[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 1/8] x86/boot: Sanitise PKRU on boot
- To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Thu, 12 Jan 2023 13:47:53 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+5nq5y+s6CvaJEydMt/0aW9bpCFjZb/jW5gJ8rxtVn4=; b=Zpc83K78loaQ81jVqnhR3/txwi9hJ+sTdGZlkzAEZNzKsFIRHQQkMdXo4JwtoZNP4+Mw72GuU+7Ukq9ktxbyqv9PpEQ4n+AYgkj+d4AcgNst/QZxCQ0o9Uo9f1KHjdSyP8PAUewlJ0hgcRjVoOyRKeEEpMPHytmX3IPFO7Op5X3gXMxq4ZWHynJ112RY0Yy2Y1gZYZvp6KkU2BK6RdRSH18SVqFpgvvNm5hbiHVfGUnwKGENjasAtJg70CQmAgi5IxHG5SNQmVEJRjrUUmEl2m8Xo87rCHksyUcMPyU0mxcnYKAsYI3AMn1G/UceAllN9y8lei+ZNU784HuPUP98cw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XkXJKszHgtwScjrSDfu1kesMGdUZT17Z1KT5a404LKcOKJE7BUk5FtxtPckmWJbOSjErs44bmzOXiuVFCd6Qmfe+UUuFzC8TTfLxbUJfZxGWriK6Dys/c1bYNBfdTArwiIhHoSREEPTF30QBowpmBW4o/ZbdhVemufEOlra29UxW+zF+ijDIi1EwslRgMVDGcsv4U4cgUtP6Qw1zMIGXcJ+Mjlhk/RHMUQ09ez/WNZAUh425WRF3ObJMAb3CZYqYHJcfNbuNb5BkTqx4fSaJp1hU91RYB20v58sDSUFMZJvCVV3c1QMo+9jwK8D/TiQG9wvyzE3dR6VOoQCiPIQ86A==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- Delivery-date: Thu, 12 Jan 2023 12:48:06 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 10.01.2023 18:18, Andrew Cooper wrote:
> While the reset value of the register is 0, it might not be after kexec/etc.
> If PKEY0.{WD,AD} have leaked in from an earlier context, construction of a PV
> dom0 will explode.
>
> Sequencing wise, this must come after setting CR4.PKE, and before we touch any
> user mappings.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> ---
> CC: Jan Beulich <JBeulich@xxxxxxxx>
> CC: Roger Pau Monné <roger.pau@xxxxxxxxxx>
> CC: Wei Liu <wl@xxxxxxx>
>
> For sequencing, it could also come after setting XCR0.PKRU too, but then we'd
> need to construct an empty XSAVE area to XRSTOR from, and that would be even
> more horrible to arrange.
That would be ugly for other reasons as well, I think.
> --- a/xen/arch/x86/cpu/common.c
> +++ b/xen/arch/x86/cpu/common.c
> @@ -936,6 +936,9 @@ void cpu_init(void)
> write_debugreg(6, X86_DR6_DEFAULT);
> write_debugreg(7, X86_DR7_DEFAULT);
>
> + if (cpu_has_pku)
> + wrpkru(0);
What about the BSP during S3 resume? Shouldn't we play safe there too, just
in case?
Jan
|
