From: Sean Christopherson <seanjc@google.com>
To: Rick P Edgecombe <rick.p.edgecombe@intel.com>
Cc: Xiaoyao Li <xiaoyao.li@intel.com>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"pbonzini@redhat.com" <pbonzini@redhat.com>
Subject: Re: [RFC] TDX module configurability of 0x80000008
Date: Thu, 25 Apr 2024 16:28:57 -0700 [thread overview]
Message-ID: <ZirnOf10fJh3vWJ-@google.com> (raw)
In-Reply-To: <f01c6dc3087161353331538732edc4c5715b49ed.camel@intel.com>
On Thu, Apr 25, 2024, Rick P Edgecombe wrote:
> On Thu, 2024-04-25 at 15:53 -0700, Sean Christopherson wrote:
> > > Hmm. I'll mention this, but I don't see why KVM needs the TDX module to
> > > filter
> > > it. It seems in the range of userspace being allowed to create nonsense
> > > configurations that only hurt its own guest.
> >
> > Because the whole point of TDX is to protect the guest from the bad, naughty
> > host?
>
> DOS naughtiness by the host is allowed though.
>
> >
> > > If we think the TDX module should do it, then maybe we should have KVM
> > > sanity filter these out today in preparation.
> >
> > Nope. KVM isn't in the guest's TCB, TDX is. KVM's stance is that
> > userspace is responsible for providing a sane vCPU model, because defining
> > what is "sane" is extremely difficult unless the definition is super
> > prescriptive, a la TDX.
> >
> > E.g. letting the host map something that TDX's spec says will cause #VE would
> > create a novel attack surface.
>
> I thought that the shared half could be mapped in that range unless KVM gets
> involved. But, no, as long as we tie GPAW, 23:16, ept-level all together, then
> mapping something above it won't even make sense.
>
> I don't see attack surface risk immediately. I expect this will get more
> internal scrutiny in that regard though.
Oooh, I thought you were talking about KVM mapping a private GPA address in S-EPT
above the reported GPAW. In hindsight, I don't know _why_ I thought that.
Yeah, trying to sanity check the shared EPT in the TDX module would be comically
pointless.
next prev parent reply other threads:[~2024-04-25 23:28 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-24 16:55 [RFC] TDX module configurability of 0x80000008 Edgecombe, Rick P
2024-04-25 15:09 ` Xiaoyao Li
2024-04-25 16:31 ` Edgecombe, Rick P
2024-04-25 16:59 ` Sean Christopherson
2024-04-25 18:20 ` Edgecombe, Rick P
2024-04-25 21:39 ` Sean Christopherson
2024-04-25 22:41 ` Edgecombe, Rick P
2024-04-25 22:53 ` Sean Christopherson
2024-04-25 23:08 ` Edgecombe, Rick P
2024-04-25 23:28 ` Sean Christopherson [this message]
2024-04-25 23:38 ` Edgecombe, Rick P
2024-05-06 18:40 ` Edgecombe, Rick P
2024-05-07 14:22 ` Chao Gao
2024-05-07 14:49 ` Edgecombe, Rick P
2024-05-07 16:21 ` Sean Christopherson
2024-05-07 16:41 ` Xiaoyao Li
2024-05-07 17:11 ` Sean Christopherson
2024-05-08 7:50 ` Xiaoyao Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZirnOf10fJh3vWJ-@google.com \
--to=seanjc@google.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.