From: Sean Christopherson <seanjc@google.com>
To: Rick P Edgecombe <rick.p.edgecombe@intel.com>
Cc: Xiaoyao Li <xiaoyao.li@intel.com>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"pbonzini@redhat.com" <pbonzini@redhat.com>
Subject: Re: [RFC] TDX module configurability of 0x80000008
Date: Thu, 25 Apr 2024 16:28:57 -0700 [thread overview]
Message-ID: <ZirnOf10fJh3vWJ-@google.com> (raw)
In-Reply-To: <f01c6dc3087161353331538732edc4c5715b49ed.camel@intel.com>
On Thu, Apr 25, 2024, Rick P Edgecombe wrote:
> On Thu, 2024-04-25 at 15:53 -0700, Sean Christopherson wrote:
> > > Hmm. I'll mention this, but I don't see why KVM needs the TDX module to
> > > filter
> > > it. It seems in the range of userspace being allowed to create nonsense
> > > configurations that only hurt its own guest.
> >
> > Because the whole point of TDX is to protect the guest from the bad, naughty
> > host?
>
> DOS naughtiness by the host is allowed though.
>
> >
> > > If we think the TDX module should do it, then maybe we should have KVM
> > > sanity filter these out today in preparation.
> >
> > Nope. KVM isn't in the guest's TCB, TDX is. KVM's stance is that
> > userspace is responsible for providing a sane vCPU model, because defining
> > what is "sane" is extremely difficult unless the definition is super
> > prescriptive, a la TDX.
> >
> > E.g. letting the host map something that TDX's spec says will cause #VE would
> > create a novel attack surface.
>
> I thought that the shared half could be mapped in that range unless KVM gets
> involved. But, no, as long as we tie GPAW, 23:16, ept-level all together, then
> mapping something above it won't even make sense.
>
> I don't see attack surface risk immediately. I expect this will get more
> internal scrutiny in that regard though.
Oooh, I thought you were talking about KVM mapping a private GPA address in S-EPT
above the reported GPAW. In hindsight, I don't know _why_ I thought that.
Yeah, trying to sanity check the shared EPT in the TDX module would be comically
pointless.
next prev parent reply other threads:[~2024-04-25 23:28 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-24 16:55 [RFC] TDX module configurability of 0x80000008 Edgecombe, Rick P
2024-04-25 15:09 ` Xiaoyao Li
2024-04-25 16:31 ` Edgecombe, Rick P
2024-04-25 16:59 ` Sean Christopherson
2024-04-25 18:20 ` Edgecombe, Rick P
2024-04-25 21:39 ` Sean Christopherson
2024-04-25 22:41 ` Edgecombe, Rick P
2024-04-25 22:53 ` Sean Christopherson
2024-04-25 23:08 ` Edgecombe, Rick P
2024-04-25 23:28 ` Sean Christopherson [this message]
2024-04-25 23:38 ` Edgecombe, Rick P
2024-05-06 18:40 ` Edgecombe, Rick P
2024-05-07 14:22 ` Chao Gao
2024-05-07 14:49 ` Edgecombe, Rick P
2024-05-07 16:21 ` Sean Christopherson
2024-05-07 16:41 ` Xiaoyao Li
2024-05-07 17:11 ` Sean Christopherson
2024-05-08 7:50 ` Xiaoyao Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZirnOf10fJh3vWJ-@google.com \
--to=seanjc@google.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).