From: Joerg Roedel <joro@8bytes.org>
To: Borislav Petkov <bp@alien8.de>
Cc: x86@kernel.org, Joerg Roedel <jroedel@suse.de>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Kees Cook <keescook@chromium.org>,
Arvind Sankar <nivedita@alum.mit.edu>,
Martin Radev <martin.b.radev@gmail.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 2/5] x86/boot/compressed/64: Add CPUID sanity check to early #VC handler
Date: Wed, 28 Oct 2020 09:31:04 +0100 [thread overview]
Message-ID: <20201028083104.GB18723@8bytes.org> (raw)
In-Reply-To: <20201027103846.GB15580@zn.tnic>
On Tue, Oct 27, 2020 at 11:38:46AM +0100, Borislav Petkov wrote:
> So why are we doing those checks here at all then? I mean, the HV
> can tell us whatever it wants, i.e., make sure those checks pass but
> still report the C-bit at the wrong position. Which means that those
> checks are simply meh. So why are we doing them at all? To catch stupid
> hypervisors who can't even lie properly to the guest? :-)
To avoid that the HV tricks the kernel into the no_sev boot path, where
it would map memory unencrypted and possibly leak sensitive data. The HV
can do so by pretending SEV is disabled at all and by reporting the
wrond C-bit position. Both cases need to be checked.
Regards,
Joerg
next prev parent reply other threads:[~2020-10-28 22:36 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-21 12:39 [PATCH v3 0/5] x86/sev-es: Mitigate some HV attack vectors Joerg Roedel
2020-10-21 12:39 ` [PATCH v3 1/5] x86/boot/compressed/64: Introduce sev_status Joerg Roedel
2020-10-26 18:27 ` Borislav Petkov
2020-10-28 8:23 ` Joerg Roedel
2020-10-28 16:50 ` Arvind Sankar
2020-10-28 16:55 ` Joerg Roedel
2020-10-21 12:39 ` [PATCH v3 2/5] x86/boot/compressed/64: Add CPUID sanity check to early #VC handler Joerg Roedel
2020-10-27 10:38 ` Borislav Petkov
2020-10-28 8:31 ` Joerg Roedel [this message]
2020-10-21 12:39 ` [PATCH v3 3/5] x86/boot/compressed/64: Check SEV encryption in 64-bit boot-path Joerg Roedel
2020-10-27 11:08 ` Borislav Petkov
2020-10-28 8:38 ` Joerg Roedel
2020-10-27 11:09 ` Borislav Petkov
2020-10-21 12:39 ` [PATCH v3 4/5] x86/head/64: Check SEV encryption before switching to kernel page-table Joerg Roedel
2020-10-27 11:20 ` Borislav Petkov
2020-10-21 12:39 ` [PATCH v3 5/5] x86/sev-es: Do not support MMIO to/from encrypted memory Joerg Roedel
2020-10-27 11:26 ` Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201028083104.GB18723@8bytes.org \
--to=joro@8bytes.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=jroedel@suse.de \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=martin.b.radev@gmail.com \
--cc=mingo@redhat.com \
--cc=nivedita@alum.mit.edu \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox