lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ced6b59fb9747c3e57d92b0a5620f9867bdaa106.camel@intel.com>
Date: Wed, 18 Jun 2025 23:53:18 +0000
From: "Huang, Kai" <kai.huang@...el.com>
To: "Luck, Tony" <tony.luck@...el.com>, "pbonzini@...hat.com"
	<pbonzini@...hat.com>, "Hunter, Adrian" <adrian.hunter@...el.com>,
	"seanjc@...gle.com" <seanjc@...gle.com>
CC: "kvm@...r.kernel.org" <kvm@...r.kernel.org>, "Li, Xiaoyao"
	<xiaoyao.li@...el.com>, "Zhao, Yan Y" <yan.y.zhao@...el.com>,
	"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
	"kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
	"binbin.wu@...ux.intel.com" <binbin.wu@...ux.intel.com>, "Chatre, Reinette"
	<reinette.chatre@...el.com>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>, "mingo@...hat.com" <mingo@...hat.com>,
	"Yamahata, Isaku" <isaku.yamahata@...el.com>, "tony.lindgren@...ux.intel.com"
	<tony.lindgren@...ux.intel.com>, "tglx@...utronix.de" <tglx@...utronix.de>,
	"linux-edac@...r.kernel.org" <linux-edac@...r.kernel.org>, "hpa@...or.com"
	<hpa@...or.com>, "Annapurve, Vishal" <vannapurve@...gle.com>, "Edgecombe,
 Rick P" <rick.p.edgecombe@...el.com>, "bp@...en8.de" <bp@...en8.de>, "Gao,
 Chao" <chao.gao@...el.com>, "x86@...nel.org" <x86@...nel.org>
Subject: Re: [PATCH 1/2] x86/mce: Fix missing address mask in recovery for
 errors in TDX/SEAM non-root mode

On Wed, 2025-06-18 at 23:39 +0000, Luck, Tony wrote:
> > > Commit 8a01ec97dc066 ("x86/mce: Mask out non-address bits from machine
> > > check bank") introduced a new #define MCI_ADDR_PHYSADDR for the mask of
> > > valid physical address bits within the machine check bank address register.
> > > 
> > > This is particularly needed in the case of errors in TDX/SEAM non-root mode
> > > because the reported address contains the TDX KeyID.
> > > 
> > 
> > Just wondering, do you know whether this is documented anywhere?  If it is,
> > I think it should be helpful if you can refer that in the changelog.
> 
> It's sort of hinted at in the SDM Vol 3B Figure 17-7. IA32_MCi_ADDR MSR
> with the footnote in the diagram:
> 
>   "Useful bits in this field depend on the address methodology in use when the
>    the register state is saved."

Thanks for the info.

> 
> Maybe there is something more explicit in documentation for memory encryption?

I didn't find any.  The TDX module base architecture spec (16.2.3. Memory
Integrity Error Logging, Machine Checks and Unbreakable Shutdowns) says
below:

  The poison memory address, at a granularity no finer than 32 bytes, is
  logged in IA32_MCi_ADDRESS MSRs.

It doesn't explicitly say KeyID is appended.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ