lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20250401224312.3264346-1-dave.hansen@linux.intel.com>
Date: Tue,  1 Apr 2025 15:43:12 -0700
From: Dave Hansen <dave.hansen@...ux.intel.com>
To: torvalds@...ux-foundation.org
Cc: x86@...nel.org,
	linux-kernel@...r.kernel.org,
	Dave Hansen <dave.hansen@...ux.intel.com>
Subject: [GIT PULL] x86/tdx for 6.15-rc1

Hi Linus,

Please pull some x86/tdx changes for 6.15-rc1. This is coming during the
merge window, but it is really a bug fix.

TDX guests aren't expected to use the HLT instruction directly. It
causes a virtualization exception (#VE). While the #VE _can_ be
handled, the current handling is slow and buggy and the easiest thing
is just to avoid HLT in the first place. Plus, the kernel already has
paravirt infrastructure that makes it relatively painless.

Make TDX guests require paravirt and add some TDX-specific paravirt
handlers which avoid HLT in the normal halt routines. Also add a warning
in case another HLT sneaks in.

There was a report that this leads to a "major performance improvement"
on specjbb2015, probably because of the extra #VE overhead or missed
wakeups from the buggy HLT handling.

--

The following changes since commit 0d86c2395390efd61d111698ec120b5a79303b99:

  Merge tag 'ras_core_for_v6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip (2025-03-25 14:13:35 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/x86_tdx_for_6.15-rc1

for you to fetch changes up to e8f45927ee5d99fa52f14205a2c7ac3820c64457:

  x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (2025-03-26 08:52:10 +0100)

----------------------------------------------------------------
 * Avoid direct HLT instruction execution in TDX guests

----------------------------------------------------------------
Kirill A. Shutemov (1):
      x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT

Vishal Annapurve (2):
      x86/tdx: Fix arch_safe_halt() execution for TDX VMs
      x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling

 arch/x86/Kconfig                      |  1 +
 arch/x86/coco/tdx/tdx.c               | 34 ++++++++++++++++++++++++++++-
 arch/x86/include/asm/irqflags.h       | 40 +++++++++++++++++++----------------
 arch/x86/include/asm/paravirt.h       | 20 +++++++++---------
 arch/x86/include/asm/paravirt_types.h |  3 +--
 arch/x86/include/asm/tdx.h            |  4 ++--
 arch/x86/kernel/paravirt.c            | 14 ++++++------
 arch/x86/kernel/process.c             |  2 +-
 8 files changed, 78 insertions(+), 40 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ