Received: by 2002:a89:413:0:b0:1fd:dba5:e537 with SMTP id m19csp920039lqs; Fri, 14 Jun 2024 09:15:10 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXVsKu1/FnVY3j95D0L0iRPrGHXrVaU72w/9vQjpPOGXo1WcQrHVs10NKfJ0K6aVV1+aU5nrnZ5Tr0qkyX8DLbsDLTlikcKw63Ov0AwGw== X-Google-Smtp-Source: AGHT+IHF1LNALYYVkmIzNVhsfFTtcPCa3noth8hPxNfvm288WiATnmzJDmhFpNqmoFB8RPuoNEiI X-Received: by 2002:a05:6830:3447:b0:6f9:79bb:b3ca with SMTP id 46e09a7af769-6fb9388226emr3601376a34.22.1718381709577; Fri, 14 Jun 2024 09:15:09 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1718381709; cv=pass; d=google.com; s=arc-20160816; b=Parstx9+JsiqBW/sjo2K7lfkgJVOikB7nbM9AwMNwEj7ixSdafQZaiLCOBYFrK+4X4 AXhkwjoqhRfFQEA7OBTUMKnG7JF0h/U8Mf0N6i7Z31sREwi9nJMsy0dB98h9L3azEOWA k+/LalOjSDIDdifrjCpw70MFZ/G7N2SKbESh+mYi342BHlxMkfM5V+LuwE4fxOzB2FPP bkzGBAPZHoyPFLrTitGayt9Wtv9Yis/ld44jT+apv7UGah3zpz1EAaFqr7U9d2vkhyPj E/1aA5JFMOkgBbrJyVDsAzGa2japFcPhWLW6c1OCgw0B2zPlCSKkGxwtrGnozByeGwpp gnAw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=i2Oov2b/x7FRTX2KE+EloDSI1YULDDwDpYnfJIwHGJE=; fh=3RLNkIxak4U5XtHXWh+4LMSIFTW3ovGWC4HrnY8k9ck=; b=sRD/pfjgHUDebvZ/Maz15BG+7MRw524o3ID02S8Z+yN8V368idG7A1IJcLODcX+bGt 0G9Ik9/QmxcGdZyLcPueQu1iFSxA8FF8qYnp5bREh6xbp4tSF1JuvMP+IXJVFWwia2Fi LeMLc5c/XVHrZVIBBnSJWBCO/wLkYK2LkUnSIHrbE9oehy4SjurX3pdalXUN/vSpThdr tTFKUFuMO8WpX6Dkfqrzf3U8Auvmm5EaC3Wy7cKGvmCtdSxIyLJsjHu9kQjUrAN98nj6 bDeJcctMFCrwvX9qrhNVFfPm8HI6AN/mj+iPApEPvRlNt4Qq+usbZt5AoYO/4LsrG/lF qzKA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@alien8.de header.s=alien8 header.b=iZBd8+jP; arc=pass (i=1 spf=pass spfdomain=alien8.de dkim=pass dkdomain=alien8.de dmarc=pass fromdomain=alien8.de); spf=pass (google.com: domain of linux-kernel+bounces-215212-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-215212-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id af79cd13be357-798aadc408csi381133585a.198.2024.06.14.09.15.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Jun 2024 09:15:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-215212-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=alien8 header.b=iZBd8+jP; arc=pass (i=1 spf=pass spfdomain=alien8.de dkim=pass dkdomain=alien8.de dmarc=pass fromdomain=alien8.de); spf=pass (google.com: domain of linux-kernel+bounces-215212-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-215212-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 4250B1C229A1 for ; Fri, 14 Jun 2024 16:15:09 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 6C7BB16F0EA; Fri, 14 Jun 2024 16:14:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (4096-bit key) header.d=alien8.de header.i=@alien8.de header.b="iZBd8+jP" Received: from mail.alien8.de (mail.alien8.de [65.109.113.108]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E940416C692; Fri, 14 Jun 2024 16:14:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=65.109.113.108 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718381684; cv=none; b=eNtxVMArnn/KDqxj5uEqDhxpiabtaUGHHPAA/j70Jzv8phi1iSH5aMn0yyCG+daTb5tRNCSzyF65oX4QqIsSxnKNmfBmqc8se7/uqu5MyWlANV/vcJvMQtYID/dRzuTDV543NHpytUzCMy3d1e8TDx924mI91oRZm5NjtqSqsv4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718381684; c=relaxed/simple; bh=LMw3EUTdmoUsLVtEEpSfoba4SLHWBjDgCwfZRp5X+e8=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=YfWYHO+Ab+kcOGl4pbWoNJedn4ZpSoWjG7LmpjmqHE+yci3mfuX1ouLBpc8DwcXpkO8oSoVA5/3NWU0twcF2yOd3gf+3iG7STfqjC6CBx+ddgj9lo6m1Gd9TXI/xQGDnjBl1NVPZKAov8BfFTYDR9XaO87zk3IAhxceU4682XYQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=alien8.de; spf=pass smtp.mailfrom=alien8.de; dkim=pass (4096-bit key) header.d=alien8.de header.i=@alien8.de header.b=iZBd8+jP; arc=none smtp.client-ip=65.109.113.108 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=alien8.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=alien8.de Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id 2FE7A40E019F; Fri, 14 Jun 2024 16:14:40 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Authentication-Results: mail.alien8.de (amavisd-new); dkim=pass (4096-bit key) header.d=alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 6wf_wZH5Ifv4; Fri, 14 Jun 2024 16:14:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1718381677; bh=i2Oov2b/x7FRTX2KE+EloDSI1YULDDwDpYnfJIwHGJE=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=iZBd8+jPngmiZb77P8mi6r7eRQtBh4h9gbPdm6FJabEDpaE6/+HzqqWZJw5Thr2GN Vj+ctIZT7b+eEvcBV4iqtgJsFoo39TWSCZJlGVELqkLcmGXi6zp4YbzqinkqBHrasA /+nuxMuwHR2gClm3uYzPTVwXzDrjVPOH7s8nqZk0eUQ0tRWo9Y84kOWt3RVz7MZPvq EypI+ADjwmqcT3if6YAYnQGldPMWQ3qM91lVdQKJYemC2e6ySo7sXeU0AvCOYSzfRJ QqMvDkOun8hGXfLPutsqMekWnqgsffzsLaGPSV8nSZhL4hAYrdnlfmswwvDYmCEeBm oNV6lsqmFV5TwQXrpu7OA4hgze+qjHgJ5yQnLFoOdmZQIiyW7wFzrbL4hO1qme6FZ4 VhN2d6eUULdMgP6Y+6A/Yw3Ex0Cfc3r0pUIMk0oacL9T8dQtQ1Q/2S+dvnkTVvwH12 BlRrX+ALNJMmw6dDAPemqvDUWrc4an16PRliARVl6VFGT3K9UcZFEQED5blrBfu2sn SDIzmIppS5IQzJjy5a7IbGoHR5zjeEshCmHz8oKq5nOR6340YfM/tcEsS0Ov8dM0l0 Gqm1qYxxDVqAvB3HoOo965IKG/AKtBdPNrK2rdYkjMitOo4O2MpCyUkmCstYJ5Uo7e pWxN9W+gGhj1uFhFunJqQjjw= Received: from zn.tnic (p5de8ee85.dip0.t-ipconnect.de [93.232.238.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 9990440E00C9; Fri, 14 Jun 2024 16:14:09 +0000 (UTC) Date: Fri, 14 Jun 2024 18:14:04 +0200 From: Borislav Petkov To: Dave Hansen Cc: Alexey Makhalov , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, hpa@zytor.com, dave.hansen@linux.intel.com, mingo@redhat.com, tglx@linutronix.de, x86@kernel.org, netdev@vger.kernel.org, richardcochran@gmail.com, linux-input@vger.kernel.org, dmitry.torokhov@gmail.com, zackr@vmware.com, linux-graphics-maintainer@vmware.com, pv-drivers@vmware.com, timothym@vmware.com, akaher@vmware.com, dri-devel@lists.freedesktop.org, daniel@ffwll.ch, airlied@gmail.com, tzimmermann@suse.de, mripard@kernel.org, maarten.lankhorst@linux.intel.com, horms@kernel.org, kirill.shutemov@linux.intel.com, Tim Merrifield Subject: Re: [PATCH v11 8/8] x86/vmware: Add TDX hypercall support Message-ID: <20240614161404.GCZmxsTNLSoYTqoRoj@fat_crate.local> References: <20240613191650.9913-1-alexey.makhalov@broadcom.com> <20240613191650.9913-9-alexey.makhalov@broadcom.com> <844ef200-aabe-4497-85c9-44fc46c9133a@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <844ef200-aabe-4497-85c9-44fc46c9133a@intel.com> On Fri, Jun 14, 2024 at 09:03:22AM -0700, Dave Hansen wrote: > On 6/13/24 12:16, Alexey Makhalov wrote: > > +unsigned long vmware_tdx_hypercall(unsigned long cmd, > > + unsigned long in1, unsigned long in3, > > + unsigned long in4, unsigned long in5, > > + u32 *out1, u32 *out2, u32 *out3, > > + u32 *out4, u32 *out5) > > +{ > > + struct tdx_module_args args; > > + > > + if (!hypervisor_is_type(X86_HYPER_VMWARE)) { > > + pr_warn_once("Incorrect usage\n"); > > + return ULONG_MAX; > > + } > > + > > + if (cmd & ~VMWARE_CMD_MASK) { > > + pr_warn_once("Out of range command %lx\n", cmd); > > + return ULONG_MAX; > > + } > > + > > + args.rbx = in1; > > + args.rdx = in3; > > + args.rsi = in4; > > + args.rdi = in5; > > + args.r10 = VMWARE_TDX_VENDOR_LEAF; > > + args.r11 = VMWARE_TDX_HCALL_FUNC; > > + args.r12 = VMWARE_HYPERVISOR_MAGIC; > > + args.r13 = cmd; > > + args.r15 = 0; /* CPL */ > > I believe this leaks stack data into the hypervisor. Or did I miss the > zeroing of rcx/r8/r9/r14? > > You need to zero out all of 'args' somehow. You mean like this: struct tdx_module_args args = {}; ? -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette