Re: [PATCH v8 20/40] x86/sev: Use SEV-SNP AP creation to start secondary CPUs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 1/12/22 10:33 AM, Brijesh Singh wrote:
On 12/31/21 9:36 AM, Borislav Petkov wrote:
On Fri, Dec 10, 2021 at 09:43:12AM -0600, Brijesh Singh wrote:

+     * an attempt was done to use the current VMSA with a running vCPU, a
+     * #VMEXIT of that vCPU would wipe out all of the settings being done
+     * here.

I don't understand - this is waking up a CPU, how can it ever be a
running vCPU which is using the current VMSA?!

Yes, in general. My thought was that nothing is stopping a malicious hypervisor from performing a VMRUN on that vCPU and then the VMSA would be in use.

Thanks,
Tom


There is per_cpu(snp_vmsa, cpu), who else can be using that one currently?


Maybe Tom can expand it bit more?




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux