lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240717213441.aanzz2aa7322mvja@amd.com>
Date: Wed, 17 Jul 2024 16:34:41 -0500
From: Michael Roth <michael.roth@....com>
To: Paolo Bonzini <pbonzini@...hat.com>
CC: <linux-kernel@...r.kernel.org>, <kvm@...r.kernel.org>, <seanjc@...gle.com>
Subject: Re: [PATCH 07/12] KVM: guest_memfd: make kvm_gmem_prepare_folio()
 operate on a single struct kvm

On Thu, Jul 11, 2024 at 06:27:50PM -0400, Paolo Bonzini wrote:
> This is now possible because preparation is done by kvm_gmem_get_pfn()
> instead of fallocate().  In practice this is not a limitation, because
> even though guest_memfd can be bound to multiple struct kvm, for
> hardware implementations of confidential computing only one guest
> (identified by an ASID on SEV-SNP, or an HKID on TDX) will be able
> to access it.
> 
> In the case of intra-host migration (not implemented yet for SEV-SNP,
> but we can use SEV-ES as an idea of how it will work), the new struct
> kvm inherits the same ASID and preparation need not be repeated.
> 
> Signed-off-by: Paolo Bonzini <pbonzini@...hat.com>

Reviewed-by: Michael Roth <michael.roth@....com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ