| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a6ba22a3-4e4b-40be-a196-79ae2265a97e@redhat.com> Date: Wed, 14 Aug 2024 18:31:14 +0200 From: Paolo Bonzini <pbonzini@...hat.com> To: Sean Christopherson <seanjc@...gle.com> Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org, Peter Gonda <pgonda@...gle.com>, Michael Roth <michael.roth@....com>, Vishal Annapurve <vannapurve@...gle.com>, Ackerly Tng <ackerleytng@...gle.com> Subject: Re: [PATCH 01/22] KVM: x86: Disallow read-only memslots for SEV-ES and SEV-SNP (and TDX) On 8/9/24 21:02, Sean Christopherson wrote: > Disallow read-only memory for all VMs with protected state, i.e. for > upcoming TDX VMs as well as ES/SNP VMs. For TDX, it's actually possible > to support read-only memory, as TDX uses EPT Violation #VE to reflect the > fault into the guest, e.g. KVM could configure read-only SPTEs with RX > protections and SUPPRESS_VE=0. But there is no strong use case for > supporting read-only memslots on TDX, e.g. the main historical usage is > to emulate option ROMs, but TDX disallows executing from shared memory. > And if someone comes along with a legitimate, strong use case, the > restriction can always be lifted for TDX. > > Don't bother trying to retroactively apply the restriction to SEV-ES > VMs that are created as type KVM_X86_DEFAULT_VM. Read-only memslots can't > possibly work for SEV-ES, i.e. disallowing such memslots is really just > means reporting an error to userspace instead of silently hanging vCPUs. > Trying to deal with the ordering between KVM_SEV_INIT and memslot creation > isn't worth the marginal benefit it would provide userspace. Queuing this one for 6.11, thanks. Paolo
Powered by blists - more mailing lists