On 2/12/21 8:45 AM, Peter Zijlstra wrote: > But you're right, if a HV injects #VE in the syscall gap and gets a > concurrent CPU to 'fix' the exception frame (which then lives on the > user stack) the handler might never know it went ga-ga. > > Is this something the TDX thread model covers? A malicous HV and a TDX > guest co-operating to bring down the guest kernel. I'll say this: The current TDX guest code that Sathya posted is predicated on an assumption that an malicious HV can not inject a #VE in the syscall gap, or any of the other sensitive paths. A #VE in the syscall gap is just as fatal as a #PF or #GP would be there. If TDX can't provide guarantees to the guest that a #VE won't happen there, then TDX is broken, or the kernel implementation is broken. If anyone knows of any way for a HV to inject #VE in the syscall gap, please speak up. Better to know now.
