From: Borislav Petkov <bp@alien8.de>
To: "Peter Zijlstra" <peterz@infradead.org>, "Jörg Rödel" <joro@8bytes.org>
Cc: x86@kernel.org, Joan Bruguera <joanbrugueram@gmail.com>,
linux-kernel@vger.kernel.org, Juergen Gross <jgross@suse.com>,
"Rafael J. Wysocki" <rafael@kernel.org>,
xen-devel <xen-devel@lists.xenproject.org>,
Jan Beulich <jbeulich@suse.com>,
Roger Pau Monne <roger.pau@citrix.com>,
Kees Cook <keescook@chromium.org>,
mark.rutland@arm.com, Andrew Cooper <Andrew.Cooper3@citrix.com>,
"H. Peter Anvin" <hpa@zytor.com>
Subject: Re: [PATCH v2 2/7] x86/boot: Delay sev_verify_cbit() a bit
Date: Thu, 19 Jan 2023 14:18:47 +0100 [thread overview]
Message-ID: <Y8lDN73cNOmNuciV@zn.tnic> (raw)
In-Reply-To: <20230116143645.649204101@infradead.org>
On Mon, Jan 16, 2023 at 03:25:35PM +0100, Peter Zijlstra wrote:
> Per the comment it is important to call sev_verify_cbit() before the
> first RET instruction, this means we can delay calling this until more
Make that "... this means that this can be delayed until... "
And I believe this is not about the first RET insn but about the *next* RET
which will pop poisoned crap from the unencrypted stack and do shits with it.
Also, there's this over sev_verify_cbit():
* sev_verify_cbit() is called before switching to a new long-mode page-table
* at boot.
so you can't move it under the
movq %rax, %cr3
Looking at this more, there's a sme_enable() call on the BSP which is already in
C.
So, can we do that C-bit verification once on the BSP, *in C* which would be a
lot easier, and be done with it?
Once it is verified there, the bit is the same on all APs so all good.
Right?
joro?
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
next prev parent reply other threads:[~2023-01-19 13:19 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-16 14:25 [PATCH v2 0/7] x86: retbleed=stuff fixes Peter Zijlstra
2023-01-16 14:25 ` [PATCH v2 1/7] x86/boot: Remove verify_cpu() from secondary_startup_64() Peter Zijlstra
2023-01-17 9:25 ` Ingo Molnar
2023-01-18 9:45 ` Peter Zijlstra
2023-01-18 11:46 ` kirill.shutemov
2023-01-19 19:35 ` H. Peter Anvin
2023-01-26 14:15 ` Peter Zijlstra
2023-01-16 14:25 ` [PATCH v2 2/7] x86/boot: Delay sev_verify_cbit() a bit Peter Zijlstra
2023-01-19 13:18 ` Borislav Petkov [this message]
2023-01-20 12:43 ` Jörg Rödel
2023-01-16 14:25 ` [PATCH v2 3/7] x86/power: De-paravirt restore_processor_state() Peter Zijlstra
2023-01-20 20:26 ` Borislav Petkov
2023-01-16 14:25 ` [PATCH v2 4/7] x86/power: Inline write_cr[04]() Peter Zijlstra
2023-01-20 20:29 ` Borislav Petkov
2023-01-16 14:25 ` [PATCH v2 5/7] x86/callthunk: No callthunk for restore_processor_state() Peter Zijlstra
2023-01-16 14:25 ` [PATCH v2 6/7] x86/power: Sprinkle some noinstr Peter Zijlstra
2023-01-17 9:31 ` Ingo Molnar
2023-01-17 11:29 ` Peter Zijlstra
2023-01-17 11:54 ` Ingo Molnar
2023-01-16 14:25 ` [PATCH v2 7/7] PM / hibernate: Add minimal noinstr annotations Peter Zijlstra
2023-01-18 1:54 ` [PATCH v2 0/7] x86: retbleed=stuff fixes Joan Bruguera
2023-05-16 13:59 ` Josh Poimboeuf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y8lDN73cNOmNuciV@zn.tnic \
--to=bp@alien8.de \
--cc=Andrew.Cooper3@citrix.com \
--cc=hpa@zytor.com \
--cc=jbeulich@suse.com \
--cc=jgross@suse.com \
--cc=joanbrugueram@gmail.com \
--cc=joro@8bytes.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=peterz@infradead.org \
--cc=rafael@kernel.org \
--cc=roger.pau@citrix.com \
--cc=x86@kernel.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.