lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <db253af8-1248-4d68-adec-83e318924cd8@amd.com>
Date: Thu, 21 Aug 2025 05:58:56 -0500
From: "Kalra, Ashish" <ashish.kalra@....com>
To: Kim Phillips <kim.phillips@....com>, Randy Dunlap
 <rdunlap@...radead.org>, corbet@....net, seanjc@...gle.com,
 pbonzini@...hat.com, tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
 dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com,
 thomas.lendacky@....com, herbert@...dor.apana.org
Cc: akpm@...ux-foundation.org, rostedt@...dmis.org, paulmck@...nel.org,
 michael.roth@....com, linux-doc@...r.kernel.org,
 linux-kernel@...r.kernel.org, kvm@...r.kernel.org
Subject: Re: [PATCH v9 2/2] KVM: SEV: Add SEV-SNP CipherTextHiding support



On 8/21/2025 5:30 AM, Kim Phillips wrote:
> On 8/20/25 6:23 PM, Kalra, Ashish wrote:
>> On 8/20/2025 5:45 PM, Randy Dunlap wrote:
>>> On 8/20/25 1:50 PM, Ashish Kalra wrote:
>>>> @@ -3064,10 +3070,32 @@ void __init sev_hardware_setup(void)
>>>>   out:
>>>>       if (sev_enabled) {
>>>>           init_args.probe = true;
>>>> +
>>>> +        if (sev_is_snp_ciphertext_hiding_supported())
>>>> +            init_args.max_snp_asid = min(nr_ciphertext_hiding_asids,
>>>> +                             min_sev_asid - 1);
>>>> +
>>>>           if (sev_platform_init(&init_args))
>>>>               sev_supported = sev_es_supported = sev_snp_supported = false;
>>>>           else if (sev_snp_supported)
>>>>               sev_snp_supported = is_sev_snp_initialized();
>>>> +
>>>> +        if (sev_snp_supported)
>>>> +            nr_ciphertext_hiding_asids = init_args.max_snp_asid;
>>>> +
>>>> +        /*
>>>> +         * If ciphertext hiding is enabled, the joint SEV-ES/SEV-SNP
>>>> +         * ASID range is partitioned into separate SEV-ES and SEV-SNP
>>>> +         * ASID ranges, with the SEV-SNP range being [1..max_snp_asid]
>>>> +         * and the SEV-ES range being [max_snp_asid..max_sev_es_asid].
>>>                                       [max_snp_asid + 1..max_sev_es_asid]
>>> ?
>> Yes.
> 
> So why wouldn't you have left Sean's original "(max_snp_asid..max_sev_es_asid]" as-is?
> 
> Kim
> 

Because that i believe is a typo and the correct SEV-ES range is [max_snp_asid + 1..max_sev_es_asid].

Ashish

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ