lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <619071d1-416d-4df6-9acc-775770b82e7e@linux.intel.com>
Date: Thu, 9 Jan 2025 11:20:05 +0800
From: Binbin Wu <binbin.wu@...ux.intel.com>
To: "Huang, Kai" <kai.huang@...el.com>, "seanjc@...gle.com"
 <seanjc@...gle.com>
Cc: "Gao, Chao" <chao.gao@...el.com>,
 "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>,
 "Li, Xiaoyao" <xiaoyao.li@...el.com>,
 "Chatre, Reinette" <reinette.chatre@...el.com>,
 "Hunter, Adrian" <adrian.hunter@...el.com>,
 "tony.lindgren@...ux.intel.com" <tony.lindgren@...ux.intel.com>,
 "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
 "pbonzini@...hat.com" <pbonzini@...hat.com>,
 "Yamahata, Isaku" <isaku.yamahata@...el.com>,
 "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
 "Zhao, Yan Y" <yan.y.zhao@...el.com>
Subject: Re: [PATCH 11/16] KVM: TDX: Always block INIT/SIPI




On 1/9/2025 10:46 AM, Huang, Kai wrote:
> On Thu, 2025-01-09 at 10:26 +0800, Binbin Wu wrote:
>>>>> I think we can just say TDX doesn't support vcpu reset no matter due to
>>>>> INIT event or not.
>>> That's not entirely accurate either though.  TDX does support KVM's version of
>>> RESET, because KVM's RESET is "power-on", i.e. vCPU creation.  Emulation of
>>> runtime RESET is userspace's responsibility.
>>>
>>> The real reason why KVM doesn't do anything during KVM's RESET is that what
>>> little setup KVM does/can do needs to be defered until after guest CPUID is
>>> configured.
>>>
>>> KVM should also WARN if a TDX vCPU gets INIT, no?
>> There was a KVM_BUG_ON() if a TDX vCPU gets INIT in v19, and later it was
>> removed during the cleanup about removing WARN_ON_ONCE() and KVM_BUG_ON().
>>
>> Since INIT/SIPI are always blocked for TDX guests, a delivery of INIT
>> event is a KVM bug and a WARN_ON_ONCE() is appropriate for this case.
> Can TDX guest issue INIT via IPI?  Perhaps KVM_BUG_ON() is safer?
TDX guests are not expected to issue INIT, but it could in theory.
It seems no serous impact if guest does it, not sure it needs to kill the
VM or not.

Also, in this patch, for TDX kvm_apic_init_sipi_allowed() is always
returning false, so vt_vcpu_reset() will not be called with init=true.
Adding a WARN_ON_ONCE() is the guard for the KVM's logic itself,
not the guard for guest behavior.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ