On Tue, Jul 20, 2021 at 04:55:22PM -0700, Erdem Aktas wrote: > Thank you so much for your answer and sorry for keeping the discussion long. > > On Tue, Jul 20, 2021 at 3:01 PM Andi Kleen <ak@xxxxxxxxxxxxxxx> wrote: > > You mean when the TDVF is changed? In this case the unaccepted memory > > will be a different memory type, so not lazy accept enabled kernels wouldn't > > use it. > > Thanks Andi for the clarification. I also saw the Kirill's answer. It > makes sense. > > > But for the kexec crash case it would be just attacks against the crash > > dump, which I assume are not a real security concern. > > If the crash kernel is compromised, it can be used to dump the > customer memory content to a shared location which is a real security > concern, is it not? This wouldn't be about compromising the crash kernel, but just about inserting random zeroed pages into the crash dump. I assume the crash parsing tools can handle corrupted data, it certainly happens often enough with real dumps. The crash kernel itself would need to be properly pre validated/accepted of course, but that will likely happen when it loads. And the memory it uses could be re-accepted as long as it only happens before it is actually used (at least on Intel, there might be still the issue Joern pointed out on AMD, but I guess there it could be avoided by just pre accepting everything and setting up a suitable memory map) BTW with our current plan of disabling the #VE i don't think it can happen anyways. > > The crash kexec > > mostly runs in its own memory, which doesn't need this, or is small > > enough that it can be fully pre-accepted. And for the previous memory > > view probably these issues are acceptable. > > I think this is where I am getting confused. I agree that we can copy > the crashkernel to its own memory (all accepted) and run it. My > confusion is: crash kernel will dump the memory which might have some > shared pages between. we have 3 options: > 1- We can either accept all the pages again, that includes the shared > pages and lose the content of it. If we do not care about the content > in shared pages, then this is okay. On TDX this would lead to clearing the pages, which is definitely not what you want for a crash dump. > 2- Have a mechanism to transfer the private/shared page mapping and > map all the pages accordingly before dumping. FWIW we have very little shared mappings, and I suspect their content is probably not super important for debugging (no kernel data structures there). So even if you lost shared mappings for crash dumps it likely wouldn't be a problem. But actually it should just work. -Andi
