On Tue, Jun 23, 2020 at 01:07:06PM +0200, Peter Zijlstra wrote: > On Tue, Apr 28, 2020 at 09:55:12AM +0200, Joerg Roedel wrote: > So what happens if this #VC triggers on the first access to the #VC > stack, because the malicious host has craftily mucked with only the #VC > IST stack page? > > Or on the NMI IST stack, then we get #VC in NMI before the NMI can fix > you up. > > AFAICT all of that is non-recoverable. I am not 100% sure, but I think if the #VC stack page is not validated, the #VC should be promoted to a #DF. Note that this is an issue only with secure nested paging (SNP), which is not enabled yet with this patch-set. When it gets enabled a stack recursion check in the #VC handler is needed which panics the VM. That also fixes the #VC-in-early-NMI problem. Regards, Joerg
