lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <9a3f20181244d6cd4eaac6db1d16c2afd555b2f2.camel@intel.com>
Date: Wed, 4 Jun 2025 23:57:06 +0000
From: "Huang, Kai" <kai.huang@...el.com>
To: "tglx@...utronix.de" <tglx@...utronix.de>, "peterz@...radead.org"
	<peterz@...radead.org>, "mingo@...hat.com" <mingo@...hat.com>, "Hansen, Dave"
	<dave.hansen@...el.com>, "bp@...en8.de" <bp@...en8.de>, "hpa@...or.com"
	<hpa@...or.com>, "kirill.shutemov@...ux.intel.com"
	<kirill.shutemov@...ux.intel.com>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"samitolvanen@...gle.com" <samitolvanen@...gle.com>, "Edgecombe, Rick P"
	<rick.p.edgecombe@...el.com>, "x86@...nel.org" <x86@...nel.org>
Subject: Re: [PATCH] x86/virt/tdx: Add ENDBR for low level SEAMCALL assembly
 functions

On Wed, 2025-06-04 at 23:27 +0000, Huang, Kai wrote:
> On Wed, 2025-06-04 at 16:23 -0700, Dave Hansen wrote:
> > On 6/4/25 16:16, Huang, Kai wrote:
> > > Could you also let me know whether I should keep the Fixes tag, and the
> > > history in the changelog?
> > 
> > Yeah, I think you should keep the Fixes: tag, unless I'm missing something.
> > 
> > As for the history lesson, you can just say that you think that the TDX
> > code was OK when merged, but wasn't converted with the rest of the
> > Fixes: commit. That's all you need.
> 
> Will do.  Thanks for quick feedback.

After second thought, I think I was wrong about the target commit to Fixes,
because at that time I didn't consider CFI on CLANG.

When TDX code was merged, the SYM_FUNC_START() and SYM_TYPED_FUNC_START()
were already like this:

/* SYM_TYPED_FUNC_START -- use for indirectly called globals, w/ CFI type */
#define SYM_TYPED_FUNC_START(name)                              \
        SYM_TYPED_START(name, SYM_L_GLOBAL, SYM_F_ALIGN)        \
        ENDBR

/* SYM_FUNC_START -- use for global functions */
#define SYM_FUNC_START(name)                            \
        SYM_START(name, SYM_L_GLOBAL, SYM_F_ALIGN)      \
        ENDBR

So the TDX code was supposed to use SYM_TYPED_FUNC_START() at the first
place when sc_retry() logic was introduced in commit

  1e66a7e27539 ("x86/virt/tdx: Handle SEAMCALL no entropy error in common
code")

Note, the seamcall*() assembly was introduced at an earlier commit

  c33621b4c5ad ("x86/virt/tdx: Wire up basic SEAMCALL functions")

But arguably that commit didn't know SEAMCALL helpers could be called
indirectly.

So, thanks for bringing up the CFI.

And if you don't have further comments, I think I will add below as Fixes
commit w/o mentioning history in the changelog.

Fixes: 1e66a7e27539 ("x86/virt/tdx: Handle SEAMCALL no entropy error in
common code")

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ