| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAAYXXYyVC0Sm+1PBw=xoYNDV7aa54c_6KTGjMdwVaBAJOd8Hpw@mail.gmail.com> Date: Tue, 28 Oct 2025 10:00:08 -0700 From: Erdem Aktas <erdemaktas@...gle.com> To: dan.j.williams@...el.com Cc: Vishal Annapurve <vannapurve@...gle.com>, Dave Hansen <dave.hansen@...el.com>, Chao Gao <chao.gao@...el.com>, "Reshetova, Elena" <elena.reshetova@...el.com>, "linux-coco@...ts.linux.dev" <linux-coco@...ts.linux.dev>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "x86@...nel.org" <x86@...nel.org>, "Chatre, Reinette" <reinette.chatre@...el.com>, "Weiny, Ira" <ira.weiny@...el.com>, "Huang, Kai" <kai.huang@...el.com>, "yilun.xu@...ux.intel.com" <yilun.xu@...ux.intel.com>, "sagis@...gle.com" <sagis@...gle.com>, "paulmck@...nel.org" <paulmck@...nel.org>, "nik.borisov@...e.com" <nik.borisov@...e.com>, Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>, "H. Peter Anvin" <hpa@...or.com>, Ingo Molnar <mingo@...hat.com>, "Kirill A. Shutemov" <kas@...nel.org>, Paolo Bonzini <pbonzini@...hat.com>, "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>, Thomas Gleixner <tglx@...utronix.de> Subject: Re: [PATCH v2 00/21] Runtime TDX Module update support On Mon, Oct 27, 2025 at 7:14 PM <dan.j.williams@...el.com> wrote: > > Vishal Annapurve wrote: > [..] > > Problem 2 should be solved in the TDX module as it is the state owner > > and should be given a chance to ensure that nothing else can affect > > it's state. Kernel is just opting-in to toggle the already provided > > TDX module ABI. I don't think this is adding complexity to the kernel. > > It makes the interface hard to reason about, that is complexity. Could you clarify what you mean here? What interface do you need to reason about? TDX module has a feature as described in its spec, this is nothing to do with the kernel. Kernel executes the TDH.SYS.SHUTDOWN and if it fails, it will return the error code back to the user space. There is nothing here to reason about and it is not clear how it is adding the complexity to the kernel. > > Consider an urgent case where update is more important than the > consistency of ongoing builds. The kernel's job is its own self > consistency and security model, when that remains in tact root is > allowed to make informed decisions. > The whole update is initiated by the userspace, imo, it is not the kernel's job to decide what to do. It should try to update the TDX module and return error code back to the userspace if it fails. it is up to the userspace to resolve the conflict and retry the installation. If you are saying that the userspace is not trusted for such a critical action, again the whole process is initiated and controlled by the userspace so there is an inherent trust there. Consistency? How does td preserve failure impact the kernel consistency? On the contrary, bypassing AVOID_COMPAT_SENSITIVE will break the consistency for some TDs. > You might say, well add a --force option for that, and that is also > userspace prerogative to perform otherwise destructive operations with > the degrees of freedom the kernel allows. IMO, It is something userspace should decide, kernel's job is to provide the necessary interface about it. > > I think we have reached the useful end of this thread. I support moving > ahead with the dead simple, "this may clobber your builds", for now. We > can always circle back to add more complexity later if that proves "too > simple" in practice. > It is not clear how you reached that conclusion. We are one of the users for this feature and we have multiple times explained that we prefer failure on update if there is any risk of corrupting some TD states. I did not see any other feedback/preference from other users and I did not see any reasonable argument why you are preferring the "clobber your builds" option. Also the "clobber your builds" option will impact the TDX live migration, considering the TDX live migration is WIP, it will be definitely very hard to foresee the challenges there you are introducing with this decision. How about TDX connect? Are we going to come back and keep updating this every time we find an issue? Since the update process is initiated and controlled by userspace, it is the userspace application's prerogative to make the informed decision on whether an urgent update warrants potentially destructive actions. The kernel's role is to provide a reliable mechanism to interact with the TDX Module and report outcomes accurately. Ideally, ABI should allow userpace to provide flags which can be also used to configure the TD preserve update option. If you do not want to change ABI, you can make those as module param so userspace can make a decision by itself. To address some of your previous concerns: It shifts complexity to userspace which is something everyone here seems to prefer. The problem is that the TD Preserve update would corrupt the TDs who are in the build stage (also impacts TDX LM and possibly some TDX connect functionalities) and since the TDX module would know about it, this will make sure that they will not be corrupted hence it is a fix for a problem. TDH.SYS.SHUTDOWN may not succeed due to multiple reasons like TDX_SYS_BUSY therefore it needs to handle the error cases anyway and should return the error to the userspace. Now userspace can decide whatever logic it has to finish/cancel the existing tdbuilds and retry the tdpreserve update. You might be concerned about forward progress. As I said above, there might be some other cases which might prevent the td preserve update to succeed so forward progress is not guaranteed anyway and it is not the kernel's job to figure it out. It will return the error code back to userspace and let the userspace resolve the conflict.
Powered by blists - more mailing lists