| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <700f57f7-7a36-444c-baae-b5c2f9f5da18@amd.com>
Date: Tue, 27 May 2025 15:47:19 -0500
From: "Kalra, Ashish" <ashish.kalra@....com>
To: Kim Phillips <kim.phillips@....com>, seanjc@...gle.com,
pbonzini@...hat.com, tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
dave.hansen@...ux.intel.com, hpa@...or.com, herbert@...dor.apana.org.au
Cc: x86@...nel.org, john.allen@....com, davem@...emloft.net,
thomas.lendacky@....com, michael.roth@....com, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-crypto@...r.kernel.org
Subject: Re: [PATCH v4 0/5] Add SEV-SNP CipherTextHiding feature support
Hello Kim,
On 5/22/2025 9:56 AM, Kim Phillips wrote:
> Hi Ashish,
>
> On 5/19/25 6:56 PM, Ashish Kalra wrote:
>> From: Ashish Kalra <ashish.kalra@....com>
>>
>> Ciphertext hiding prevents host accesses from reading the ciphertext
>> of SNP guest private memory. Instead of reading ciphertext, the host
>> will see constant default values (0xff).
> If I apply this on top of next-20250522, I get the following stacktrace,
> i.e., this assertion failure:
>
> static int sev_write_init_ex_file_if_required(int cmd_id)
> {
> lockdep_assert_held(&sev_cmd_mutex);
>
> Config attached.
>
> Thanks,
>
> Kim
The lockdep assertion is triggered as snp_get_platform_data() issues SNP_PLATFORM_STATUS and SNP_FEATURE_INFO commands without acquiring sev_cmd_mutex and then sev_cmd_mutex being held check (lockdep_assert_held()) getting triggered as part of __sev_do_cmd_locked().
I will fix snp_get_platform_data() to issue SNP_PLATFORM_STATUS and SNP_FEATURE_INFO commands using sev_do_cmd() instead of using __sev_do_cmd_locked() for the next version of this patch-series.
Thanks,
Ashish
>
> [ 34.653536] ------------[ cut here ]------------
> [ 34.653545] WARNING: CPU: 92 PID: 4581 at drivers/crypto/ccp/sev-dev.c:349 __sev_do_cmd_locked+0x7eb/0xb90 [ccp]
> [ 34.653570] Modules linked in: binfmt_misc rapl wmi_bmof kvm ast drm_client_lib drm_shmem_helper drm_kms_helper ccp(+) i2c_algo_bit i2c_piix4 k10temp i2c_smbus acpi_ipmi ipmi_si(+) ipmi_devintf ipmi_msghandler mac_hid sch_fq_codel dm_multipath drm efi_pstore nfnetlink dmi_sysfs ip_tables x_tables autofs4 btrfs blake2b_generic raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq raid1 raid0 linear dm_mirror dm_region_hash dm_log ghash_clmulni_intel nvme sha512_ssse3 ahci sha1_ssse3 libahci nvme_core wmi aesni_intel
> [ 34.653645] CPU: 92 UID: 0 PID: 4581 Comm: (udev-worker) Not tainted 6.15.0-rc7-next-20250522+ #4 PREEMPT(voluntary) 849304994a065362c1f65db9527c0b4292d5aea6
> [ 34.653651] Hardware name: AMD Corporation VOLCANO/VOLCANO, BIOS RVOT1005B 04/08/2025
> [ 34.653653] RIP: 0010:__sev_do_cmd_locked+0x7eb/0xb90 [ccp]
> [ 34.653661] Code: fa ff ff be ff ff ff ff 48 c7 c7 50 cd b1 c0 44 89 85 70 ff ff ff e8 c4 fe f3 f3 44 8b 85 70 ff ff ff 85 c0 0f 85 e2 fd ff ff <0f> 0b e9 db fd ff ff 48 8b 05 57 aa 12 00 8b 0d 95 82 0c f5 48 c7
> [ 34.653664] RSP: 0018:ff51f9b5d9f37890 EFLAGS: 00010246
> [ 34.653668] RAX: 0000000000000000 RBX: 0000000000000083 RCX: 0000000000000001
> [ 34.653671] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000246
> [ 34.653672] RBP: ff51f9b5d9f37940 R08: 0000000000000000 R09: 0000000000000000
> [ 34.653674] R10: 0000000000000001 R11: 0000000000000001 R12: ff51f9b5d9f37954
> [ 34.653676] R13: ff3121dada778000 R14: 0000000000000000 R15: ff3121dadb5c5028
> [ 34.653677] FS: 00007f0ed64488c0(0000) GS:ff3121e9b1a00000(0000) knlGS:0000000000000000
> [ 34.653679] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 34.653681] CR2: 00005599a0790fc8 CR3: 0000000108cd8001 CR4: 0000000000771ef0
> [ 34.653684] PKRU: 55555554
> [ 34.653686] Call Trace:
> [ 34.653687] <TASK>
> [ 34.653701] sev_get_api_version+0xb2/0x2b0 [ccp 3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
> [ 34.653714] ? __pfx_sp_mod_init+0x10/0x10 [ccp 3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
> [ 34.653727] sev_pci_init+0x4a/0x320 [ccp 3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
> [ 34.653733] ? preempt_count_sub+0x50/0x80
> [ 34.653741] ? _raw_write_unlock_irqrestore+0x53/0x90
> [ 34.653748] ? __pfx_sp_mod_init+0x10/0x10 [ccp 3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
> [ 34.653756] psp_pci_init+0x2f/0x50 [ccp 3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
> [ 34.653763] sp_mod_init+0x32/0xff0 [ccp 3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
> [ 34.653770] do_one_initcall+0x5f/0x3c0
> [ 34.653774] ? __kmalloc_cache_noprof+0x331/0x430
> [ 34.653784] do_init_module+0x68/0x260
> [ 34.653789] load_module+0x22ea/0x2410
> [ 34.653803] ? kernel_read_file+0x2a4/0x320
> [ 34.653811] init_module_from_file+0x96/0xd0
> [ 34.653815] ? init_module_from_file+0x96/0xd0
> [ 34.653825] idempotent_init_module+0x117/0x330
> [ 34.653836] __x64_sys_finit_module+0x6f/0xe0
> [ 34.653841] x64_sys_call+0x1f9e/0x20c0
> [ 34.653844] do_syscall_64+0x8d/0x2d0
> [ 34.653849] ? local_clock_noinstr+0x12/0xc0
> [ 34.653855] ? rcu_read_unlock+0x1b/0x70
> [ 34.653860] ? sched_clock_noinstr+0xd/0x20
> [ 34.653864] ? local_clock_noinstr+0x12/0xc0
> [ 34.653869] ? exc_page_fault+0x95/0x230
> [ 34.653876] ? irqentry_exit_to_user_mode+0xb1/0x1e0
> [ 34.653880] ? irqentry_exit+0x6f/0xa0
> [ 34.653882] ? exc_page_fault+0xb4/0x230
> [ 34.653886] entry_SYSCALL_64_after_hwframe+0x76/0x7e
> [ 34.653888] RIP: 0033:0x7f0ed632725d
> [ 34.653892] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8b bb 0d 00 f7 d8 64 89 01 48
> [ 34.653894] RSP: 002b:00007ffe599733b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
> [ 34.653897] RAX: ffffffffffffffda RBX: 00005599a07b4370 RCX: 00007f0ed632725d
> [ 34.653899] RDX: 0000000000000000 RSI: 00007f0ed662507d RDI: 0000000000000022
> [ 34.653901] RBP: 00007ffe59973470 R08: 0000000000000040 R09: 00007ffe59973420
> [ 34.653902] R10: 00007f0ed6403b20 R11: 0000000000000246 R12: 00007f0ed662507d
> [ 34.653903] R13: 0000000000020000 R14: 00005599a07b6020 R15: 00005599a07b9230
> [ 34.653913] </TASK>
> [ 34.653914] irq event stamp: 211387
> [ 34.653916] hardirqs last enabled at (211393): [<ffffffffb37a6786>] __up_console_sem+0x86/0x90
> [ 34.653922] hardirqs last disabled at (211398): [<ffffffffb37a676b>] __up_console_sem+0x6b/0x90
> [ 34.653923] softirqs last enabled at (209856): [<ffffffffb36e364f>] handle_softirqs+0x32f/0x410
> [ 34.653928] softirqs last disabled at (209833): [<ffffffffb36e3800>] __irq_exit_rcu+0xc0/0xf0
> [ 34.653932] ---[ end trace 0000000000000000 ]---
> [ 34.654388] ------------[ cut here ]------------
> [ 34.654391] WARNING: CPU: 92 PID: 4581 at drivers/crypto/ccp/sev-dev.c:349 __sev_do_cmd_locked+0x7eb/0xb90 [ccp]
> [ 34.654396] Modules linked in: binfmt_misc rapl wmi_bmof kvm ast drm_client_lib drm_shmem_helper drm_kms_helper ccp(+) i2c_algo_bit i2c_piix4 k10temp i2c_smbus acpi_ipmi ipmi_si(+) ipmi_devintf ipmi_msghandler mac_hid sch_fq_codel dm_multipath drm efi_pstore nfnetlink dmi_sysfs ip_tables x_tables autofs4 btrfs blake2b_generic raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq raid1 raid0 linear dm_mirror dm_region_hash dm_log ghash_clmulni_intel nvme sha512_ssse3 ahci sha1_ssse3 libahci nvme_core wmi aesni_intel
> [ 34.654430] CPU: 92 UID: 0 PID: 4581 Comm: (udev-worker) Tainted: G W 6.15.0-rc7-next-20250522+ #4 PREEMPT(voluntary) 849304994a065362c1f65db9527c0b4292d5aea6
> [ 34.654433] Tainted: [W]=WARN
> [ 34.654435] RIP: 0010:__sev_do_cmd_locked+0x7eb/0xb90 [ccp]
> [ 34.654439] Code: fa ff ff be ff ff ff ff 48 c7 c7 50 cd b1 c0 44 89 85 70 ff ff ff e8 c4 fe f3 f3 44 8b 85 70 ff ff ff 85 c0 0f 85 e2 fd ff ff <0f> 0b e9 db fd ff ff 48 8b 05 57 aa 12 00 8b 0d 95 82 0c f5 48 c7
> [ 34.654440] RSP: 0018:ff51f9b5d9f37890 EFLAGS: 00010246
> [ 34.654442] RAX: 0000000000000000 RBX: 00000000000000ce RCX: 0000000000000001
> [ 34.654443] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000246
> [ 34.654443] RBP: ff51f9b5d9f37940 R08: 0000000000000000 R09: 0000000000000000
> [ 34.654444] R10: 0000000000000001 R11: 0000000000000001 R12: ff51f9b5d9f37968
> [ 34.654445] R13: ff3121dada778000 R14: 0000000000000000 R15: ff3121dadb5c5028
> [ 34.654446] FS: 00007f0ed64488c0(0000) GS:ff3121e9b1a00000(0000) knlGS:0000000000000000
> [ 34.654447] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 34.654448] CR2: 00005599a0790fc8 CR3: 0000000108cd8001 CR4: 0000000000771ef0
> [ 34.654449] PKRU: 55555554
> [ 34.654450] Call Trace:
> [ 34.654451] <TASK>
> [ 34.654457] sev_get_api_version+0x1e6/0x2b0 [ccp 3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
> [ 34.654463] ? __pfx_sp_mod_init+0x10/0x10 [ccp 3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
> [ 34.654469] sev_pci_init+0x4a/0x320 [ccp 3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
> [ 34.654473] ? preempt_count_sub+0x50/0x80
> [ 34.654475] ? _raw_write_unlock_irqrestore+0x53/0x90
> [ 34.654477] ? __pfx_sp_mod_init+0x10/0x10 [ccp 3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
> [ 34.654482] psp_pci_init+0x2f/0x50 [ccp 3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
> [ 34.654487] sp_mod_init+0x32/0xff0 [ccp 3cf3cbacf97e77e53be58eab8d4f5347a13f205d]
> [ 34.654491] do_one_initcall+0x5f/0x3c0
> [ 34.654493] ? __kmalloc_cache_noprof+0x331/0x430
> [ 34.654498] do_init_module+0x68/0x260
> [ 34.654500] load_module+0x22ea/0x2410
> [ 34.654509] ? kernel_read_file+0x2a4/0x320
> [ 34.654513] init_module_from_file+0x96/0xd0
> [ 34.654515] ? init_module_from_file+0x96/0xd0
> [ 34.654522] idempotent_init_module+0x117/0x330
> [ 34.654530] __x64_sys_finit_module+0x6f/0xe0
> [ 34.654532] x64_sys_call+0x1f9e/0x20c0
> [ 34.654534] do_syscall_64+0x8d/0x2d0
> [ 34.654536] ? local_clock_noinstr+0x12/0xc0
> [ 34.654539] ? rcu_read_unlock+0x1b/0x70
> [ 34.654541] ? sched_clock_noinstr+0xd/0x20
> [ 34.654544] ? local_clock_noinstr+0x12/0xc0
> [ 34.654547] ? exc_page_fault+0x95/0x230
> [ 34.654551] ? irqentry_exit_to_user_mode+0xb1/0x1e0
> [ 34.654553] ? irqentry_exit+0x6f/0xa0
> [ 34.654555] ? exc_page_fault+0xb4/0x230
> [ 34.654558] entry_SYSCALL_64_after_hwframe+0x76/0x7e
> [ 34.654559] RIP: 0033:0x7f0ed632725d
> [ 34.654560] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8b bb 0d 00 f7 d8 64 89 01 48
> [ 34.654561] RSP: 002b:00007ffe599733b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
> [ 34.654563] RAX: ffffffffffffffda RBX: 00005599a07b4370 RCX: 00007f0ed632725d
> [ 34.654564] RDX: 0000000000000000 RSI: 00007f0ed662507d RDI: 0000000000000022
> [ 34.654565] RBP: 00007ffe59973470 R08: 0000000000000040 R09: 00007ffe59973420
> [ 34.654566] R10: 00007f0ed6403b20 R11: 0000000000000246 R12: 00007f0ed662507d
> [ 34.654566] R13: 0000000000020000 R14: 00005599a07b6020 R15: 00005599a07b9230
> [ 34.654572] </TASK>
> [ 34.654573] irq event stamp: 212111
> [ 34.654574] hardirqs last enabled at (212117): [<ffffffffb37a6786>] __up_console_sem+0x86/0x90
> [ 34.654576] hardirqs last disabled at (212122): [<ffffffffb37a676b>] __up_console_sem+0x6b/0x90
> [ 34.654577] softirqs last enabled at (209856): [<ffffffffb36e364f>] handle_softirqs+0x32f/0x410
> [ 34.654579] softirqs last disabled at (209833): [<ffffffffb36e3800>] __irq_exit_rcu+0xc0/0xf0
> [ 34.654581] ---[ end trace 0000000000000000 ]---
Powered by blists - more mailing lists