On 4/25/20 5:49 AM, Joerg Roedel wrote: >> That's a fun point because it means that the (untrusted) hypervisor can >> cause endless faults. I *guess* we have mitigation for this with our >> stack guard pages, but it's still a bit nasty that the hypervisor can >> arbitrarily land a guest in the double-fault handler. >> >> It just all seems a bit weak for the hypervisor to be considered >> untrusted. But, it's _certainly_ a steep in the right direction from SEV. > Yeah, a malicious hypervisor can do bad things to an SEV-ES VM, but it > can't easily steal its secrets from memory or registers. The #VC handler > does its best to just crash the VM if unexpected hypervisor behavior is > detected. This is the kind of design information that would be very useful to reviewers. Will some of this information make it into the cover letter eventually? Or, Documentation/? Also, for the security purists, an SEV-ES host is still trusted (in the same TCB as the guest). Truly guest-untrusted VMMs won't be available until SEV-SNP, right?
