| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Dec 2021 16:23:33 -0600
From: Tom Lendacky <thomas.lendacky@....com>
To: Dave Hansen <dave.hansen@...el.com>,
Tianyu Lan <ltykernel@...il.com>, kys@...rosoft.com,
haiyangz@...rosoft.com, sthemmin@...rosoft.com, wei.liu@...nel.org,
decui@...rosoft.com, tglx@...utronix.de, mingo@...hat.com,
bp@...en8.de, dave.hansen@...ux.intel.com, x86@...nel.org,
hpa@...or.com, davem@...emloft.net, kuba@...nel.org,
jejb@...ux.ibm.com, martin.petersen@...cle.com, arnd@...db.de,
hch@...radead.org, m.szyprowski@...sung.com, robin.murphy@....com,
Tianyu.Lan@...rosoft.com, michael.h.kelley@...rosoft.com
Cc: iommu@...ts.linux-foundation.org, linux-arch@...r.kernel.org,
linux-hyperv@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-scsi@...r.kernel.org, netdev@...r.kernel.org,
vkuznets@...hat.com, brijesh.singh@....com, konrad.wilk@...cle.com,
hch@....de, joro@...tes.org, parri.andrea@...il.com
Subject: Re: [PATCH V7 1/5] swiotlb: Add swiotlb bounce buffer remap function
for HV IVM
On 12/14/21 12:40 PM, Dave Hansen wrote:
> On 12/13/21 8:36 PM, Tianyu Lan wrote:
>> On 12/14/2021 12:45 AM, Dave Hansen wrote:
>>> On 12/12/21 11:14 PM, Tianyu Lan wrote:
>>>> In Isolation VM with AMD SEV, bounce buffer needs to be accessed via
>>>> extra address space which is above shared_gpa_boundary (E.G 39 bit
>>>> address line) reported by Hyper-V CPUID ISOLATION_CONFIG. The access
>>>> physical address will be original physical address +
>>>> shared_gpa_boundary.
>>>> The shared_gpa_boundary in the AMD SEV SNP spec is called virtual top of
>>>> memory(vTOM). Memory addresses below vTOM are automatically treated as
>>>> private while memory above vTOM is treated as shared.
>>>
>>> This seems to be independently reintroducing some of the SEV
>>> infrastructure. Is it really OK that this doesn't interact at all with
>>> any existing SEV code?
>>>
>>> For instance, do we need a new 'swiotlb_unencrypted_base', or should
>>> this just be using sme_me_mask somehow?
>>
>> Thanks for your review. Hyper-V provides a para-virtualized
>> confidential computing solution based on the AMD SEV function and not
>> expose sev&sme capabilities to guest. So sme_me_mask is unset in the
>> Hyper-V Isolation VM. swiotlb_unencrypted_base is more general solution
>> to handle such case of different address space for encrypted and
>> decrypted memory and other platform also may reuse it.
>
> I don't really understand how this can be more general any *not* get
> utilized by the existing SEV support.
The Virtual Top-of-Memory (VTOM) support is an SEV-SNP feature that is
meant to be used with a (relatively) un-enlightened guest. The idea is
that the C-bit in the guest page tables must be 0 for all accesses. It is
only the physical address relative to VTOM that determines if the access
is encrypted or not. So setting sme_me_mask will actually cause issues
when running with this feature. Since all DMA for an SEV-SNP guest must
still be to shared (unencrypted) memory, some enlightenment is needed. In
this case, memory mapped above VTOM will provide that via the SWIOTLB
update. For SEV-SNP guests running with VTOM, they are likely to also be
running with the Reflect #VC feature, allowing a "paravisor" to handle any
#VCs generated by the guest.
See sections 15.36.8 "Virtual Top-of-Memory" and 15.36.9 "Reflect #VC" in
volume 2 of the AMD APM [1].
I'm not sure if that will answer your question or generate more :)
Thanks,
Tom
[1] https://www.amd.com/system/files/TechDocs/24593.pdf
>
Powered by blists - more mailing lists