| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7ds23x6ifdvpagt3h2to3z5gmmfb356au5emokdny7bcuivvql@3yl3frlj7ecb>
Date: Mon, 22 Sep 2025 10:19:35 +0100
From: Kiryl Shutsemau <kas@...nel.org>
To: Neeraj Upadhyay <Neeraj.Upadhyay@....com>,
"Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
Cc: "thomas.lendacky@....com" <thomas.lendacky@....com>,
"john.allen@....com" <john.allen@....com>, "Gao, Chao" <chao.gao@...el.com>,
"seanjc@...gle.com" <seanjc@...gle.com>, "Li, Xiaoyao" <xiaoyao.li@...el.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "minipli@...ecurity.net" <minipli@...ecurity.net>,
"mlevitsk@...hat.com" <mlevitsk@...hat.com>, "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
"pbonzini@...hat.com" <pbonzini@...hat.com>
Subject: Re: [PATCH v15 29/41] KVM: SEV: Synchronize MSR_IA32_XSS from the
GHCB when it's valid
On Fri, Sep 19, 2025 at 08:58:45PM +0000, Edgecombe, Rick P wrote:
> +Kiryl, a CET selftest that does int80 fails on SEV-ES.
>
> On Fri, 2025-09-19 at 10:29 -0700, Rick Edgecombe wrote:
> > PS, we don't support CET on TDX currently even though it doesn't require
> > everything in this series, but I just remembered (forehead slap) that on the way
> > upstream the extra CET-TDX exclusion got pulled out. After this series, it would
> > be allowed in TDX guests as well. So we need to do the same testing in TDX. Let
> > me see how the test goes in TDX and get back to you.
>
> The test passes on a TDX guest:
>
> [INFO] new_ssp = 7f8c8d7ffff8, *new_ssp = 7f8c8d800001
> [INFO] changing ssp from 7f8c8e1ffff0 to 7f8c8d7ffff8
> [INFO] ssp is now 7f8c8d800000
> [OK] Shadow stack pivot
> [OK] Shadow stack faults
> [INFO] Corrupting shadow stack
> [INFO] Generated shadow stack violation successfully
> [OK] Shadow stack violation test
> [INFO] Gup read -> shstk access success
> [INFO] Gup write -> shstk access success
> [INFO] Violation from normal write
> [INFO] Gup read -> write access success
> [INFO] Violation from normal write
> [INFO] Gup write -> write access success
> [INFO] Cow gup write -> write access success
> [OK] Shadow gup test
> [INFO] Violation from shstk access
> [OK] mprotect() test
> [OK] Userfaultfd test
> [OK] Guard gap test, other mapping's gaps
> [OK] Guard gap test, placement mapping's gaps
> [OK] Ptrace test
> [OK] 32 bit test
> [OK] Uretprobe test
>
>
> I guess int 80 was re-enabled for TDX, after being disabled for both coco
> families. See commits starting back from f4116bfc4462 ("x86/tdx: Allow 32-bit
> emulation by default"). Not sure why it was done that way. If there is some way
> to re-enable int80 for SEV-ES too, we can leave the test as is. But if you
> decide to disable the 32 bit test to resolve this, please leave it working for
> TDX.
In TDX case, VAPIC state is protected VMM. It covers ISR, so guest can
safely check ISR to detect if the exception is external or internal.
IIUC, VAPIC state is controlled by VMM in SEV case and ISR is not
reliable.
I am not sure if Secure AVIC[1] changes the situation for AMD.
Neeraj?
[1] https://lore.kernel.org/all/20250811094444.203161-1-Neeraj.Upadhyay@amd.com/
--
Kiryl Shutsemau / Kirill A. Shutemov
Powered by blists - more mailing lists