| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87zgyauqyr.fsf@linux.intel.com>
Date: Wed, 07 Apr 2021 07:09:00 -0700
From: Andi Kleen <ak@...ux.intel.com>
To: Christophe de Dinechin <cdupontd@...hat.com>
Cc: "Kirill A. Shutemov" <kirill@...temov.name>,
David Hildenbrand <david@...hat.com>,
Dave Hansen <dave.hansen@...el.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Andy Lutomirski <luto@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
Sean Christopherson <seanjc@...gle.com>,
Jim Mattson <jmattson@...gle.com>,
David Rientjes <rientjes@...gle.com>,
"Edgecombe\, Rick P" <rick.p.edgecombe@...el.com>,
"Kleen\, Andi" <andi.kleen@...el.com>,
"Yamahata\, Isaku" <isaku.yamahata@...el.com>, x86@...nel.org,
kvm@...r.kernel.org, linux-mm@...ck.org,
linux-kernel@...r.kernel.org,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
Subject: Re: [RFCv1 7/7] KVM: unmap guest memory using poisoned pages
Christophe de Dinechin <cdupontd@...hat.com> writes:
> Is there even a theoretical way to restore an encrypted page e.g. from (host)
> swap without breaking the integrity check? Or will that only be possible with
> assistance from within the encrypted enclave?
Only the later.
You would need balloning. It's in principle possible, but currently
not implemented.
In general host swap without balloning is usually a bad idea anyways
because it often just swaps a lot of cache data that could easily be
thrown away instead.
-andi
Powered by blists - more mailing lists