| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <917dc5ad-34c9-735b-83da-456873a2338c@intel.com>
Date: Mon, 24 May 2021 21:32:15 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: Andi Kleen <ak@...ux.intel.com>,
Dan Williams <dan.j.williams@...el.com>
Cc: "Kuppuswamy, Sathyanarayanan"
<sathyanarayanan.kuppuswamy@...ux.intel.com>,
Peter Zijlstra <peterz@...radead.org>,
Andy Lutomirski <luto@...nel.org>,
Tony Luck <tony.luck@...el.com>,
Kirill Shutemov <kirill.shutemov@...ux.intel.com>,
Kuppuswamy Sathyanarayanan <knsathya@...nel.org>,
Raj Ashok <ashok.raj@...el.com>,
Sean Christopherson <seanjc@...gle.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [RFC v2-fix-v2 2/2] x86/tdx: Ignore WBINVD instruction for TDX
guest
On 5/24/21 7:13 PM, Andi Kleen wrote:
> I don't see any point of all of this. We really just want to be the same
> as KVM. Not get into the business of patching a bazillion sub systems
> that cannot be used in TDX anyways.
Andi, there's a fundamental difference between KVM the hypervisor and a
TDX guest: KVM the hypervisor runs unknown guests, and lots of them.
TD guest support as a whole has to handle one thing: running *one* Linux
kernel. Further, the guest support shares a source tree with that
kernel. TD guest support doesn't have to run random binaries for which
there is no source. All of the source is *RIGHT* *THERE*.
The only reason TD guest support would have to fall back to KVM's dirty
tricks is a desire to treat the rest of the kernel like a black box.
KVM frankly has no other choice. TD guest support has all the choices
in the world.
Powered by blists - more mailing lists