| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20201006161200.GB17610@linux.intel.com>
Date: Tue, 6 Oct 2020 09:12:00 -0700
From: Sean Christopherson <sean.j.christopherson@...el.com>
To: Vitaly Kuznetsov <vkuznets@...hat.com>
Cc: Vivek Goyal <vgoyal@...hat.com>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org,
virtio-fs-list <virtio-fs@...hat.com>, pbonzini@...hat.com
Subject: Re: [PATCH v4] kvm,x86: Exit to user space in case page fault error
On Tue, Oct 06, 2020 at 05:24:54PM +0200, Vitaly Kuznetsov wrote:
> Vivek Goyal <vgoyal@...hat.com> writes:
> > So you will have to report token (along with -EFAULT) to user space. So this
> > is basically the 3rd proposal which is extension of kvm API and will
> > report say HVA/GFN also to user space along with -EFAULT.
>
> Right, I meant to say that guest kernel has full register state of the
> userspace process which caused APF to get queued and instead of trying
> to extract it in KVM and pass to userspace in case of a (later) failure
> we limit KVM api change to contain token or GFN only and somehow keep
> the rest in the guest. This should help with TDX/SEV-ES.
Whatever gets reported to userspace should be identical with and without
async page faults, i.e. it definitely shouldn't have token information.
Note, TDX doesn't allow injection exceptions, so reflecting a #PF back
into the guest is not an option. Nor do I think that's "correct"
behavior (see everyone's objections to using #PF for APF fixed). I.e. the
event should probably be an IRQ.
Powered by blists - more mailing lists