lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <51aad9762bca3678f0d79adf72728e54c67973ce.camel@intel.com>
Date: Wed, 16 Jul 2025 11:33:19 +0000
From: "Huang, Kai" <kai.huang@...el.com>
To: "tglx@...utronix.de" <tglx@...utronix.de>, "khaliidcaliy@...il.com"
	<khaliidcaliy@...il.com>, "mingo@...hat.com" <mingo@...hat.com>,
	"bp@...en8.de" <bp@...en8.de>, "dave.hansen@...ux.intel.com"
	<dave.hansen@...ux.intel.com>
CC: "hpa@...or.com" <hpa@...or.com>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>, "khaliidcaly@...il.com"
	<khaliidcaly@...il.com>, "x86@...nel.org" <x86@...nel.org>
Subject: Re: [PATCH v8] x86/boot: Don't return encryption mask from
 __startup_64()

On Wed, 2025-07-16 at 09:11 +0000, Khalid Ali wrote:
> From: Khalid Ali <khaliidcaly@...il.com>
> 
> Avoid returning encryption mask to callers of __startup_64().
> 
> The encryption mask is available to callers and canbe accessed
						  ^
						  can be

> sme_get_me_mask() in C code and sme_me_mask symbol in assembly code.
> 
> This change aligns the way the mask is retrieved in
> secondary_startup_64_no_verify().
> 
> No functionality change intended, only consistency improvement, so the
> code becomes cleaner.
> 
> On intel processors sme_me_mask is zero. So, it is safe to add mask only
> if CONFIG_AMD_MEM_ENCRYPT.
> 
> Signed-off-by: Khalid Ali <khaliidcaly@...il.com>
> Acked-by: Kai Huang <kai.huang@...el.com>
> ---
> 
> Changes in v8:
>   * Improve commit message for clarity.

Apparently not jut commit message change, since ...



>  	/*
>  	 * Perform pagetable fixups. Additionally, if SME is active, encrypt
> -	 * the kernel and retrieve the modifier (SME encryption mask if SME
> -	 * is active) to be added to the initial pgdir entry that will be
> -	 * programmed into CR3.
> -	 */
> +	 * the kernel.
> +	*/

... the indent of this comment is broken.  Your v7 was fine.

And ...

>  	movq	%r15, %rsi
>  	call	__startup_64
>  
>  	/* Form the CR3 value being sure to include the CR3 modifier */
> -	leaq	early_top_pgt(%rip), %rcx
> -	addq	%rcx, %rax
> +	leaq	early_top_pgt(%rip), %rax
>  
>  #ifdef CONFIG_AMD_MEM_ENCRYPT
> +	/* Retrieve the modifier (SME encryption mask if SME
> +	 * is active) to be added to the initial pgdir entry that will be
> +	 * programmed into CR3.
> +	 */

... this comment style is broken too.  Again, your v7 was fine:

+	/*
+	 * Retrieve the modifier (SME encryption mask if SME
+	 * is active) to be added to the initial pgdir entry that will be
+	 * programmed into CR3.
+	 */


I am not sure how you ended up with those random broken changes, because
they are quite unusual to me.

Could you please remove my Acked-by?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ