lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20221215194518.GD3632095@ls.amr.corp.intel.com>
Date:   Thu, 15 Dec 2022 11:45:18 -0800
From:   Isaku Yamahata <isaku.yamahata@...il.com>
To:     Zhi Wang <zhi.wang.linux@...il.com>
Cc:     isaku.yamahata@...el.com, kvm@...r.kernel.org,
        linux-kernel@...r.kernel.org, isaku.yamahata@...il.com,
        Paolo Bonzini <pbonzini@...hat.com>, erdemaktas@...gle.com,
        Sean Christopherson <seanjc@...gle.com>,
        Sagi Shahar <sagis@...gle.com>,
        David Matlack <dmatlack@...gle.com>,
        Sean Christopherson <sean.j.christopherson@...el.com>,
        zhi.a.wang@...el.com
Subject: Re: [PATCH v10 011/108] KVM: TDX: Add C wrapper functions for
 SEAMCALLs to the TDX module

On Wed, Nov 23, 2022 at 12:00:47PM +0200,
Zhi Wang <zhi.wang.linux@...il.com> wrote:

> On Sat, 29 Oct 2022 23:22:12 -0700
> isaku.yamahata@...el.com wrote:
> 
> > From: Isaku Yamahata <isaku.yamahata@...el.com>
> > 
> > A VMM interacts with the TDX module using a new instruction
> > (SEAMCALL).  A TDX VMM uses SEAMCALLs where a VMX VMM would have
> > directly interacted with VMX instructions.  For instance, a TDX VMM
> > does not have full access to the VM control structure corresponding
> > to VMX VMCS.  Instead, a VMM induces the TDX module to act on behalf
> > via SEAMCALLs.
> > 
> > Export __seamcall and define C wrapper functions for SEAMCALLs for
> > readability.  Some SEAMCALL APIs donates pages to TDX module or guest
> > TD. The pages are encrypted with TDX private host key id set in high
> 
> It seems a little bit confusing here.
> 
> I guess you are talking about the host pages donated to TDX module will
> be encrypted with TDX module global key id, which is used to
> encrypted the pages only used by TDX module. For pages donated to the
> TD guest, the pages are encrypted with TD guest prviate key id?

Basically yes. Only TDR is encrypted with the global key id.


> It might be better that you can talk about the actual reaason instead of
> the key id stuff. For example Some SEMCALL APIs will zap or write the
> pages donated by VMM via MOVDIR64B, which requires the VMM to flush the
> cachelines.

How about the followings?

Some SEAMCALL APIs donates host pages to TDX module or guest TD and the
donated pages are encrypted.  Some of such SEAMCALLs flush cache lines
(typically by movdir64b instruction), some don't.  Those that doesn't
clear cache lines require the VMM to flush the cache lines to avoid cache
line alias.

-- 
Isaku Yamahata <isaku.yamahata@...il.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ