lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <1668147701-4583-3-git-send-email-mikelley@microsoft.com> Date: Thu, 10 Nov 2022 22:21:31 -0800 From: Michael Kelley <mikelley@...rosoft.com> To: hpa@...or.com, kys@...rosoft.com, haiyangz@...rosoft.com, wei.liu@...nel.org, decui@...rosoft.com, luto@...nel.org, peterz@...radead.org, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, lpieralisi@...nel.org, robh@...nel.org, kw@...ux.com, bhelgaas@...gle.com, arnd@...db.de, hch@...radead.org, m.szyprowski@...sung.com, robin.murphy@....com, thomas.lendacky@....com, brijesh.singh@....com, tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, dave.hansen@...ux.intel.com, Tianyu.Lan@...rosoft.com, kirill.shutemov@...ux.intel.com, sathyanarayanan.kuppuswamy@...ux.intel.com, ak@...ux.intel.com, isaku.yamahata@...el.com, dan.j.williams@...el.com, jane.chu@...cle.com, seanjc@...gle.com, tony.luck@...el.com, x86@...nel.org, linux-kernel@...r.kernel.org, linux-hyperv@...r.kernel.org, netdev@...r.kernel.org, linux-pci@...r.kernel.org, linux-arch@...r.kernel.org, iommu@...ts.linux.dev Cc: mikelley@...rosoft.com Subject: [PATCH v2 02/12] x86/ioapic: Gate decrypted mapping on cc_platform_has() attribute Current code always maps the IOAPIC as shared (decrypted) in a confidential VM. But Hyper-V guest VMs on AMD SEV-SNP with vTOM enabled use a paravisor running in VMPL0 to emulate the IOAPIC. In such a case, the IOAPIC must be accessed as private (encrypted). Fix this by gating the IOAPIC decrypted mapping on a new cc_platform_has() attribute that a subsequent patch in the series will set only for Hyper-V guests. The new attribute is named somewhat generically because similar paravisor emulation cases may arise in the future. Signed-off-by: Michael Kelley <mikelley@...rosoft.com> Reviewed-by: Wei Liu <wei.liu@...nel.org> --- arch/x86/kernel/apic/io_apic.c | 3 ++- include/linux/cc_platform.h | 13 +++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/apic/io_apic.c b/arch/x86/kernel/apic/io_apic.c index a868b76..d2c1bf7 100644 --- a/arch/x86/kernel/apic/io_apic.c +++ b/arch/x86/kernel/apic/io_apic.c @@ -2686,7 +2686,8 @@ static void io_apic_set_fixmap(enum fixed_addresses idx, phys_addr_t phys) * Ensure fixmaps for IOAPIC MMIO respect memory encryption pgprot * bits, just like normal ioremap(): */ - flags = pgprot_decrypted(flags); + if (!cc_platform_has(CC_ATTR_HAS_PARAVISOR)) + flags = pgprot_decrypted(flags); __set_fixmap(idx, phys, flags); } diff --git a/include/linux/cc_platform.h b/include/linux/cc_platform.h index cb0d6cd..b6c4a79 100644 --- a/include/linux/cc_platform.h +++ b/include/linux/cc_platform.h @@ -90,6 +90,19 @@ enum cc_attr { * Examples include TDX Guest. */ CC_ATTR_HOTPLUG_DISABLED, + + /** + * @CC_ATTR_HAS_PARAVISOR: Guest VM is running with a paravisor + * + * The platform/OS is running as a guest/virtual machine with + * a paravisor in VMPL0. Having a paravisor affects things + * like whether the I/O APIC is emulated and operates in the + * encrypted or decrypted portion of the guest physical address + * space. + * + * Examples include Hyper-V SEV-SNP guests using vTOM. + */ + CC_ATTR_HAS_PARAVISOR, }; #ifdef CONFIG_ARCH_HAS_CC_PLATFORM -- 1.8.3.1
Powered by blists - more mailing lists