Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp311491ybh; Wed, 15 Jul 2020 02:35:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJysp/zh7ohY1RHUawJcyqfbr5DK0NIimn9+89lIJeiDlKWYJIahi5zfx1FT4iCqYFwdZVKT X-Received: by 2002:a17:906:40d7:: with SMTP id a23mr8173659ejk.421.1594805755245; Wed, 15 Jul 2020 02:35:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594805755; cv=none; d=google.com; s=arc-20160816; b=bdZ25RWY+4NiFu36diDO8eyHmf2/ZUpDpC/k9x0h2CNwgbdR0FHr3aTTqLvVLto4Kp yStUiaQEhKJEqzkvsAZx5RegZa0IAXIWPPiLW32CoRqxrQ3myiB0bbOt+PdKXAKVMl1I D5wDMbhzgdrvQUdK2mREcYNlbAqoOS58wWaCL0b25kJnK6a1V/ZLdQKpYTDATQ90rLY8 zJDlwupJFPGMq+YS8m6NV5u7qqwpG4GOptrPc3XVeewY6DwbZK7u0hRl+IF4aI7Iw51S dxK9OilrR6+5LSNC+GGVb8EL4uLcdZSrbbZoslpMlKtvgcGDSW8UlzS96VKqFQJ/hdS4 f6gQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=G3U7TLxheiLpWDKXWeU9wGgbppWFetgTZ88ngqUCeBQ=; b=gYnSDQrHlyOWq4cTGj/nn/QVNY1FxRTQFWrC66mZTIdehkUFX7ZRCBvsm5/W5FKrql aG9lmdXav0BeG5NPPLIZqAOZ6b4wWZSYaAUXsIpFOWknKq3jht3r9KYkkq8d4BUpoX6a 6tWayBOf51PQmxvzSYHc8uqrGRxH+/8c22FO/cFx7PyF8NmyVepmZ+4iCUFzU7hYEIhZ KX7MN6LarOFl+ZqHAk2OC/yGjqRHoE0dtjpKyVTnnp3rUe3jppxTLE7wkpf9ASk6ff5I XgOMo+5MfOP3wytftZftTx2kB1MVdz8/2ev/iPuPE9PwQ2BI2pMCvRR01NchpawQ78QQ XRMA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w6si937029eja.471.2020.07.15.02.35.31; Wed, 15 Jul 2020 02:35:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730703AbgGOJ0m (ORCPT + 99 others); Wed, 15 Jul 2020 05:26:42 -0400 Received: from [195.135.220.15] ([195.135.220.15]:36262 "EHLO mx2.suse.de" rhost-flags-FAIL-FAIL-OK-OK) by vger.kernel.org with ESMTP id S1729869AbgGOJ0m (ORCPT ); Wed, 15 Jul 2020 05:26:42 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id 0D1F0AF6F; Wed, 15 Jul 2020 09:26:44 +0000 (UTC) Date: Wed, 15 Jul 2020 11:26:38 +0200 From: Joerg Roedel To: Kees Cook Cc: Joerg Roedel , x86@kernel.org, hpa@zytor.com, Andy Lutomirski , Dave Hansen , Peter Zijlstra , Jiri Slaby , Dan Williams , Tom Lendacky , Juergen Gross , David Rientjes , Cfir Cohen , Erdem Aktas , Masami Hiramatsu , Mike Stunes , Sean Christopherson , Martin Radev , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, virtualization@lists.linux-foundation.org Subject: Re: [PATCH v4 70/75] x86/head/64: Don't call verify_cpu() on starting APs Message-ID: <20200715092638.GJ16200@suse.de> References: <20200714120917.11253-1-joro@8bytes.org> <20200714120917.11253-71-joro@8bytes.org> <202007141837.2B93BBD78@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <202007141837.2B93BBD78@keescook> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Kees, thanks for your reviews! On Tue, Jul 14, 2020 at 06:40:30PM -0700, Kees Cook wrote: > Eek, no. MSR_IA32_MISC_ENABLE_XD_DISABLE needs to be cleared very early > during CPU startup; this can't just be skipped. That MSR is Intel-only, right? The boot-path installed here is only used for SEV-ES guests, running on AMD systems, so this MSR is not even accessed during boot on those VMs. The alternative is to set up exception handling prior to calling verify_cpu, including segments, stack and IDT. Given that verify_cpu() does not add much value to SEV-ES guests, I'd like to avoid adding this complexity. > Also, is UNWIND_HINT_EMPTY needed for the new target? Yes, I think it is, will add it in the next version. Regards, Joerg