lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c98556099074f52af1c81ec1e82f89bec92cb7cd.camel@intel.com>
Date: Mon, 2 Dec 2024 19:24:16 +0000
From: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
To: "Hunter, Adrian" <adrian.hunter@...el.com>, "seanjc@...gle.com"
	<seanjc@...gle.com>
CC: "kvm@...r.kernel.org" <kvm@...r.kernel.org>, "Li, Xiaoyao"
	<xiaoyao.li@...el.com>, "Huang, Kai" <kai.huang@...el.com>, "Zhao, Yan Y"
	<yan.y.zhao@...el.com>, "dave.hansen@...ux.intel.com"
	<dave.hansen@...ux.intel.com>, "dmatlack@...gle.com" <dmatlack@...gle.com>,
	"Yang, Weijiang" <weijiang.yang@...el.com>, "Chatre, Reinette"
	<reinette.chatre@...el.com>, "pbonzini@...hat.com" <pbonzini@...hat.com>,
	"binbin.wu@...ux.intel.com" <binbin.wu@...ux.intel.com>, "Yamahata, Isaku"
	<isaku.yamahata@...el.com>, "nik.borisov@...e.com" <nik.borisov@...e.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "Gao, Chao"
	<chao.gao@...el.com>, "tony.lindgren@...ux.intel.com"
	<tony.lindgren@...ux.intel.com>, "x86@...nel.org" <x86@...nel.org>
Subject: Re: [PATCH 7/7] KVM: TDX: Add TSX_CTRL msr into uret_msrs list

On Mon, 2024-12-02 at 11:07 -0800, Sean Christopherson wrote:
> > guest_can_use() is per-vcpu whereas we are currently using the
> > CPUID from TD_PARAMS (as per spec) before there are any VCPU's.
> > It is a bit of a disconnect so let's keep tsx_supported for now.
> 
> No, as was agreed upon[*], KVM needs to ensure consistency between what KVM
> sees
> as guest CPUID and what is actually enabled/exposed to the guest.  If there
> are
> no vCPUs, then there's zero reason to snapshot the value in kvm_tdx.  And if
> there
> are vCPUs, then their CPUID info needs to be consistent with respect to
> TDPARAMS.

Small point - the last conversation[0] we had on this was to let *userspace*
ensure consistency between KVM's CPUID (i.e. KVM_SET_CPUID2) and the TDX
Module's view. So the configuration goes:
1. Userspace configures per-VM CPU features
2. Userspace gets TDX Module's final per-vCPU version of CPUID configuration via
KVM API
3. Userspace calls KVM_SET_CPUID2 with the merge of TDX Module's version, and
userspace's desired values for KVM "owned" CPUID leads (pv features, etc)

But KVM's knowledge of CPUID bits still remains per-vcpu for TDX in any case.

> 
>  - Don't hardcode fixed/required CPUID values in KVM, use available metadata
>    from TDX Module to reject "bad" guest CPUID (or let the TDX module
> reject?).
>    I.e. don't let a guest silently run with a CPUID that diverges from what
>    userspace provided.

The latest QEMU patches have this fixed bit data hardcoded in QEMU. Then the
long term solution is to make the TDX module return this data. Xiaoyao will post
a proposal on how the TDX module should expose this soon.

> 
> [*] https://lore.kernel.org/all/20240405165844.1018872-1-seanjc@google.com


[0]https://lore.kernel.org/kvm/CABgObfaobJ=G18JO9Jx6-K2mhZ2saVyLY-tHOgab1cJupOe-0Q@mail.gmail.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ