lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 30 Nov 2023 08:31:03 +0000
From:   "Reshetova, Elena" <elena.reshetova@...el.com>
To:     Borislav Petkov <bp@...en8.de>,
        Jeremi Piotrowski <jpiotrowski@...ux.microsoft.com>
CC:     "linux-hyperv@...r.kernel.org" <linux-hyperv@...r.kernel.org>,
        "stefan.bader@...onical.com" <stefan.bader@...onical.com>,
        "tim.gardner@...onical.com" <tim.gardner@...onical.com>,
        "roxana.nicolescu@...onical.com" <roxana.nicolescu@...onical.com>,
        "cascardo@...onical.com" <cascardo@...onical.com>,
        "kys@...rosoft.com" <kys@...rosoft.com>,
        "haiyangz@...rosoft.com" <haiyangz@...rosoft.com>,
        "wei.liu@...nel.org" <wei.liu@...nel.org>,
        "sashal@...nel.org" <sashal@...nel.org>,
        "stable@...r.kernel.org" <stable@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "H. Peter Anvin" <hpa@...or.com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        "Ingo Molnar" <mingo@...hat.com>,
        "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
        Michael Kelley <mhkelley58@...il.com>,
        Nikolay Borisov <nik.borisov@...e.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Tom Lendacky <thomas.lendacky@....com>,
        "x86@...nel.org" <x86@...nel.org>,
        "Cui, Dexuan" <decui@...rosoft.com>
Subject: RE: [PATCH v1 1/3] x86/tdx: Check for TDX partitioning during early
 TDX init


> On Thu, Nov 30, 2023 at 07:08:00AM +0000, Reshetova, Elena wrote:
> > ...
> > 3. Normal TDX 1.0 guest that is unaware that it runs in partitioned
> >    environment
> > 4. and so on
> 
> There's a reason I call it a virt zoo.
> 
> > I don’t know if AMD architecture would support all this spectrum of
> > the guests through.
> 
> I hear threats...

No threats whatsoever, I just truly don’t know details of SEV architecture
on this and how it envisioned to operate under this nesting scenario.
I raised this point to see if we can build the common understanding 
on this. My personal understanding (please correct me) was that SEV
would also allow different types of L2 guests, so I think we should be
aligning on this.  

> 
> > Instead we should have a flexible way for the L2 guest to discover
> > the virt environment it runs in (as modelled by L1 VMM) and the
> > baseline should not to assume it is a TDX or SEV guest, but assume
> > this is some special virt guest (or legacy guest, whatever approach
> > is cleaner) and expose additional interfaces to it.
> 
> You can do flexible all you want but all that guest zoo is using the
> kernel. The same code base which boots on gazillion incarnations of real
> hardware. And we have trouble keeping that code base clean already.

Fully agree, I wasn’t objecting this. What I was objecting is to make
explicit assumptions on what the L2 guest under TDX partitioning is. 

> 
> Now, all those weird guests come along, they're more or less
> "compatible" but not fully. So they have to do an exception here,
> disable some feature there which they don't want/support/cannot/bla. Or
> they use a paravisor which does *some* of the work for them so that
> needs to be accomodated too.
> 
> And so they start sprinkling around all those "differences" around the
> kernel. And turn it into an unmaintainable mess. We've been here before
> - last time it was called "if (XEN)"... and we're already getting there
> again only with two L1 encrypted guests technologies. I'm currently
> working on trimming down some of the SEV mess we've already added...
> 
> So - and I've said this a bunch of times already - whatever guest type
> it is, its interaction with the main kernel better be properly designed
> and abstracted away so that it doesn't turn into a mess.

Yes, agree, so what are our options and overall strategy on this? 
We can try to push as much as possible complexity into L1 VMM in this
scenario to keep the guest kernel almost free from these sprinkling differences.
Afterall the L1 VMM can emulate whatever it wants for the guest.
We can also see if there is a true need to add another virtualization
abstraction here, i.e. "nested encrypted guest". But to justify this one
we need to have usecases/scenarios where L1 VMM actually cannot run
L2 guest (legacy or TDX enabled) as it is. 
@Jeremi Piotrowski do you have such usecase/scenarios you can describe?

Any other options we should be considering as overall strategy? 

Best Regards,
Elena.

> 
> Thx.
> 
> --
> Regards/Gruss,
>     Boris.
> 
> https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ