| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <85b1dabf-f7be-490a-a856-28227a85ab3a@www.fastmail.com>
Date: Wed, 01 Sep 2021 10:08:33 -0700
From: "Andy Lutomirski" <luto@...nel.org>
To: "James Bottomley" <jejb@...ux.ibm.com>,
"David Hildenbrand" <david@...hat.com>,
"Sean Christopherson" <seanjc@...gle.com>
Cc: "Paolo Bonzini" <pbonzini@...hat.com>,
"Vitaly Kuznetsov" <vkuznets@...hat.com>,
"Wanpeng Li" <wanpengli@...cent.com>,
"Jim Mattson" <jmattson@...gle.com>,
"Joerg Roedel" <joro@...tes.org>, "kvm list" <kvm@...r.kernel.org>,
"Linux Kernel Mailing List" <linux-kernel@...r.kernel.org>,
"Borislav Petkov" <bp@...en8.de>,
"Andrew Morton" <akpm@...ux-foundation.org>,
"Joerg Roedel" <jroedel@...e.de>,
"Andi Kleen" <ak@...ux.intel.com>,
"David Rientjes" <rientjes@...gle.com>,
"Vlastimil Babka" <vbabka@...e.cz>,
"Tom Lendacky" <thomas.lendacky@....com>,
"Thomas Gleixner" <tglx@...utronix.de>,
"Peter Zijlstra (Intel)" <peterz@...radead.org>,
"Ingo Molnar" <mingo@...hat.com>,
"Varad Gautam" <varad.gautam@...e.com>,
"Dario Faggioli" <dfaggioli@...e.com>,
"the arch/x86 maintainers" <x86@...nel.org>, linux-mm@...ck.org,
linux-coco@...ts.linux.dev,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
"Kirill A . Shutemov" <kirill@...temov.name>,
"Sathyanarayanan Kuppuswamy"
<sathyanarayanan.kuppuswamy@...ux.intel.com>,
"Dave Hansen" <dave.hansen@...el.com>,
"Yu Zhang" <yu.c.zhang@...ux.intel.com>
Subject: Re: [RFC] KVM: mm: fd-based approach for supporting KVM guest private memory
On Wed, Sep 1, 2021, at 9:18 AM, James Bottomley wrote:
> On Wed, 2021-09-01 at 08:54 -0700, Andy Lutomirski wrote:
> [...]
> > If you want to swap a page on TDX, you can't. Sorry, go directly to
> > jail, do not collect $200.
>
> Actually, even on SEV-ES you can't either. You can read the encrypted
> page and write it out if you want, but unless you swap it back to the
> exact same physical memory location, the encryption key won't work.
> Since we don't guarantee this for swap, I think swap won't actually
> work for any confidential computing environment.
>
> > So I think there are literally zero code paths that currently call
> > try_to_unmap() that will actually work like that on TDX. If we run
> > out of memory on a TDX host, we can kill the guest completely and
> > reclaim all of its memory (which probably also involves killing QEMU
> > or whatever other user program is in charge), but that's really our
> > only option.
>
> I think our only option for swap is guest co-operation. We're going to
> have to inflate a balloon or something in the guest and have the guest
> driver do some type of bounce of the page, where it becomes an
> unencrypted page in the guest (so the host can read it without the
> physical address keying of the encryption getting in the way) but
> actually encrypted with a swap transfer key known only to the guest. I
> assume we can use the page acceptance infrastructure currently being
> discussed elsewhere to do swap back in as well ... the host provides
> the guest with the encrypted swap page and the guest has to decrypt it
> and place it in encrypted guest memory.
I asked David, and he said the PSP offers a swapping mechanism for SEV-ES. I haven’t read the details, but they should all be public.
Powered by blists - more mailing lists