From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 89476C433E0 for ; Wed, 10 Feb 2021 16:46:51 +0000 (UTC) Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id DB6A864DF6 for ; Wed, 10 Feb 2021 16:46:50 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DB6A864DF6 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=8bytes.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=virtualization-bounces@lists.linux-foundation.org Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 8A3C7873DC; Wed, 10 Feb 2021 16:46:50 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 86Zd3IKdUjTa; Wed, 10 Feb 2021 16:46:49 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by hemlock.osuosl.org (Postfix) with ESMTP id E26868729B; Wed, 10 Feb 2021 16:46:49 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id C3139C0174; Wed, 10 Feb 2021 16:46:49 +0000 (UTC) Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 58203C013A for ; Wed, 10 Feb 2021 16:46:48 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 47D2A86B00 for ; Wed, 10 Feb 2021 16:46:48 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i-LAN3S4lRNO for ; Wed, 10 Feb 2021 16:46:47 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from theia.8bytes.org (8bytes.org [81.169.241.247]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 7026B86AFD for ; Wed, 10 Feb 2021 16:46:47 +0000 (UTC) Received: by theia.8bytes.org (Postfix, from userid 1000) id 6B01C3C2; Wed, 10 Feb 2021 17:46:44 +0100 (CET) Date: Wed, 10 Feb 2021 17:46:42 +0100 From: Joerg Roedel To: Dave Hansen Subject: Re: [PATCH 6/7] x86/boot/compressed/64: Check SEV encryption in 32-bit boot-path Message-ID: <20210210164642.GE7302@8bytes.org> References: <20210210102135.30667-1-joro@8bytes.org> <20210210102135.30667-7-joro@8bytes.org> <0526b64e-8ef0-2e3c-06a7-e07835be160c@intel.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <0526b64e-8ef0-2e3c-06a7-e07835be160c@intel.com> User-Agent: Mutt/1.10.1 (2018-07-13) Cc: kvm@vger.kernel.org, Peter Zijlstra , Dave Hansen , virtualization@lists.linux-foundation.org, Arvind Sankar , hpa@zytor.com, Jiri Slaby , x86@kernel.org, David Rientjes , Martin Radev , Tom Lendacky , Joerg Roedel , Kees Cook , Cfir Cohen , Andy Lutomirski , Dan Williams , Juergen Gross , Mike Stunes , linux-kernel@vger.kernel.org, Sean Christopherson , Masami Hiramatsu , Erdem Aktas X-BeenThere: virtualization@lists.linux-foundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Linux virtualization List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: virtualization-bounces@lists.linux-foundation.org Sender: "Virtualization" On Wed, Feb 10, 2021 at 08:25:11AM -0800, Dave Hansen wrote: > This is all very cute. But, if this fails, it means that the .data > section is now garbage, right?. I guess failing here is less > entertaining than trying to run the kernel with random garbage in .data, > but it doesn't make it very far either way, right? Yes, if this fails the .data section is garbage, and more importantly, the .text section of the decompressed kernel image would be garbage too. The kernel won't get very far, but could possibly be tricked into releasing secrets to the hypervisor. > Why bother with rdrand, though? Couldn't you just pick any old piece of > .data and compare before and after? It is important that the Hypervisor can't predict what data will be written. It is written with paging off, so it will implicitly be encrypted. If the Hypervisor knows the data, it could use the small time window until it is read again to remap the gpa to a page with the expected data. Regards, Joerg _______________________________________________ Virtualization mailing list Virtualization@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/virtualization