lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20220408035029.GH2864606@ls.amr.corp.intel.com>
Date:   Thu, 7 Apr 2022 20:50:29 -0700
From:   Isaku Yamahata <isaku.yamahata@...il.com>
To:     Paolo Bonzini <pbonzini@...hat.com>
Cc:     isaku.yamahata@...el.com, kvm@...r.kernel.org,
        linux-kernel@...r.kernel.org, isaku.yamahata@...il.com,
        Jim Mattson <jmattson@...gle.com>, erdemaktas@...gle.com,
        Connor Kuehl <ckuehl@...hat.com>,
        Sean Christopherson <seanjc@...gle.com>
Subject: Re: [RFC PATCH v5 102/104] KVM: TDX: Add methods to ignore accesses
 to CPU state

On Tue, Apr 05, 2022 at 05:56:36PM +0200,
Paolo Bonzini <pbonzini@...hat.com> wrote:

> On 3/4/22 20:49, isaku.yamahata@...el.com wrote:
> > From: Sean Christopherson <sean.j.christopherson@...el.com>
> > 
> > TDX protects TDX guest state from VMM.  Implements to access methods for
> > TDX guest state to ignore them or return zero.
> > 
> > Signed-off-by: Sean Christopherson <sean.j.christopherson@...el.com>
> > Signed-off-by: Isaku Yamahata <isaku.yamahata@...el.com>
> 
> For most of these, it would be interesting to see which paths actually can
> be hit.  For SEV, it's all cut out by
> 
>         if (vcpu->arch.guest_state_protected)
>                 return 0;
> 
> in functions such as __set_sregs_common.  Together with the fact that TDX
> does not get to e.g. handle_set_cr0, this should prevent most such calls
> from happening.  So most of these should be KVM_BUG_ON or WARN_ON, not just
> returns.

If debug mode is enabled, guest state isn't protected.  memory/cpu state can
be read/written via SEAMCALLs.  So guest_state_protected isn't set to true.

Anyway for now with this patch series, debug mode isn't supported well, I will
go with adding KVM_BUG_ON/WARN_ON.
-- 
Isaku Yamahata <isaku.yamahata@...il.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ