lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ed35ce98-8f0a-4a64-b847-94d388da3b5c@amd.com>
Date: Thu, 22 May 2025 09:56:16 -0500
From: Kim Phillips <kim.phillips@....com>
To: Ashish Kalra <Ashish.Kalra@....com>, <seanjc@...gle.com>,
	<pbonzini@...hat.com>, <tglx@...utronix.de>, <mingo@...hat.com>,
	<bp@...en8.de>, <dave.hansen@...ux.intel.com>, <hpa@...or.com>,
	<herbert@...dor.apana.org.au>
CC: <x86@...nel.org>, <john.allen@....com>, <davem@...emloft.net>,
	<thomas.lendacky@....com>, <michael.roth@....com>, <kvm@...r.kernel.org>,
	<linux-kernel@...r.kernel.org>, <linux-crypto@...r.kernel.org>
Subject: Re: [PATCH v4 0/5] Add SEV-SNP CipherTextHiding feature support

Hi Ashish,

On 5/19/25 6:56 PM, Ashish Kalra wrote:
> From: Ashish Kalra <ashish.kalra@....com>
>
> Ciphertext hiding prevents host accesses from reading the ciphertext
> of SNP guest private memory. Instead of reading ciphertext, the host
> will see constant default values (0xff).
If I apply this on top of next-20250522, I get the following stacktrace,
i.e., this assertion failure:

static int sev_write_init_ex_file_if_required(int cmd_id)
{
         lockdep_assert_held(&sev_cmd_mutex);

Config attached.

Thanks,

Kim

[   34.653536] ------------[ cut here ]------------
[   34.653545] WARNING: CPU: 92 PID: 4581 at 
drivers/crypto/ccp/sev-dev.c:349 __sev_do_cmd_locked+0x7eb/0xb90 [ccp]
[   34.653570] Modules linked in: binfmt_misc rapl wmi_bmof kvm ast 
drm_client_lib drm_shmem_helper drm_kms_helper ccp(+) i2c_algo_bit 
i2c_piix4 k10temp i2c_smbus acpi_ipmi ipmi_si(+) ipmi_devintf 
ipmi_msghandler mac_hid sch_fq_codel dm_multipath drm efi_pstore 
nfnetlink dmi_sysfs ip_tables x_tables autofs4 btrfs blake2b_generic 
raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor 
async_tx xor raid6_pq raid1 raid0 linear dm_mirror dm_region_hash dm_log 
ghash_clmulni_intel nvme sha512_ssse3 ahci sha1_ssse3 libahci nvme_core 
wmi aesni_intel
[   34.653645] CPU: 92 UID: 0 PID: 4581 Comm: (udev-worker) Not tainted 
6.15.0-rc7-next-20250522+ #4 PREEMPT(voluntary) 
849304994a065362c1f65db9527c0b4292d5aea6
[   34.653651] Hardware name: AMD Corporation VOLCANO/VOLCANO, BIOS 
RVOT1005B 04/08/2025
[   34.653653] RIP: 0010:__sev_do_cmd_locked+0x7eb/0xb90 [ccp]
[   34.653661] Code: fa ff ff be ff ff ff ff 48 c7 c7 50 cd b1 c0 44 89 
85 70 ff ff ff e8 c4 fe f3 f3 44 8b 85 70 ff ff ff 85 c0 0f 85 e2 fd ff 
ff <0f> 0b e9 db fd ff ff 48 8b 05 57 aa 12 00 8b 0d 95 82 0c f5 48 c7
[   34.653664] RSP: 0018:ff51f9b5d9f37890 EFLAGS: 00010246
[   34.653668] RAX: 0000000000000000 RBX: 0000000000000083 RCX: 
0000000000000001
[   34.653671] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 
0000000000000246
[   34.653672] RBP: ff51f9b5d9f37940 R08: 0000000000000000 R09: 
0000000000000000
[   34.653674] R10: 0000000000000001 R11: 0000000000000001 R12: 
ff51f9b5d9f37954
[   34.653676] R13: ff3121dada778000 R14: 0000000000000000 R15: 
ff3121dadb5c5028
[   34.653677] FS:  00007f0ed64488c0(0000) GS:ff3121e9b1a00000(0000) 
knlGS:0000000000000000
[   34.653679] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   34.653681] CR2: 00005599a0790fc8 CR3: 0000000108cd8001 CR4: 
0000000000771ef0
[   34.653684] PKRU: 55555554
[   34.653686] Call Trace:
[   34.653687]  <TASK>
[   34.653701]  sev_get_api_version+0xb2/0x2b0 [ccp 
3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
[   34.653714]  ? __pfx_sp_mod_init+0x10/0x10 [ccp 
3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
[   34.653727]  sev_pci_init+0x4a/0x320 [ccp 
3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
[   34.653733]  ? preempt_count_sub+0x50/0x80
[   34.653741]  ? _raw_write_unlock_irqrestore+0x53/0x90
[   34.653748]  ? __pfx_sp_mod_init+0x10/0x10 [ccp 
3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
[   34.653756]  psp_pci_init+0x2f/0x50 [ccp 
3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
[   34.653763]  sp_mod_init+0x32/0xff0 [ccp 
3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
[   34.653770]  do_one_initcall+0x5f/0x3c0
[   34.653774]  ? __kmalloc_cache_noprof+0x331/0x430
[   34.653784]  do_init_module+0x68/0x260
[   34.653789]  load_module+0x22ea/0x2410
[   34.653803]  ? kernel_read_file+0x2a4/0x320
[   34.653811]  init_module_from_file+0x96/0xd0
[   34.653815]  ? init_module_from_file+0x96/0xd0
[   34.653825]  idempotent_init_module+0x117/0x330
[   34.653836]  __x64_sys_finit_module+0x6f/0xe0
[   34.653841]  x64_sys_call+0x1f9e/0x20c0
[   34.653844]  do_syscall_64+0x8d/0x2d0
[   34.653849]  ? local_clock_noinstr+0x12/0xc0
[   34.653855]  ? rcu_read_unlock+0x1b/0x70
[   34.653860]  ? sched_clock_noinstr+0xd/0x20
[   34.653864]  ? local_clock_noinstr+0x12/0xc0
[   34.653869]  ? exc_page_fault+0x95/0x230
[   34.653876]  ? irqentry_exit_to_user_mode+0xb1/0x1e0
[   34.653880]  ? irqentry_exit+0x6f/0xa0
[   34.653882]  ? exc_page_fault+0xb4/0x230
[   34.653886]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   34.653888] RIP: 0033:0x7f0ed632725d
[   34.653892] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 
48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 
05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8b bb 0d 00 f7 d8 64 89 01 48
[   34.653894] RSP: 002b:00007ffe599733b8 EFLAGS: 00000246 ORIG_RAX: 
0000000000000139
[   34.653897] RAX: ffffffffffffffda RBX: 00005599a07b4370 RCX: 
00007f0ed632725d
[   34.653899] RDX: 0000000000000000 RSI: 00007f0ed662507d RDI: 
0000000000000022
[   34.653901] RBP: 00007ffe59973470 R08: 0000000000000040 R09: 
00007ffe59973420
[   34.653902] R10: 00007f0ed6403b20 R11: 0000000000000246 R12: 
00007f0ed662507d
[   34.653903] R13: 0000000000020000 R14: 00005599a07b6020 R15: 
00005599a07b9230
[   34.653913]  </TASK>
[   34.653914] irq event stamp: 211387
[   34.653916] hardirqs last  enabled at (211393): [<ffffffffb37a6786>] 
__up_console_sem+0x86/0x90
[   34.653922] hardirqs last disabled at (211398): [<ffffffffb37a676b>] 
__up_console_sem+0x6b/0x90
[   34.653923] softirqs last  enabled at (209856): [<ffffffffb36e364f>] 
handle_softirqs+0x32f/0x410
[   34.653928] softirqs last disabled at (209833): [<ffffffffb36e3800>] 
__irq_exit_rcu+0xc0/0xf0
[   34.653932] ---[ end trace 0000000000000000 ]---
[   34.654388] ------------[ cut here ]------------
[   34.654391] WARNING: CPU: 92 PID: 4581 at 
drivers/crypto/ccp/sev-dev.c:349 __sev_do_cmd_locked+0x7eb/0xb90 [ccp]
[   34.654396] Modules linked in: binfmt_misc rapl wmi_bmof kvm ast 
drm_client_lib drm_shmem_helper drm_kms_helper ccp(+) i2c_algo_bit 
i2c_piix4 k10temp i2c_smbus acpi_ipmi ipmi_si(+) ipmi_devintf 
ipmi_msghandler mac_hid sch_fq_codel dm_multipath drm efi_pstore 
nfnetlink dmi_sysfs ip_tables x_tables autofs4 btrfs blake2b_generic 
raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor 
async_tx xor raid6_pq raid1 raid0 linear dm_mirror dm_region_hash dm_log 
ghash_clmulni_intel nvme sha512_ssse3 ahci sha1_ssse3 libahci nvme_core 
wmi aesni_intel
[   34.654430] CPU: 92 UID: 0 PID: 4581 Comm: (udev-worker) Tainted: 
G        W           6.15.0-rc7-next-20250522+ #4 PREEMPT(voluntary)  
849304994a065362c1f65db9527c0b4292d5aea6
[   34.654433] Tainted: [W]=WARN
[   34.654435] RIP: 0010:__sev_do_cmd_locked+0x7eb/0xb90 [ccp]
[   34.654439] Code: fa ff ff be ff ff ff ff 48 c7 c7 50 cd b1 c0 44 89 
85 70 ff ff ff e8 c4 fe f3 f3 44 8b 85 70 ff ff ff 85 c0 0f 85 e2 fd ff 
ff <0f> 0b e9 db fd ff ff 48 8b 05 57 aa 12 00 8b 0d 95 82 0c f5 48 c7
[   34.654440] RSP: 0018:ff51f9b5d9f37890 EFLAGS: 00010246
[   34.654442] RAX: 0000000000000000 RBX: 00000000000000ce RCX: 
0000000000000001
[   34.654443] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 
0000000000000246
[   34.654443] RBP: ff51f9b5d9f37940 R08: 0000000000000000 R09: 
0000000000000000
[   34.654444] R10: 0000000000000001 R11: 0000000000000001 R12: 
ff51f9b5d9f37968
[   34.654445] R13: ff3121dada778000 R14: 0000000000000000 R15: 
ff3121dadb5c5028
[   34.654446] FS:  00007f0ed64488c0(0000) GS:ff3121e9b1a00000(0000) 
knlGS:0000000000000000
[   34.654447] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   34.654448] CR2: 00005599a0790fc8 CR3: 0000000108cd8001 CR4: 
0000000000771ef0
[   34.654449] PKRU: 55555554
[   34.654450] Call Trace:
[   34.654451]  <TASK>
[   34.654457]  sev_get_api_version+0x1e6/0x2b0 [ccp 
3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
[   34.654463]  ? __pfx_sp_mod_init+0x10/0x10 [ccp 
3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
[   34.654469]  sev_pci_init+0x4a/0x320 [ccp 
3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
[   34.654473]  ? preempt_count_sub+0x50/0x80
[   34.654475]  ? _raw_write_unlock_irqrestore+0x53/0x90
[   34.654477]  ? __pfx_sp_mod_init+0x10/0x10 [ccp 
3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
[   34.654482]  psp_pci_init+0x2f/0x50 [ccp 
3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
[   34.654487]  sp_mod_init+0x32/0xff0 [ccp 
3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
[   34.654491]  do_one_initcall+0x5f/0x3c0
[   34.654493]  ? __kmalloc_cache_noprof+0x331/0x430
[   34.654498]  do_init_module+0x68/0x260
[   34.654500]  load_module+0x22ea/0x2410
[   34.654509]  ? kernel_read_file+0x2a4/0x320
[   34.654513]  init_module_from_file+0x96/0xd0
[   34.654515]  ? init_module_from_file+0x96/0xd0
[   34.654522]  idempotent_init_module+0x117/0x330
[   34.654530]  __x64_sys_finit_module+0x6f/0xe0
[   34.654532]  x64_sys_call+0x1f9e/0x20c0
[   34.654534]  do_syscall_64+0x8d/0x2d0
[   34.654536]  ? local_clock_noinstr+0x12/0xc0
[   34.654539]  ? rcu_read_unlock+0x1b/0x70
[   34.654541]  ? sched_clock_noinstr+0xd/0x20
[   34.654544]  ? local_clock_noinstr+0x12/0xc0
[   34.654547]  ? exc_page_fault+0x95/0x230
[   34.654551]  ? irqentry_exit_to_user_mode+0xb1/0x1e0
[   34.654553]  ? irqentry_exit+0x6f/0xa0
[   34.654555]  ? exc_page_fault+0xb4/0x230
[   34.654558]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   34.654559] RIP: 0033:0x7f0ed632725d
[   34.654560] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 
48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 
05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8b bb 0d 00 f7 d8 64 89 01 48
[   34.654561] RSP: 002b:00007ffe599733b8 EFLAGS: 00000246 ORIG_RAX: 
0000000000000139
[   34.654563] RAX: ffffffffffffffda RBX: 00005599a07b4370 RCX: 
00007f0ed632725d
[   34.654564] RDX: 0000000000000000 RSI: 00007f0ed662507d RDI: 
0000000000000022
[   34.654565] RBP: 00007ffe59973470 R08: 0000000000000040 R09: 
00007ffe59973420
[   34.654566] R10: 00007f0ed6403b20 R11: 0000000000000246 R12: 
00007f0ed662507d
[   34.654566] R13: 0000000000020000 R14: 00005599a07b6020 R15: 
00005599a07b9230
[   34.654572]  </TASK>
[   34.654573] irq event stamp: 212111
[   34.654574] hardirqs last  enabled at (212117): [<ffffffffb37a6786>] 
__up_console_sem+0x86/0x90
[   34.654576] hardirqs last disabled at (212122): [<ffffffffb37a676b>] 
__up_console_sem+0x6b/0x90
[   34.654577] softirqs last  enabled at (209856): [<ffffffffb36e364f>] 
handle_softirqs+0x32f/0x410
[   34.654579] softirqs last disabled at (209833): [<ffffffffb36e3800>] 
__irq_exit_rcu+0xc0/0xf0
[   34.654581] ---[ end trace 0000000000000000 ]---
Download attachment "forashish.config.gz" of type "application/gzip" (71145 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ