On 16.02.23 06:13, Mike Rapoport wrote:
Hi,
On Fri, Dec 02, 2022 at 02:13:38PM +0800, Chao Peng wrote:
This patch series implements KVM guest private memory for confidential
computing scenarios like Intel TDX[1]. If a TDX host accesses
TDX-protected guest memory, machine check can happen which can further
crash the running host system, this is terrible for multi-tenant
configurations. The host accesses include those from KVM userspace like
QEMU. This series addresses KVM userspace induced crash by introducing
new mm and KVM interfaces so KVM userspace can still manage guest memory
via a fd-based approach, but it can never access the guest memory
content.
Sorry for jumping late.
Unless I'm missing something, hibernation will also cause an machine check
when there is TDX-protected memory in the system. When the hibernation
creates memory snapshot it essentially walks all physical pages and saves
their contents, so for TDX memory this will trigger machine check, right?
I recall bringing that up in the past (also memory access due to kdump,
/prov/kcore) and was told that the main focus for now is preventing
unprivileged users from crashing the system, that is, not mapping such
memory into user space (e.g., QEMU). In the long run, we'll want to
handle such pages also properly in the other events where the kernel
might access them.
--
Thanks,
David / dhildenb