[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20220331201550.GC2084469@ls.amr.corp.intel.com>
Date: Thu, 31 Mar 2022 13:15:50 -0700
From: Isaku Yamahata <isaku.yamahata@...il.com>
To: Kai Huang <kai.huang@...el.com>
Cc: isaku.yamahata@...el.com, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, isaku.yamahata@...il.com,
Paolo Bonzini <pbonzini@...hat.com>,
Jim Mattson <jmattson@...gle.com>, erdemaktas@...gle.com,
Connor Kuehl <ckuehl@...hat.com>,
Sean Christopherson <seanjc@...gle.com>
Subject: Re: [RFC PATCH v5 023/104] x86/cpu: Add helper functions to
allocate/free MKTME keyid
On Thu, Mar 31, 2022 at 02:21:06PM +1300,
Kai Huang <kai.huang@...el.com> wrote:
> On Fri, 2022-03-04 at 11:48 -0800, isaku.yamahata@...el.com wrote:
> > From: Isaku Yamahata <isaku.yamahata@...el.com>
> >
> > MKTME keyid is assigned to guest TD. The memory controller encrypts guest
> > TD memory with key id. Add helper functions to allocate/free MKTME keyid
> > so that TDX KVM assign keyid.
>
> Using MKTME keyid is wrong, at least not accurate I think. We should use
> explicitly use "TDX private KeyID", which is clearly documented in the spec:
>
> https://software.intel.com/content/dam/develop/external/us/en/documents-tps/intel-tdx-cpu-architectural-specification.pdf
>
> Also, description of IA32_MKTME_KEYID_PARTITIONING MSR clearly says TDX private
> KeyIDs span the range (NUM_MKTME_KIDS+1) through
> (NUM_MKTME_KIDS+NUM_TDX_PRIV_KIDS). So please just use TDX private KeyID here.
>
>
> >
> > Also export MKTME global keyid that is used to encrypt TDX module and its
> > memory.
>
> This needs explanation why the global keyID needs to be exported.
How about the followings?
TDX private host key id is assigned to guest TD. The memory controller
encrypts guest TD memory with the assigned host key id (HIKD). Add helper
functions to allocate/free TDX private host key id so that TDX KVM manage
it.
Also export the global TDX private host key id that is used to encrypt TDX
module, its memory and some dynamic data (e.g. TDR). When VMM releasing
encrypted page to reuse it, the page needs to be flushed with the used host
key id. VMM needs the global TDX private host key id to flush such pages
TDX module accesses with the global TDX private host key id.
Thanks,
--
Isaku Yamahata <isaku.yamahata@...il.com>
Powered by blists - more mailing lists