From: Alexey Kardashevskiy <aik@amd.com>
To: Peter Gonda <pgonda@google.com>,
Dionna Amalie Glaze <dionnaglaze@google.com>
Cc: Dan Williams <dan.j.williams@intel.com>,
linux-coco@lists.linux.dev, Borislav Petkov <bp@alien8.de>,
Tom Lendacky <thomas.lendacky@amd.com>,
Brijesh Singh <brijesh.singh@amd.com>,
Jeremi Piotrowski <jpiotrowski@linux.microsoft.com>,
Kuppuswamy Sathyanarayanan
<sathyanarayanan.kuppuswamy@linux.intel.com>,
peterz@infradead.org, dave.hansen@linux.intel.com
Subject: Re: [PATCH v6 6/7] virt: sevguest: Add TSM_REPORTS support for SNP_GET_EXT_REPORT
Date: Tue, 17 Oct 2023 11:42:30 +1100 [thread overview]
Message-ID: <9c55ef4f-181b-4370-8444-dd0b02ba317a@amd.com> (raw)
In-Reply-To: <CAMkAt6p_mTKrzzQGqzMPB9FU9Nqy9yLJ_tCqFQQ7Q_W12XCkJg@mail.gmail.com>
On 17/10/23 02:42, Peter Gonda wrote:
> On Mon, Oct 16, 2023 at 9:39 AM Dionna Amalie Glaze
> <dionnaglaze@google.com> wrote:
>>
>>>> +
>>>> + struct snp_guest_request_ioctl input = {
>>>> + .msg_version = 1,
>>>> + .req_data = (__u64)&ext_req,
>>>> + .resp_data = (__u64)buf,
>>>> + .exitinfo2 = 0xff,
>>>
>>> Not sure we need this line with 0xff.
>>>
>>
>> The exitinfo2 value had an uninitialized memory bug, where random data
>> would get returned to user space. I think this is carrying forward the
>> initial value that sev-guest currently uses.
>
> I think during the initial review I asked for exitinfo2 to be set to
> some known value initially.
> That way userspace can tell if the request
> failed before the ASP was involved.
ASP or HV? SEV-SNP ABI or GHCB? It is possible to make a GHCB call and
have KVM write something in exit_info_2 without calling the ASP. The
guest should really look into the encrypted response buffer to know what
really happened.
Anyway, looks like "rio->exitinfo2 = SEV_RET_NO_FW_CALL" in
snp_issue_guest_request() is supposed to handle this. 0xff in
snp_guest_ioctl() seems to be for something else. May be
s/0xff/SEV_RET_NO_FW_CALL/. And I do not really see why the userspace
could not write this 0xff to @input itself before doing ioctl().
The efb339a83368ab25de log is ambiguous btw -
"The PSP can return ... in circumstances where the PSP has not actually
been called" - if something is not called - it cannot possibly return :)
Thanks,
>>
>> --
>> -Dionna Glaze, PhD (she/her)
>>
--
Alexey
next prev parent reply other threads:[~2023-10-17 0:43 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-13 2:13 [PATCH v6 0/7] configfs-tsm: Attestation Report ABI Dan Williams
2023-10-13 2:14 ` [PATCH v6 1/7] virt: sevguest: Fix passing a stack buffer as a scatterlist target Dan Williams
2023-10-13 2:14 ` [PATCH v6 2/7] virt: coco: Add a coco/Makefile and coco/Kconfig Dan Williams
2023-10-13 2:14 ` [PATCH v6 3/7] configfs-tsm: Introduce a shared ABI for attestation reports Dan Williams
2023-10-13 4:43 ` Dionna Amalie Glaze
2023-10-13 5:15 ` Dan Williams
2023-10-16 6:36 ` Alexey Kardashevskiy
2023-10-17 2:19 ` Dan Williams
2023-10-17 6:20 ` Alexey Kardashevskiy
2023-10-19 1:29 ` Dan Williams
2023-10-19 20:24 ` Dan Williams
2023-10-13 2:14 ` [PATCH v6 4/7] virt: sevguest: Prep for kernel internal get_ext_report() Dan Williams
2023-10-13 2:14 ` [PATCH v6 5/7] mm/slab: Add __free() support for kvfree Dan Williams
2023-10-13 2:14 ` [PATCH v6 6/7] virt: sevguest: Add TSM_REPORTS support for SNP_GET_EXT_REPORT Dan Williams
2023-10-13 15:38 ` Tom Lendacky
2023-10-14 4:46 ` Dan Williams
2023-10-16 11:36 ` Alexey Kardashevskiy
2023-10-16 15:39 ` Dionna Amalie Glaze
2023-10-16 15:42 ` Peter Gonda
2023-10-17 0:42 ` Alexey Kardashevskiy [this message]
2023-10-19 4:30 ` Dan Williams
2023-10-17 4:07 ` Dan Williams
2023-10-17 5:35 ` Alexey Kardashevskiy
2023-10-17 6:28 ` Alexey Kardashevskiy
2023-10-19 4:43 ` Dan Williams
2023-10-19 5:12 ` Alexey Kardashevskiy
2023-10-19 3:34 ` Dan Williams
2023-10-13 2:14 ` [PATCH v6 7/7] virt: tdx-guest: Add Quote generation support using TSM_REPORTS Dan Williams
2023-10-19 18:12 ` Peter Gonda
2023-10-13 15:39 ` [PATCH v6 0/7] configfs-tsm: Attestation Report ABI Tom Lendacky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9c55ef4f-181b-4370-8444-dd0b02ba317a@amd.com \
--to=aik@amd.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=dionnaglaze@google.com \
--cc=jpiotrowski@linux.microsoft.com \
--cc=linux-coco@lists.linux.dev \
--cc=peterz@infradead.org \
--cc=pgonda@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=thomas.lendacky@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.