| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7bd03311-0c4c-41e6-b6dc-803b6455f170@intel.com> Date: Thu, 17 Apr 2025 10:50:06 -0700 From: Dave Hansen <dave.hansen@...el.com> To: Kai Huang <kai.huang@...el.com>, bp@...en8.de, tglx@...utronix.de, peterz@...radead.org, mingo@...hat.com Cc: kirill.shutemov@...ux.intel.com, hpa@...or.com, x86@...nel.org, linux-kernel@...r.kernel.org, pbonzini@...hat.com, seanjc@...gle.com, rick.p.edgecombe@...el.com, reinette.chatre@...el.com, isaku.yamahata@...el.com, dan.j.williams@...el.com, thomas.lendacky@....com, ashish.kalra@....com, nik.borisov@...e.com, sagis@...gle.com Subject: Re: [PATCH] x86/virt/tdx: Make TDX and kexec mutually exclusive at runtime On 4/16/25 16:02, Kai Huang wrote: > Full support for kexec on a TDX host would require complex work. > The cache flushing required would need to happen while stopping > remote CPUs, which would require changes to a fragile area of the > kernel. Doesn't kexec already stop remote CPUs? Doesn't this boil down to a WBINVD? How is that complex? > It would also require resetting TDX private pages, which is non- > trivial since the core kernel does not track them. Why? The next kernel will just use KeyID-0 which will blast the old pages away with no side effects... right? > Lastly, it would have to rely on a yet-to-be documented behavior > around the TME key (KeyID 0). I'll happily wait for the documentation if you insist on it (I don't).
Powered by blists - more mailing lists