lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <55d0c2a9-54a3-4063-9f57-624e7eef4720@arm.com>
Date: Wed, 30 Apr 2025 16:41:27 +0100
From: Suzuki K Poulose <suzuki.poulose@....com>
To: Dan Williams <dan.j.williams@...el.com>,
 Dave Hansen <dave.hansen@...el.com>, dave.hansen@...ux.intel.com
Cc: Kirill Shutemov <kirill.shutemov@...ux.intel.com>,
 Vishal Annapurve <vannapurve@...gle.com>, Kees Cook <kees@...nel.org>,
 stable@...r.kernel.org, x86@...nel.org,
 Nikolay Borisov <nik.borisov@...e.com>, Naveen N Rao <naveen@...nel.org>,
 Ingo Molnar <mingo@...nel.org>, linux-kernel@...r.kernel.org,
 linux-coco@...ts.linux.dev, Arnd Bergmann <arnd@...db.de>,
 Greg Kroah-Hartman <gregkh@...uxfoundation.org>, mpe@...erman.id.au
Subject: Re: [PATCH v3 0/2] Restrict devmem for confidential VMs

Hi Dan

On 28/04/2025 23:48, Dan Williams wrote:
> Dave Hansen wrote:
>> On 4/17/25 12:11, Dan Williams wrote:
>>>   arch/x86/Kconfig          |    4 ++++
>>>   arch/x86/mm/pat/memtype.c |   31 ++++---------------------------
>>>   drivers/char/mem.c        |   27 +++++++++------------------
>>>   include/linux/io.h        |   21 +++++++++++++++++++++
>>>   4 files changed, 38 insertions(+), 45 deletions(-)
>>
>> This looks like a good idea on multiple levels. We can take it through
>> tip, but one things that makes me nervous is that neither of the "CHAR
>> and MISC DRIVERS" supporters are even on cc.
>>
>>> Arnd Bergmann <arnd@...db.de> (supporter:CHAR and MISC DRIVERS)
>>> Greg Kroah-Hartman <gregkh@...uxfoundation.org> (supporter:CHAR and MISC DRIVERS)
> 
> Good catch, just note that until this latest iteration the proposal was
> entirely contained to x86 specific support functions like devmem_is_allowed().
> So yes, an oversight as this moved to a more general devmem mechanism.
> 
>> I guess arm and powerpc have cc_platform_has() so it's not _completely_
>> x86 only, either. Acks from those folks would also be appreciated since
>> it's going to affect them most immediately.
> 
> I have added Suzuki and Michael for their awareness, but I would not say
> acks are needed at this point since to date CC_ATTR_GUEST_MEM_ENCRYPT is
> strictly an x86-ism.
> 
> For example, the PowerPC implementation of cc_platform_has() has not been
> touched since Tom added it.
> 
> Suzuki, Michael, at a minimum the question this patch poses to ARM64 and
> PowerPC is whether they are going to allow CONFIG_STRICT_DEVMEM=n, or otherwise
> understand that CONFIG_STRICT_DEVMEM=y == LOCKDOWN with
> CC_ATTR_GUEST_MEM_ENCRYPT.

For CCA we don't really enforce STRICT_DEVMEM. But we do expect people
to use it for safety reasons, but is not mandatory.

Does that help ?

Suzuki



> 
>> Also, just to confirm, patch 2 can go to stable@ without _any_
>> dependency on patch 1, right?
> 
> Correct. I will make them independent / unordered patches on the repost.
> 
> Next posting to fix the "select" instead of "depends on" dependency
> management, h/t Naveen, and clarify the "'crash' vs 'SEPT violation'"
> description.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ