On 4/29/19 3:51 PM, Borislav Petkov wrote:
> [CAUTION: External Email]
>
> On Mon, Apr 29, 2019 at 08:16:07PM +, Gary R Hook wrote:
>> Yes, option 4 would be a combination of using a local copy of strncmp()
>
> Why the local copy?
Seemed suitable, since it's tiny. But I'm not married to the
On Mon, Apr 29, 2019 at 08:16:07PM +, Gary R Hook wrote:
> Yes, option 4 would be a combination of using a local copy of strncmp()
Why the local copy?
> and disabling instrumentation (KASAN, KCOV, whatever) for
> arch/x86/lib/cmdline.c when SME is enabled.
I think this should suffice. You
On 4/26/19 11:24 AM, Borislav Petkov wrote:
> On Fri, Apr 26, 2019 at 03:11:17PM +, Gary R Hook wrote:
>> 2) Turn off instrumentation for lib/cmdline.c. The risk is that any
>> changes to its code would not enjoy the benefits of KASAN/etc testing
>> (if enabled).
>
> What happened
On Fri, Apr 26, 2019 at 03:11:17PM +, Gary R Hook wrote:
> 2) Turn off instrumentation for lib/cmdline.c. The risk is that any
> changes to its code would not enjoy the benefits of KASAN/etc testing
> (if enabled).
What happened to Thomas' suggestion to turn off instrumentation for
On 4/8/19 2:08 PM, Borislav Petkov wrote:On 5/8/19 2:08 PM, Borislav
Petkov wrote:> On Mon, Apr 08, 2019 at 06:41:30PM +, Gary R Hook
wrote:
>> Again, not arguing. I completely understand. However, to be fair,
this
>> isn't about SME having trouble with those facilities, this is about
On 4/8/19 2:08 PM, Borislav Petkov wrote:
> On Mon, Apr 08, 2019 at 06:41:30PM +, Gary R Hook wrote:
>> Again, not arguing. I completely understand. However, to be fair, this
>> isn't about SME having trouble with those facilities, this is about
>> using certain features (e.g. command line
On Mon, Apr 08, 2019 at 06:41:30PM +, Gary R Hook wrote:
> Again, not arguing. I completely understand. However, to be fair, this
> isn't about SME having trouble with those facilities, this is about
> using certain features (e.g. command line option processing) early in
> the boot. Any
On 4/8/19 11:58 AM, Borislav Petkov wrote:
> On Mon, Apr 08, 2019 at 04:46:31PM +, Gary R Hook wrote:
>> My reasoning (not arguing): the file has been touched exactly one time
>> in 4 years, by Thomas. Doesn't appear to be a candidate for constant
>> modification, so this approach doesn't seem
On Mon, Apr 08, 2019 at 04:46:31PM +, Gary R Hook wrote:
> My reasoning (not arguing): the file has been touched exactly one time
> in 4 years, by Thomas. Doesn't appear to be a candidate for constant
> modification, so this approach doesn't seem risky to me. I could be wrong.
The problem,
On 4/4/19 3:42 PM, Thomas Gleixner wrote:
> On Thu, 4 Apr 2019, Hook, Gary wrote:
>
>> Enablement of AMD's Secure Memory Encryption feature is determined
>> very early in the boot cycle. Part of this procedure involves scanning
>> the command line for the paramater 'mem_encrypt'.
>>
>> To
On Thu, 4 Apr 2019, Hook, Gary wrote:
> Enablement of AMD's Secure Memory Encryption feature is determined
> very early in the boot cycle. Part of this procedure involves scanning
> the command line for the paramater 'mem_encrypt'.
>
> To determine intended state, the function sme_enable() uses
Enablement of AMD's Secure Memory Encryption feature is determined
very early in the boot cycle. Part of this procedure involves scanning
the command line for the paramater 'mem_encrypt'.
To determine intended state, the function sme_enable() uses library
functions cmdline_find_option() and
12 matches
Mail list logo
