| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aO2QJ-YapvJXxE1z@google.com> Date: Mon, 13 Oct 2025 16:49:59 -0700 From: Sean Christopherson <seanjc@...gle.com> To: dan.j.williams@...el.com Cc: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org, "Kirill A. Shutemov" <kas@...nel.org>, Paolo Bonzini <pbonzini@...hat.com>, linux-kernel@...r.kernel.org, linux-coco@...ts.linux.dev, kvm@...r.kernel.org, Chao Gao <chao.gao@...el.com>, Xin Li <xin@...or.com>, Kai Huang <kai.huang@...el.com>, Adrian Hunter <adrian.hunter@...el.com>, aik@....com Subject: Re: [RFC PATCH 0/4] KVM: x86/tdx: Have TDX handle VMXON during bringup On Mon, Oct 13, 2025, dan.j.williams@...el.com wrote: > > Emphasis on "only", because leaving VMCS tracking and clearing in KVM is > > another key difference from Xin's series. The "light bulb" moment on that > > front is that TDX isn't a hypervisor, and isn't trying to be a hypervisor. > > Specifically, TDX should _never_ have it's own VMCSes (that are visible to the > > host; the TDX-Module has it's own VMCSes to do SEAMCALL/SEAMRET), and so there > > is simply no reason to move that functionality out of KVM. > > > > With that out of the way, dealing with VMXON/VMXOFF and EFER.SVME is a fairly > > simple refcounting game. > > > > Oh, and I didn't bother looking to see if it would work, but if TDX only needs > > VMXON during boot, then the TDX use of VMXON could be transient. > > With the work-in-progress "Host Services", the expectation is that VMX > would remain on especially because there is no current way to de-init > TDX. What are Host Services? > Now, the "TDX always-on even outside of Host Services" this series is > proposing gives me slight pause. I.e. Any resources that TDX gobbles, or > features that TDX is incompatible (ACPI S3), need a trip through a BIOS > menu to turn off. However, if that becomes a problem in practice we can > circle back later to fix that up. Oooh, by "TDX always-on" you mean invoking tdx_enable() during boot, as opposed to throwing it into a loadable module. To be honest, I completely missed the whole PAMT allocation and imcompatible features side of things. And Rick already pointed out that doing tdx_enable() during tdx_init() would be far too early. So it seems like the simple answer is to continue to have __tdx_bringup() invoke tdx_enable(), but without all the caveats about the caller needed to hold the CPUs lock, be post-VMXON, etc. > > could simply blast on_each_cpu() and forego the cpuhp and syscore hooks (a > > non-emergency reboot during init isn't possible). I don't particuarly care > > what TDX does, as it's a fairly minor detail all things concerned. I went with > > the "harder" approach, e.g. to validate keeping the VMXON users count elevated > > would do the right thing with respect to CPU offlining, etc. > > > > Lightly tested (see the hacks below to verify the TDX side appears to do what > > it's supposed to do), but it seems to work? Heavily RFC, e.g. the third patch > > in particular needs to be chunked up, I'm sure there's polishing to be done, > > etc. > > Sounds good and I read this as "hey, this is the form I would like to > see, when someone else cleans this up and sends it back to me as a > non-RFC". Actually, I think I can take it forward. Knock wood, but I don't think there's all that much left to be done. Heck, even writing the code for the initial RFC was a pretty short adventure once I had my head wrapped around the concept.
Powered by blists - more mailing lists