[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230605121210.gv5n7swqzuwl4jv4@box.shutemov.name>
Date: Mon, 5 Jun 2023 15:12:10 +0300
From: "Kirill A. Shutemov" <kirill@...temov.name>
To: Dave Hansen <dave.hansen@...el.com>
Cc: "Michael Kelley (LINUX)" <mikelley@...rosoft.com>,
Tom Lendacky <thomas.lendacky@....com>,
Sathyanarayanan Kuppuswamy
<sathyanarayanan.kuppuswamy@...ux.intel.com>,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"mingo@...hat.com" <mingo@...hat.com>,
"bp@...en8.de" <bp@...en8.de>, Dexuan Cui <decui@...rosoft.com>,
"rick.p.edgecombe@...el.com" <rick.p.edgecombe@...el.com>,
"seanjc@...gle.com" <seanjc@...gle.com>,
"x86@...nel.org" <x86@...nel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"stable@...r.kernel.org" <stable@...r.kernel.org>
Subject: Re: [PATCHv2 2/3] x86/tdx: Fix race between set_memory_encrypted()
and load_unaligned_zeropad()
On Fri, Jun 02, 2023 at 10:42:33AM -0700, Dave Hansen wrote:
> On 6/2/23 09:11, Michael Kelley (LINUX) wrote:
> > Tom -- Does the above sequence *depend* on the hypervisor doing anything
> > to make it work? I'm not clear on why KVM would automatically change the
> > page over to private. If there's a dependency on the hypervisor doing
> > something, then it seems like we'll need to standardize that "something"
> > across hypervisors, lest we end up with per-hypervisor code in Linux to handle
> > this scenario. And running SEV-SNP with multiple VMPLs probably makes it
> > even more complicated.
> >
> > Kirill -- Same question about TDX. Does making load_unaligned_zeropad()
> > work in a TDX VM depend on the hypervisor doing anything? Or is the
> > behavior seen by the guest dependent only on architected behavior of
> > the TDX processor?
>
> No, there's no active help from the hypervisor here.
>
> Also, fwiw, the "architected behavior" here is really just the TDX
> module policy and _arguably_ the hardware Secure-EPT controlled by the
> TDX module.
Right. There's nothing VMM can do to change behaviour here. VMM can remove
private page, but it will lead to VM termination on access to the page,
but VMM controls VM lifecycle anyway.
--
Kiryl Shutsemau / Kirill A. Shutemov
Powered by blists - more mailing lists