On Tue, Mar 02, 2021 at 08:43:53PM +0100, Borislav Petkov wrote:
> On Wed, Feb 10, 2021 at 11:21:34AM +0100, Joerg Roedel wrote:
> > + /*
> > +* Store the sme_me_mask as an indicator that SEV is active. It will be
> > +* set again in startup_64().
>
> So why bother? Or does something nee
On Wed, Feb 10, 2021 at 11:21:34AM +0100, Joerg Roedel wrote:
> + /*
> + * Store the sme_me_mask as an indicator that SEV is active. It will be
> + * set again in startup_64().
So why bother? Or does something needs it before that?
...
> +SYM_FUNC_START(sev_startup32_cbit_check)
s
On 2/10/21 10:47 AM, Dave Hansen wrote:
On 2/10/21 2:21 AM, Joerg Roedel wrote:
+ /* Store to memory and keep it in the registers */
+ movl%eax, rva(sev_check_data)(%ebp)
+ movl%ebx, rva(sev_check_data+4)(%ebp)
+
+ /* Enable paging to see if encryption is active *
On 2/10/21 2:21 AM, Joerg Roedel wrote:
> + /* Store to memory and keep it in the registers */
> + movl%eax, rva(sev_check_data)(%ebp)
> + movl%ebx, rva(sev_check_data+4)(%ebp)
> +
> + /* Enable paging to see if encryption is active */
> + movl%cr0, %edx /* Back
On Wed, Feb 10, 2021 at 08:25:11AM -0800, Dave Hansen wrote:
> This is all very cute. But, if this fails, it means that the .data
> section is now garbage, right?. I guess failing here is less
> entertaining than trying to run the kernel with random garbage in .data,
> but it doesn't make it very
On 2/10/21 2:21 AM, Joerg Roedel wrote:
> +1: rdrand %eax
> + jnc 1b
> +2: rdrand %ebx
> + jnc 2b
> +
> + /* Store to memory and keep it in the registers */
> + movl%eax, rva(sev_check_data)(%ebp)
> + movl%ebx, rva(sev_check_data+4)(%ebp)
> +
> + /* Ena
From: Joerg Roedel
Check whether the hypervisor reported the correct C-bit when running as
an SEV guest. Using a wrong C-bit position could be used to leak
sensitive data from the guest to the hypervisor.
Signed-off-by: Joerg Roedel
---
arch/x86/boot/compressed/head_64.S | 80 +
7 matches
Mail list logo
