Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/22/21 7:23 AM, Brijesh Singh wrote:
> Thank you for starting the thread; based on the discussion, I am keeping
> the current implementation as-is and *not* going with the auto
> conversion from private to shared. To summarize what we are doing in the
> current SNP series:
> 
> - If userspace accesses guest private memory, it gets SIGBUS.
> - If kernel accesses[*] guest private memory, it does panic.

There's a subtlety here, though.  There are really three *different*
kinds of kernel accesses that matter:

1. Kernel bugs.  Kernel goes off and touches some guest private memory
   when it didn't mean to.  Say, it runs off the end of a slab page and
   runs into a guest page.  panic() is expected here.
2. Kernel accesses guest private memory via a userspace mapping, in a
   place where it is known to be accessing userspace and is prepared to
   fault.  copy_to_user() is the most straightforward example.  Kernel
   must *not* panic().  Returning an error to the syscall is a good
   way to handle these (if in a syscall).
3. Kernel accesses guest private memory via a kernel mapping.  This one
   is tricky.  These probably *do* result in a panic() today, but
   ideally shouldn't.

Could you explicitly clarify what the current behavior is?



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux