Hi Kirill, Thanks for this. On Fri, 22 May 2020 15:51:58 +0300 "Kirill A. Shutemov" <kirill@xxxxxxxxxxxxx> wrote: > == Background / Problem == > > There are a number of hardware features (MKTME, SEV) which protect guest > memory from some unauthorized host access. The patchset proposes a purely > software feature that mitigates some of the same host-side read-only > attacks. > > > == What does this set mitigate? == > > - Host kernel ”accidental” access to guest data (think speculation) > > - Host kernel induced access to guest data (write(fd, &guest_data_ptr, len)) > > - Host userspace access to guest data (compromised qemu) > > == What does this set NOT mitigate? == > > - Full host kernel compromise. Kernel will just map the pages again. > > - Hardware attacks Just as a heads up, we (the Android kernel team) are currently involved in something pretty similar for KVM/arm64 in order to bring some level of confidentiality to guests. The main idea is to de-privilege the host kernel by wrapping it in its own nested set of page tables which allows us to remove memory allocated to guests on a per-page basis. The core hypervisor runs more or less independently at its own privilege level. It still is KVM though, as we don't intend to reinvent the wheel. Will has written a much more lingo-heavy description here: https://lore.kernel.org/kvmarm/20200327165935.GA8048@willie-the-truck/ This works for one of the virtualization modes that arm64 can use (what we call non-VHE, or nVHE for short). The other mode (VHE), is much more similar to what happens on other architectures, where the kernel and the hypervisor are one single entity. In this case, we cannot use the same trick with nested page tables, and have to rely on something that would very much look like what you're proposing. Note that the two modes of the architecture would benefit from this work anyway, as I'd like the host to know that we've pulled memory from under its feet. Since you have done most of the initial work, I intend to give it a go on arm64 shortly and see what sticks. Thanks, M. -- Jazz is not dead. It just smells funny...
