| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Nov 2023 10:21:19 +0100
From: Borislav Petkov <bp@...en8.de>
To: "Reshetova, Elena" <elena.reshetova@...el.com>
Cc: Jeremi Piotrowski <jpiotrowski@...ux.microsoft.com>,
"linux-hyperv@...r.kernel.org" <linux-hyperv@...r.kernel.org>,
"stefan.bader@...onical.com" <stefan.bader@...onical.com>,
"tim.gardner@...onical.com" <tim.gardner@...onical.com>,
"roxana.nicolescu@...onical.com" <roxana.nicolescu@...onical.com>,
"cascardo@...onical.com" <cascardo@...onical.com>,
"kys@...rosoft.com" <kys@...rosoft.com>,
"haiyangz@...rosoft.com" <haiyangz@...rosoft.com>,
"wei.liu@...nel.org" <wei.liu@...nel.org>,
"sashal@...nel.org" <sashal@...nel.org>,
"stable@...r.kernel.org" <stable@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"H. Peter Anvin" <hpa@...or.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Ingo Molnar <mingo@...hat.com>,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
Michael Kelley <mhkelley58@...il.com>,
Nikolay Borisov <nik.borisov@...e.com>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>,
Tom Lendacky <thomas.lendacky@....com>,
"x86@...nel.org" <x86@...nel.org>,
"Cui, Dexuan" <decui@...rosoft.com>
Subject: Re: [PATCH v1 1/3] x86/tdx: Check for TDX partitioning during early
TDX init
On Thu, Nov 30, 2023 at 08:31:03AM +0000, Reshetova, Elena wrote:
> No threats whatsoever,
I don't mean you - others. :-)
> I just truly don’t know details of SEV architecture on this and how it
> envisioned to operate under this nesting scenario. I raised this
> point to see if we can build the common understanding on this. My
> personal understanding (please correct me) was that SEV would also
> allow different types of L2 guests, so I think we should be aligning
> on this.
Yes, makes sense. The only L2 thing I've heard of is some Azure setup.
> Yes, agree, so what are our options and overall strategy on this? We
> can try to push as much as possible complexity into L1 VMM in this
> scenario to keep the guest kernel almost free from these sprinkling
> differences.
I like that angle. :)
> Afterall the L1 VMM can emulate whatever it wants for the guest.
> We can also see if there is a true need to add another virtualization
> abstraction here, i.e. "nested encrypted guest".
Yes, that too. I'm sceptical but there are use cases with that paravisor
thing and being able to run an unmodified guest, i.e., something like
a very old OS which no one develops anymore but customers simply can't
part ways with it for raisins.
> Any other options we should be considering as overall strategy?
The less the kernel knows about guests, the better, I'd say.
The other thing I'm missing most of the time is, people come with those
patches enabling this and that but nowhere does it say: "we would love
to have this because of this great idea we had" or "brings so much more
performance" or "amazing code quality imrpovement" or, or other great
reason.
Rather, it is "yeah, we do this and you should support it". Well, nope.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists