lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZgU9/61//F17r1nw@chao-email>
Date: Thu, 28 Mar 2024 17:53:03 +0800
From: Chao Gao <chao.gao@...el.com>
To: Xiaoyao Li <xiaoyao.li@...el.com>
CC: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>, "Yamahata, Isaku"
	<isaku.yamahata@...el.com>, "Zhang, Tina" <tina.zhang@...el.com>,
	"seanjc@...gle.com" <seanjc@...gle.com>, "Huang, Kai" <kai.huang@...el.com>,
	"sean.j.christopherson@...el.com" <sean.j.christopherson@...el.com>, "Chen,
 Bo2" <chen.bo@...el.com>, "sagis@...gle.com" <sagis@...gle.com>,
	"isaku.yamahata@...ux.intel.com" <isaku.yamahata@...ux.intel.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "Aktas, Erdem"
	<erdemaktas@...gle.com>, "isaku.yamahata@...il.com"
	<isaku.yamahata@...il.com>, "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
	"Yuan, Hang" <hang.yuan@...el.com>, "pbonzini@...hat.com"
	<pbonzini@...hat.com>
Subject: Re: [PATCH v19 059/130] KVM: x86/tdp_mmu: Don't zap private pages
 for unsupported cases

On Thu, Mar 28, 2024 at 08:06:53AM +0800, Xiaoyao Li wrote:
>On 3/28/2024 1:36 AM, Edgecombe, Rick P wrote:
>> On Wed, 2024-03-27 at 10:54 +0800, Xiaoyao Li wrote:
>> > > > If QEMU doesn't configure the msr filter list correctly, KVM has to handle
>> > > > guest's MTRR MSR accesses. In my understanding, the
>> > > > suggestion is KVM zap private memory mappings.
>
>TDX spec states that
>
>  18.2.1.4.1 Memory Type for Private and Opaque Access
>
>  The memory type for private and opaque access semantics, which use a
>  private HKID, is WB.
>
>  18.2.1.4.2 Memory Type for Shared Accesses
>
>  Intel SDM, Vol. 3, 28.2.7.2 Memory Type Used for Translated Guest-
>  Physical Addresses
>
>  The memory type for shared access semantics, which use a shared HKID,
>  is determined as described below. Note that this is different from the
>  way memory type is determined by the hardware during non-root mode
>  operation. Rather, it is a best-effort approximation that is designed
>  to still allow the host VMM some control over memory type.
>    • For shared access during host-side (SEAMCALL) flows, the memory
>      type is determined by MTRRs.
>    • For shared access during guest-side flows (VM exit from the guest
>      TD), the memory type is determined by a combination of the Shared
>      EPT and MTRRs.
>      o If the memory type determined during Shared EPT walk is WB, then
>        the effective memory type for the access is determined by MTRRs.
>      o Else, the effective memory type for the access is UC.
>
>My understanding is that guest MTRR doesn't affect the memory type for
>private memory. So we don't need to zap private memory mappings.

This isn't related to the discussion. IIUC, this is the memory type used
by TDX module code to access shared/private memory.

I didn't suggest zapping private memory. It is my understanding about what
we will end up with, if KVM relies on QEMU to filter MTRR MSRs but somehow
QEMU fails to do that.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ