| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3ea89d7f-fc29-4c80-a123-94673e526ca5@amazon.com> Date: Thu, 15 Aug 2024 12:08:05 -0700 From: "Manwaring, Derek" <derekmn@...zon.com> To: David Hildenbrand <david@...hat.com>, Elliot Berman <quic_eberman@...cinc.com>, Andrew Morton <akpm@...ux-foundation.org>, "Paolo Bonzini" <pbonzini@...hat.com>, Sean Christopherson <seanjc@...gle.com>, "Fuad Tabba" <tabba@...gle.com>, Patrick Roy <roypat@...zon.co.uk>, <qperret@...gle.com>, Ackerley Tng <ackerleytng@...gle.com> CC: <linux-coco@...ts.linux.dev>, <linux-arm-msm@...r.kernel.org>, <linux-kernel@...r.kernel.org>, <linux-mm@...ck.org>, <kvm@...r.kernel.org>, Alexander Graf <graf@...zon.de>, Moritz Lipp <mlipp@...zon.at>, "Claudio Canella" <canellac@...zon.at> Subject: Re: [PATCH RFC 3/4] mm: guest_memfd: Add option to remove guest private memory from direct map On 2024-08-07 17:16-0700 Derek Manwaring wrote: > All that said, we're also dependent on hardware not being subject to > L1TF-style issues for the currently proposed non-CoCo method to be > effective. We're simply clearing the Present bit while the physmap PTE > still points to the guest physical page. I was wrong here. The set_direct_map_invalid_noflush implementation moves through __change_page_attr and pfn_pte, eventually arriving at flip_protnone_guard where the PFN is inverted & thus no longer valid for pages marked not present. So we do benefit from that prior work's extra protection against L1TF. Thank you for finding this, Patrick. Derek
Powered by blists - more mailing lists