| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <SA1PR21MB13352E893E8DCAE02CED2857BF1FA@SA1PR21MB1335.namprd21.prod.outlook.com>
Date: Tue, 22 Aug 2023 16:47:09 +0000
From: Dexuan Cui <decui@...rosoft.com>
To: Isaku Yamahata <isaku.yamahata@...il.com>,
"ak@...ux.intel.com" <ak@...ux.intel.com>,
"x86@...nel.org" <x86@...nel.org>,
"dave.hansen@...el.com" <dave.hansen@...el.com>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
"bp@...en8.de" <bp@...en8.de>, "arnd@...db.de" <arnd@...db.de>,
"kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
"peterz@...radead.org" <peterz@...radead.org>,
"sathyanarayanan.kuppuswamy@...ux.intel.com"
<sathyanarayanan.kuppuswamy@...ux.intel.com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"wei.liu@...nel.org" <wei.liu@...nel.org>
CC: "brijesh.singh@....com" <brijesh.singh@....com>,
"dan.j.williams@...el.com" <dan.j.williams@...el.com>,
Haiyang Zhang <haiyangz@...rosoft.com>,
"hpa@...or.com" <hpa@...or.com>,
"jane.chu@...cle.com" <jane.chu@...cle.com>,
KY Srinivasan <kys@...rosoft.com>,
"luto@...nel.org" <luto@...nel.org>,
"mingo@...hat.com" <mingo@...hat.com>,
"rostedt@...dmis.org" <rostedt@...dmis.org>,
"seanjc@...gle.com" <seanjc@...gle.com>,
"tony.luck@...el.com" <tony.luck@...el.com>,
jason <jason@...c4.com>,
"nik.borisov@...e.com" <nik.borisov@...e.com>,
"Michael Kelley (LINUX)" <mikelley@...rosoft.com>,
"linux-hyperv@...r.kernel.org" <linux-hyperv@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Tianyu Lan <Tianyu.Lan@...rosoft.com>,
"rick.p.edgecombe@...el.com" <rick.p.edgecombe@...el.com>,
Anthony Davis <andavis@...hat.com>,
Mark Heslin <mheslin@...hat.com>,
vkuznets <vkuznets@...hat.com>,
"xiaoyao.li@...el.com" <xiaoyao.li@...el.com>
Subject: RE: [PATCH v10 1/2] x86/tdx: Retry partially-completed page
conversion hypercalls
> From: Isaku Yamahata <isaku.yamahata@...il.com>
> Sent: Monday, August 14, 2023 12:04 PM
> To: Dexuan Cui <decui@...rosoft.com>
> [...]
>
> On Fri, Aug 11, 2023 at 02:48:25PM -0700,
> Dexuan Cui <decui@...rosoft.com> wrote:
>
> > TDX guest memory is private by default and the VMM may not access it.
> > However, in cases where the guest needs to share data with the VMM,
> > the guest and the VMM can coordinate to make memory shared between
> > them.
> >
> > The guest side of this protocol includes the "MapGPA" hypercall. This
> > call takes a guest physical address range. The hypercall spec (aka.
> > the GHCI) says that the MapGPA call is allowed to return partial
> > progress in mapping this range and indicate that fact with a special
> > error code. A guest that sees such partial progress is expected to
> > retry the operation for the portion of the address range that was not
> > completed.
> >
> > Hyper-V does this partial completion dance when set_memory_decrypted()
> > is called to "decrypt" swiotlb bounce buffers that can be up to 1GB
> > in size. It is evidently the only VMM that does this, which is why
> > nobody noticed this until now.
>
> Now TDX KVM + TDX qemu supports partial completion because TD guest
> can pass
> very large range. e.g. 1GB order. I tested this patch with (patched) TDX
> KVM/qemu.
>
> Reviewed-by: Isaku Yamahata <isaku.yamahata@...el.com>
> Tested-by: Isaku Yamahata <isaku.yamahata@...el.com>
Thanks Isaku for reviewing and testing the patch!
@Dave, may I know if the 2 updated patches look good to you?
Powered by blists - more mailing lists