subject:"Re\: \[RFC Part1 PATCH 11\/13\] x86\/kernel\: validate rom memory before accessing when SEV\-SNP is active"

Re: [RFC Part1 PATCH 11/13] x86/kernel: validate rom memory before accessing when SEV-SNP is active

2021-04-09 Thread Brijesh Singh



On 4/9/21 11:53 AM, Borislav Petkov wrote:
> On Wed, Mar 24, 2021 at 11:44:22AM -0500, Brijesh Singh wrote:
>> +/*
>> + * The ROM memory is not part of the E820 system RAM and is not 
>> prevalidated by the BIOS.
>> + * The kernel page table maps the ROM region as encrypted memory, the 
>> SEV-SNP requires
>> + * the all the encrypted memory must be validated before the access.
>> + */
>> +if (sev_snp_active()) {
>> +unsigned long n, paddr;
>> +
>> +n = ((system_rom_resource.end + 1) - video_rom_resource.start) 
>> >> PAGE_SHIFT;
>> +paddr = video_rom_resource.start;
>> +early_snp_set_memory_private((unsigned long)__va(paddr), paddr, 
>> n);
>> +}
> I don't like this sprinkling of SNP-special stuff that needs to be done,
> around the tree. Instead, pls define a function called
>
>   snp_prep_memory(unsigned long pa, unsigned int num_pages, enum 
> operation);
>
> or so which does all the manipulation needed and the callsites only
> simply unconditionally call that function so that all detail is
> extracted and optimized away when not config-enabled.


Sure, I will do this in the next rev.


>
> Thx.
>

Re: [RFC Part1 PATCH 11/13] x86/kernel: validate rom memory before accessing when SEV-SNP is active

2021-04-09 Thread Borislav Petkov

On Wed, Mar 24, 2021 at 11:44:22AM -0500, Brijesh Singh wrote:
> + /*
> +  * The ROM memory is not part of the E820 system RAM and is not 
> prevalidated by the BIOS.
> +  * The kernel page table maps the ROM region as encrypted memory, the 
> SEV-SNP requires
> +  * the all the encrypted memory must be validated before the access.
> +  */
> + if (sev_snp_active()) {
> + unsigned long n, paddr;
> +
> + n = ((system_rom_resource.end + 1) - video_rom_resource.start) 
> >> PAGE_SHIFT;
> + paddr = video_rom_resource.start;
> + early_snp_set_memory_private((unsigned long)__va(paddr), paddr, 
> n);
> + }

I don't like this sprinkling of SNP-special stuff that needs to be done,
around the tree. Instead, pls define a function called

snp_prep_memory(unsigned long pa, unsigned int num_pages, enum 
operation);

or so which does all the manipulation needed and the callsites only
simply unconditionally call that function so that all detail is
extracted and optimized away when not config-enabled.

Thx.

-- 
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Re: [RFC Part1 PATCH 11/13] x86/kernel: validate rom memory before accessing when SEV-SNP is active

Re: [RFC Part1 PATCH 11/13] x86/kernel: validate rom memory before accessing when SEV-SNP is active

2 matches

Site Navigation

Mail list logo

Footer information