On Tue, Jan 09, 2024 at 01:29:06PM +0100, Borislav Petkov wrote:
> At least three issues I see with that:
>
> - the allocation can fail so it is a lot more convenient when the
> firmware prepares it
>
> - the RMP_BASE and RMP_END writes need to be verified they actially did
> set up the RMP range because if they haven't, you might as well
> throw SNP security out of the window. In general, letting the kernel
> do the RMP allocation needs to be verified very very thoroughly.
>
> - a future feature might make this more complicated
- What do you do if you boot on a system which has the RMP already
allocated in the BIOS?
- How do you detect that it is the L1 kernel that must allocate the RMP?
- Why can't you use the BIOS allocated RMP in your scenario too instead
of the L1 kernel allocating it?
- ...
I might think of more.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
