On Fri, May 17, 2024 at 04:08:03PM +0200, Juergen Gross wrote:
On 17.05.24 15:55, Kirill A. Shutemov wrote:
On Fri, May 17, 2024 at 02:14:50PM +0200, Juergen Gross wrote:
While testing TDX host support patches, a crash of the host has been
observed a few instructions after doing a seamcall. Reason was a
clobbered %rbp (set to 0), which occurred in spite of the TDX module
offering the feature NOT to modify %rbp across TDX module calls.
In order not having to build the host kernel with CONFIG_FRAME_POINTER,
save %rbp across a seamcall/tdcall.
There's a feature in TDX module 1.5 that prevents RBP modification across
TDH.VP.ENTER SEAMCALL. See NO_RBP_MOD in TDX Module 1.5 ABI spec.
I think it has to be enabled for all TDs and TDX modules that don't
support it need to be rejected.
Yes, I know. I'm using the patch series:
[PATCH v19 000/130] KVM TDX basic feature support
which I think does exactly that (see setup_tdparams() and tdx_module_setup()).
Looks like the check is broken:
https://lore.kernel.org/all/46mh5hinsv5mup2x7jv4iu2floxmajo2igrxb3haru3cgjukbg@v44nspjozm4h/
Nevertheless the clobbering happened, and saving/restoring %rbp made the
issue to go away. I suspect there is a path left still clobbering %rbp.
What is your TDX module version? My guess is that NOM_RBP_MOD is not
supported by it and given that the check is broken nobody enforces it.
Attachment:
OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature