make TDX guests require paravirt and add some TDX-specific paravirt
handlers which avoid HLT in the normal halt routines. Also add a warning
in case another HLT sneaks in.
There was a report that this leads to a "major performance improvement"
on specjbb2015, probably because of the extra #VE overhead or missed
wakeups from the buggy HLT handling.
--
The following changes since commit 0d86c2395390efd61d111698ec120b5a79303b99:
Merge tag 'ras_core_for_v6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip (2025-03-25 14:13:35 -0700)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/x86_tdx_for_6.15-rc1
for you to fetch changes up to e8f45927ee5d99fa52f14205a2c7ac3820c64457:
x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (2025-03-26 08:52:10 +0100)
----------------------------------------------------------------
* Avoid direct HLT instruction execution in TDX guests
----------------------------------------------------------------
Kirill A. Shutemov (1):
x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT
Vishal Annapurve (2):
x86/tdx: Fix arch_safe_halt() execution for TDX VMs
x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling
arch/x86/Kconfig | 1 +
arch/x86/coco/tdx/tdx.c | 34 ++++++++++++++++++++++++++++-
arch/x86/include/asm/irqflags.h | 40 +++++++++++++++++++----------------
arch/x86/include/asm/paravirt.h | 20 +++++++++---------
arch/x86/include/asm/paravirt_types.h | 3 +--
arch/x86/include/asm/tdx.h | 4 ++--
arch/x86/kernel/paravirt.c | 14 ++++++------
arch/x86/kernel/process.c | 2 +-
8 files changed, 78 insertions(+), 40 deletions(-)
Powered by blists - more mailing lists