Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3712813pxj; Tue, 1 Jun 2021 11:25:21 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzyyVxYvtH4x1g9BLqfzJjAmYDS0ivo7JflJ+oeHeJJdioiRkgKmLUwR3SPTaiE9d4RpkSw X-Received: by 2002:a17:906:2b1b:: with SMTP id a27mr31580605ejg.352.1622571920958; Tue, 01 Jun 2021 11:25:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622571920; cv=none; d=google.com; s=arc-20160816; b=KPvcqm+JQ6jTG2ne/SdzOOVGdKf2hQZSSCA3A+MM7Y26WPnKpsxRmuTTk/RBXiQ9ik 72edUCaR+9DazGq0ln7u36Wh/0v1XAg2BjmbRp4KSi6NAXd68HnP0W60KH+t0hrsT03w iZJZwqEPGtg5SyOtMC8fuFklebb7LRrmeQiHYOBv635mY3730IoNyYM6FxlZ+heILDBn 1jpkbVuf03tiBB5biD1D7WFKYheUg0RESIwmysykWkxTJU7yY/potjKnQZ35QngQ9ZOT FbNBRbOPs1jDA1ojflUEdByRF8eWLDgCU5yFANuK0O1yOav3Qu2pHdZnis6DnXh2MYqW /AuA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=tJXA6HXVxWBrx0FMpdafT6CUV8iMBF5xHQeDny+jk8w=; b=JOEl6Qdrvqjh9I4mP6OWsKkqHW7Njkvk5NyoeO6Ox0KWEGVIk0UMOFOXKHnah0I2qB 9bIshCZMQ9I7GdRWGGk3GsGx0HC/UhQSe5BLMk6FIjCfzhkD1nOF3frfl1Gn3/ngrhDR EfhQOTjdzWUIvTdHIcQqXuWdfIyNEQdpmmBAQspqOaY0kV5wPdGX8osO7T0NIq7DFSsX lJCR7II4ekAiVwZH3V5mReRzJoda1Y9NTWLdQNiHI7HJwQVPk6aYS5241UQUV/zkL7vD 39BRqEgX2RqztcaT5kIsSQK9Rchi+WJImJaH7XqqTUoR468I4DmracMgnKbJEcNm58zj LCQw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=Sp9xEdkP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id m26si17659344edp.58.2021.06.01.11.24.58; Tue, 01 Jun 2021 11:25:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=Sp9xEdkP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234628AbhFASZu (ORCPT + 99 others); Tue, 1 Jun 2021 14:25:50 -0400 Received: from mail.skyhub.de ([5.9.137.197]:53694 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233853AbhFASZt (ORCPT ); Tue, 1 Jun 2021 14:25:49 -0400 Received: from zn.tnic (p200300ec2f111d0082e984b2e91ac710.dip0.t-ipconnect.de [IPv6:2003:ec:2f11:1d00:82e9:84b2:e91a:c710]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 75E241EC01B7; Tue, 1 Jun 2021 20:24:06 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1622571846; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=tJXA6HXVxWBrx0FMpdafT6CUV8iMBF5xHQeDny+jk8w=; b=Sp9xEdkP1iBv9cZbO0Mn4+CaJvstno+vSwzYVQTaFWWB5MSoaE/igdzH8AE5b5t56A3ZGd Vq4zQGdd2fgpuAvhZKV1tUGF0HfKpcBc3MyfSqQHIbiZdJJLILjzLxEao6a8ipfddoX808 bk+WtVkH6cvTgz27zsb1iklH1JszDUs= Date: Tue, 1 Jun 2021 20:24:02 +0200 From: Borislav Petkov To: Sean Christopherson Cc: Tom Lendacky , Pu Wen , Joerg Roedel , x86@kernel.org, joro@8bytes.org, dave.hansen@linux.intel.com, peterz@infradead.org, tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, sashal@kernel.org, gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, stable@vger.kernel.org Subject: Re: [PATCH] x86/sev: Check whether SEV or SME is supported first Message-ID: References: <905ecd90-54d2-35f1-c8ab-c123d8a3d9a0@hygon.cn> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 01, 2021 at 06:08:19PM +0000, Sean Christopherson wrote: > But we have not yet verified that 0x8000001f is supported, only that the result > of CPUID.0x8000001f can be trusted (to handle Intel CPUs which return data from > the highest supported leaf if the provided leaf function is greater than the max > supported leaf). Verifying that 0x8000001f is supported doesn't happen until > 0x8000001f is actually read, which is currently done after the RDMSR that #GPs > and explodes. Yeah yeah, Tom just convinced me on IRC that the patch is ok after all... so let's do that. And again, we cannot stop hypervisors from doing shady things here so I don't even wanna try to. People should run SNP/TDX guests only anyway if they care about this stuff. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette