From: Joerg Roedel <jroedel@suse.de>
To: Arvind Sankar <nivedita@alum.mit.edu>
Cc: Joerg Roedel <joro@8bytes.org>, Borislav Petkov <bp@alien8.de>,
x86@kernel.org, Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Kees Cook <keescook@chromium.org>,
Martin Radev <martin.b.radev@gmail.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 1/5] x86/boot/compressed/64: Introduce sev_status
Date: Wed, 28 Oct 2020 17:55:43 +0100 [thread overview]
Message-ID: <20201028165543.GL22179@suse.de> (raw)
In-Reply-To: <20201028165007.GB1989568@rani.riverdale.lan>
On Wed, Oct 28, 2020 at 12:50:07PM -0400, Arvind Sankar wrote:
> On Wed, Oct 28, 2020 at 09:23:52AM +0100, Joerg Roedel wrote:
> > On Mon, Oct 26, 2020 at 07:27:06PM +0100, Borislav Petkov wrote:
> > > A couple of lines above you call get_sev_encryption_bit() which already
> > > reads MSR_AMD64_SEV. Why not set sev_status there too instead of reading
> > > that MSR again here?
> > >
> > > It can read that MSR once and use sev_status(%rip) from then on to avoid
> > > reading that MSR multiple times...
> >
> > Right, makes sense. I updated the patch.
>
> Hang on, get_sev_encryption_bit() is also called from startup_32(),
> so it can't contain any 64-bit instructions to set sev_status.
Yeah, figured that out too and discussed it with Boris. Decided to leave
it as-is and add a comment why the MSR is re-read.
Thanks,
Joerg
next prev parent reply other threads:[~2020-10-29 2:45 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-21 12:39 [PATCH v3 0/5] x86/sev-es: Mitigate some HV attack vectors Joerg Roedel
2020-10-21 12:39 ` [PATCH v3 1/5] x86/boot/compressed/64: Introduce sev_status Joerg Roedel
2020-10-26 18:27 ` Borislav Petkov
2020-10-28 8:23 ` Joerg Roedel
2020-10-28 16:50 ` Arvind Sankar
2020-10-28 16:55 ` Joerg Roedel [this message]
2020-10-21 12:39 ` [PATCH v3 2/5] x86/boot/compressed/64: Add CPUID sanity check to early #VC handler Joerg Roedel
2020-10-27 10:38 ` Borislav Petkov
2020-10-28 8:31 ` Joerg Roedel
2020-10-21 12:39 ` [PATCH v3 3/5] x86/boot/compressed/64: Check SEV encryption in 64-bit boot-path Joerg Roedel
2020-10-27 11:08 ` Borislav Petkov
2020-10-28 8:38 ` Joerg Roedel
2020-10-27 11:09 ` Borislav Petkov
2020-10-21 12:39 ` [PATCH v3 4/5] x86/head/64: Check SEV encryption before switching to kernel page-table Joerg Roedel
2020-10-27 11:20 ` Borislav Petkov
2020-10-21 12:39 ` [PATCH v3 5/5] x86/sev-es: Do not support MMIO to/from encrypted memory Joerg Roedel
2020-10-27 11:26 ` Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201028165543.GL22179@suse.de \
--to=jroedel@suse.de \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=joro@8bytes.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=martin.b.radev@gmail.com \
--cc=mingo@redhat.com \
--cc=nivedita@alum.mit.edu \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.