From: Sean Christopherson <seanjc@google.com>
To: Steve Rutherford <srutherford@google.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>,
Ashish Kalra <ashish.kalra@amd.com>,
"pbonzini@redhat.com" <pbonzini@redhat.com>,
"joro@8bytes.org" <joro@8bytes.org>,
"Lendacky, Thomas" <Thomas.Lendacky@amd.com>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"venu.busireddy@oracle.com" <venu.busireddy@oracle.com>,
Will Deacon <will@kernel.org>,
Quentin Perret <qperret@google.com>
Subject: Re: [PATCH v10 10/16] KVM: x86: Introduce KVM_GET_SHARED_PAGES_LIST ioctl
Date: Tue, 9 Mar 2021 11:42:56 -0800 [thread overview]
Message-ID: <YEfPwD6/XiTp7v0y@google.com> (raw)
In-Reply-To: <CABayD+ftv5DNdXj-Bs8MXGeFNKx7-aTt99fPuD2R6w1mJ2u8TQ@mail.gmail.com>
On Mon, Mar 08, 2021, Steve Rutherford wrote:
> On Mon, Mar 8, 2021 at 1:11 PM Brijesh Singh <brijesh.singh@amd.com> wrote:
> > On 3/8/21 1:51 PM, Sean Christopherson wrote:
> > > If the guest does the hypercall after writing the page, then the guest is hosed
> > > if it gets migrated while writing the page (scenario #1):
> > >
> > > vCPU Userspace
> > > zero_bytes[0:N]
> > > <transfers written bytes as private instead of shared>
> > > <migrates vCPU>
> > > zero_bytes[N+1:4095]
> > > set_shared (dest)
> > > kaboom!
> >
> >
> > Maybe I am missing something, this is not any different from a normal
> > operation inside a guest. Making a page shared/private in the page table
> > does not update the content of the page itself. In your above case, I
> > assume zero_bytes[N+1:4095] are written by the destination VM. The
> > memory region was private in the source VM page table, so, those writes
> > will be performed encrypted. The destination VM later changed the memory
> > to shared, but nobody wrote to the memory after it has been transitioned
> > to the shared, so a reader of the memory should get ciphertext and
> > unless there was a write after the set_shared (dest).
Sorry, that wasn't clear, there's an implied page table update to make the page
shared before zero_bytes.
> > > If userspace does GET_DIRTY after GET_LIST, then the host would transfer bad
> > > data by consuming a stale list (scenario #2):
> > >
> > > vCPU Userspace
> > > get_list (from KVM or internally)
> > > set_shared (src)
> > > zero_page (src)
> > > get_dirty
> > > <transfers private data instead of shared>
> > > <migrates vCPU>
> > > kaboom!
> >
> >
> > I don't remember how things are done in recent Ashish Qemu/KVM patches
> > but in previous series, the get_dirty() happens before the querying the
> > encrypted state. There was some logic in VMM to resync the encrypted
> > bitmap during the final migration stage and perform any additional data
> > transfer since last sync.
It's likely that Ashish's patches did the correct thing, I just wanted to point
out that both host and guest need to do everything in a very specific order.
> > > If both guest and host order things to avoid #1 and #2, the host can still
> > > migrate the wrong data (scenario #3):
> > >
> > > vCPU Userspace
> > > set_private
> > > zero_bytes[0:4096]
> > > get_dirty
> > > set_shared (src)
> > > get_list
> > > <transfers as shared instead of private>
> > > <migrates vCPU>
> > > set_private (dest)
> > > kaboom!
> >
> >
> > Since there was no write to the memory after the set_shared (src), so
> > the content of the page should not have changed. After the set_private
> > (dest), the caller should be seeing the same content written by the
> > zero_bytes[0:4096]
>
> I think Sean was going for the situation where the VM has moved to the
> destination, which would have changed the VEK. That way the guest
> would be decrypting the old ciphertext with the new (wrong) key.
I think that's what I was saying?
I was pointing out that the userspace VMM would see the page as "shared" and so
read the guest memory directly instead of routing it through the PSP.
Anyways, my intent wasn't to point out a known issue anywhere. I was working
through how GET_LIST would interact with GET_DIRTY_LOG to convince myself that
the various flows were bombproof. I wanted to record those thoughts so that I
can remind myself of the requirements when I inevitably forget them in the future.
> > > Scenario #3 is unlikely, but plausible, e.g. if the guest bails from its
> > > conversion flow for whatever reason, after making the initial hypercall. Maybe
> > > it goes without saying, but to address #3, the guest must consider existing data
> > > as lost the instant it tells the host the page has been converted to a different
> > > type.
> > >
> > >> For the above reason if we do in-kernel hypercall handling for page
> > >> encryption status (which we probably won't require for SEV-SNP &
> > >> correspondingly there will be no hypercall exiting),
> > > As above, that doesn't preclude KVM from exiting to userspace on conversion.
> > >
> > >> then we can implement a standard GET/SET ioctl interface to get/set the guest
> > >> page encryption status for userspace, which will work across SEV, SEV-ES and
> > >> SEV-SNP.
next prev parent reply other threads:[~2021-03-09 19:43 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-04 0:35 [PATCH v10 00/17] Add AMD SEV guest live migration support Ashish Kalra
2021-02-04 0:36 ` [PATCH v10 01/16] KVM: SVM: Add KVM_SEV SEND_START command Ashish Kalra
2021-02-04 0:36 ` [PATCH v10 02/16] KVM: SVM: Add KVM_SEND_UPDATE_DATA command Ashish Kalra
2021-02-04 0:37 ` [PATCH v10 03/16] KVM: SVM: Add KVM_SEV_SEND_FINISH command Ashish Kalra
2021-02-04 0:37 ` [PATCH v10 04/16] KVM: SVM: Add support for KVM_SEV_RECEIVE_START command Ashish Kalra
2021-02-04 0:37 ` [PATCH v10 05/16] KVM: SVM: Add KVM_SEV_RECEIVE_UPDATE_DATA command Ashish Kalra
2021-02-04 0:37 ` [PATCH v10 06/16] KVM: SVM: Add KVM_SEV_RECEIVE_FINISH command Ashish Kalra
2021-02-04 0:38 ` [PATCH v10 07/16] KVM: x86: Add AMD SEV specific Hypercall3 Ashish Kalra
2021-02-04 0:38 ` [PATCH v10 08/16] KVM: X86: Introduce KVM_HC_PAGE_ENC_STATUS hypercall Ashish Kalra
2021-02-04 16:03 ` Tom Lendacky
2021-02-05 1:44 ` Steve Rutherford
2021-02-05 3:32 ` Ashish Kalra
2021-02-04 0:39 ` [PATCH v10 09/16] mm: x86: Invoke hypercall when page encryption status is changed Ashish Kalra
2021-02-04 0:39 ` [PATCH v10 10/16] KVM: x86: Introduce KVM_GET_SHARED_PAGES_LIST ioctl Ashish Kalra
2021-02-04 16:14 ` Tom Lendacky
2021-02-04 16:34 ` Ashish Kalra
2021-02-17 1:03 ` Sean Christopherson
2021-02-17 14:00 ` Kalra, Ashish
2021-02-17 16:13 ` Sean Christopherson
2021-02-18 6:48 ` Kalra, Ashish
2021-02-18 16:39 ` Sean Christopherson
2021-02-18 17:05 ` Kalra, Ashish
2021-02-18 17:50 ` Sean Christopherson
2021-02-18 18:32 ` Kalra, Ashish
2021-02-24 17:51 ` Ashish Kalra
2021-02-24 18:22 ` Sean Christopherson
2021-02-25 20:20 ` Ashish Kalra
2021-02-25 22:59 ` Steve Rutherford
2021-02-25 23:24 ` Steve Rutherford
2021-02-26 14:04 ` Ashish Kalra
2021-02-26 17:44 ` Sean Christopherson
2021-03-02 14:55 ` Ashish Kalra
2021-03-02 15:15 ` Ashish Kalra
2021-03-03 18:54 ` Will Deacon
2021-03-03 19:32 ` Ashish Kalra
2021-03-09 19:10 ` Ashish Kalra
2021-03-11 18:14 ` Ashish Kalra
2021-03-11 20:48 ` Steve Rutherford
2021-03-19 17:59 ` Ashish Kalra
2021-04-02 1:40 ` Steve Rutherford
2021-04-02 11:09 ` Ashish Kalra
2021-03-08 10:40 ` Ashish Kalra
2021-03-08 19:51 ` Sean Christopherson
2021-03-08 21:05 ` Ashish Kalra
2021-03-08 21:11 ` Brijesh Singh
2021-03-08 21:32 ` Ashish Kalra
2021-03-08 21:51 ` Steve Rutherford
2021-03-09 19:42 ` Sean Christopherson [this message]
2021-03-10 3:42 ` Kalra, Ashish
2021-03-10 3:47 ` Steve Rutherford
2021-03-08 21:48 ` Steve Rutherford
2021-02-17 1:06 ` Sean Christopherson
2021-02-04 0:39 ` [PATCH v10 11/16] KVM: x86: Introduce KVM_SET_SHARED_PAGES_LIST ioctl Ashish Kalra
2021-02-04 0:39 ` [PATCH v10 12/16] KVM: x86: Introduce new KVM_FEATURE_SEV_LIVE_MIGRATION feature & Custom MSR Ashish Kalra
2021-02-05 0:56 ` Steve Rutherford
2021-02-05 3:07 ` Ashish Kalra
2021-02-06 2:54 ` Steve Rutherford
2021-02-06 4:49 ` Ashish Kalra
2021-02-06 5:46 ` Ashish Kalra
2021-02-06 13:56 ` Ashish Kalra
2021-02-08 0:28 ` Ashish Kalra
2021-02-08 22:50 ` Steve Rutherford
2021-02-10 20:36 ` Ashish Kalra
2021-02-10 22:01 ` Steve Rutherford
2021-02-10 22:05 ` Steve Rutherford
2021-02-16 23:20 ` Sean Christopherson
2021-02-04 0:40 ` [PATCH v10 13/16] EFI: Introduce the new AMD Memory Encryption GUID Ashish Kalra
2021-02-04 0:40 ` [PATCH v10 14/16] KVM: x86: Add guest support for detecting and enabling SEV Live Migration feature Ashish Kalra
2021-02-18 17:56 ` Sean Christopherson
2021-02-04 0:40 ` [PATCH v10 15/16] KVM: x86: Add kexec support for SEV Live Migration Ashish Kalra
2021-02-04 4:10 ` kernel test robot
2021-02-04 0:40 ` [PATCH v10 16/16] KVM: SVM: Bypass DBG_DECRYPT API calls for unencrypted guest memory Ashish Kalra
2021-02-09 6:23 ` kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YEfPwD6/XiTp7v0y@google.com \
--to=seanjc@google.com \
--cc=Thomas.Lendacky@amd.com \
--cc=ashish.kalra@amd.com \
--cc=brijesh.singh@amd.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=qperret@google.com \
--cc=srutherford@google.com \
--cc=venu.busireddy@oracle.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox