Re: [RFC 00/16] KVM protected memory extension

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> 
> On Jun 4, 2020, at 2:03 PM, Jim Mattson <jmattson@xxxxxxxxxx> wrote:
> 
> On Thu, Jun 4, 2020 at 12:09 PM Nakajima, Jun <jun.nakajima@xxxxxxxxx> wrote:
> 
>> We (Intel virtualization team) are also working on a similar thing, prototyping to meet such requirements, i..e "some level of confidentiality to guests”. Linux/KVM is the host, and the Kirill’s patches are helpful when removing the mappings from the host to achieve memory isolation of a guest. But, it’s not easy to prove there are no other mappings.
>> 
>> To raise the level of security, our idea is to de-privilege the host kernel just to enforce memory isolation using EPT (Extended Page Table) that virtualizes guest (the host kernel in this case) physical memory; almost everything is passthrough. And the EPT for the host kernel excludes the memory for the guest(s) that has confidential info. So, the host kernel shouldn’t cause VM exits as long as it’s behaving well (CPUID still causes a VM exit, though).
> 
> You're Intel. Can't you just change the CPUID intercept from required
> to optional? It seems like this should be in the realm of a small
> microcode patch.

We’ll take a look. Probably it would be helpful even for the bare-metal kernel (e.g. debugging). 
Thanks for the suggestion.

--- 
Jun
Intel Open Source Technology Center






[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux