| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 Jul 2022 23:50:57 +0200
From: Borislav Petkov <bp@...en8.de>
To: Dave Hansen <dave.hansen@...el.com>
Cc: Ard Biesheuvel <ardb@...nel.org>,
Dionna Amalie Glaze <dionnaglaze@...gle.com>,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
Peter Gonda <pgonda@...gle.com>,
Andy Lutomirski <luto@...nel.org>,
Sean Christopherson <seanjc@...gle.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Joerg Roedel <jroedel@...e.de>,
Andi Kleen <ak@...ux.intel.com>,
Kuppuswamy Sathyanarayanan
<sathyanarayanan.kuppuswamy@...ux.intel.com>,
David Rientjes <rientjes@...gle.com>,
Vlastimil Babka <vbabka@...e.cz>,
Tom Lendacky <thomas.lendacky@....com>,
Thomas Gleixner <tglx@...utronix.de>,
Peter Zijlstra <peterz@...radead.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Ingo Molnar <mingo@...hat.com>,
Varad Gautam <varad.gautam@...e.com>,
Dario Faggioli <dfaggioli@...e.com>,
Mike Rapoport <rppt@...nel.org>,
David Hildenbrand <david@...hat.com>,
Marcelo Cerri <marcelo.cerri@...onical.com>,
tim.gardner@...onical.com,
Khalid ElMously <khalid.elmously@...onical.com>,
philip.cox@...onical.com,
the arch/x86 maintainers <x86@...nel.org>,
Linux Memory Management List <linux-mm@...ck.org>,
linux-coco@...ts.linux.dev, linux-efi <linux-efi@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>,
"Yao, Jiewen" <jiewen.yao@...el.com>
Subject: Re: [PATCHv7 00/14] mm, x86/cc: Implement support for unaccepted
memory
On Tue, Jul 19, 2022 at 02:35:45PM -0700, Dave Hansen wrote:
> They're trying to design something that can (forever) handle guests that
> might not be able to accept memory.
Wait, what?
If you can't modify those guests to teach them to accept memory, how do
you add TDX or SNP guest support to them?
I.e., you need to modify the guests and then you can add memory
acceptance. Basically, your point below...
> It's based on the idea that *something* needs to assume control and
> EFI doesn't have enough information to assume control.
>
> I wish we didn't need all this complexity, though.
>
> There are three entities that can influence how much memory is accepted:
>
> 1. The host
> 2. The guest firmware
> 3. The guest kernel (or bootloader or something after the firmware)
>
> This whole thread is about how #2 and #3 talk to each other and make
> sure *someone* does it.
>
> I kinda think we should just take the guest firmware out of the picture.
> There are only going to be a few versions of the kernel that can boot
> under TDX (or SEV-SNP) and *can't* handle unaccepted memory. It seems a
> bit silly to design this whole interface for a few versions of the OS
> that TDX folks tell me can't be used anyway.
>
> I think we should just say if you want to run an OS that doesn't have
> unaccepted memory support, you can either:
>
> 1. Deal with that at the host level configuration
> 2. Boot some intermediate thing like a bootloader that does acceptance
> before running the stupid^Wunenlightended OS
> 3. Live with the 4GB of pre-accepted memory you get with no OS work.
>
> Yeah, this isn't convenient for some hosts. But, really, this is
> preferable to doing an EFI/OS dance until the end of time.
Ack. Definitely.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists