Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Dave Hansen <dave.hansen@xxxxxxxxx>
Subject: Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support
From: Borislav Petkov <bp@xxxxxxxxx>
Date: Tue, 23 Nov 2021 08:18:31 +0100
Cc: Brijesh Singh <brijesh.singh@xxxxxxx>, Peter Gonda <pgonda@xxxxxxxxxx>, x86@xxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, kvm@xxxxxxxxxxxxxxx, linux-coco@xxxxxxxxxxxxxxx, linux-mm@xxxxxxxxx, linux-crypto@xxxxxxxxxxxxxxx, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Joerg Roedel <jroedel@xxxxxxx>, Tom Lendacky <Thomas.Lendacky@xxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, Ard Biesheuvel <ardb@xxxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>, Sean Christopherson <seanjc@xxxxxxxxxx>, Vitaly Kuznetsov <vkuznets@xxxxxxxxxx>, Wanpeng Li <wanpengli@xxxxxxxxxxx>, Jim Mattson <jmattson@xxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>, Sergio Lopez <slp@xxxxxxxxxx>, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, Srinivas Pandruvada <srinivas.pandruvada@xxxxxxxxxxxxxxx>, David Rientjes <rientjes@xxxxxxxxxx>, Dov Murik <dovmurik@xxxxxxxxxxxxx>, Tobin Feldman-Fitzthum <tobin@xxxxxxx>, Michael Roth <michael.roth@xxxxxxx>, Vlastimil Babka <vbabka@xxxxxxx>, "Kirill A . Shutemov" <kirill@xxxxxxxxxxxxx>, Andi Kleen <ak@xxxxxxxxxxxxxxx>, tony.luck@xxxxxxxxx, marcorr@xxxxxxxxxx, sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx
In-reply-to: <38282b0c-7eb5-6a91-df19-2f4cfa8549ce@intel.com>
References: <20210820155918.7518-1-brijesh.singh@amd.com> <CAMkAt6o0ySn1=iLYsH0LCnNARrUbfaS0cvtxB__y_d+Q6DUzfA@mail.gmail.com> <daf5066b-e89b-d377-ed8a-9338f1a04c0d@amd.com> <d673f082-9023-dafb-e42e-eab32a3ddd0c@intel.com> <f15597a0-e7e0-0a57-39fd-20715abddc7f@amd.com> <5f3b3aab-9ec2-c489-eefd-9136874762ee@intel.com> <d83e6668-bec4-8d1f-7f8a-085829146846@amd.com> <38282b0c-7eb5-6a91-df19-2f4cfa8549ce@intel.com>

On Mon, Nov 22, 2021 at 02:51:35PM -0800, Dave Hansen wrote:
> By "supporting", do you mean doing something functional?  I don't really
> care if ptrace() to guest private memory returns -EINVAL or whatever.
> The most important thing is not crashing the host.
> 
> Also, as Sean mentioned, this isn't really about ptrace() itself.  It's
> really about ensuring that no kernel or devices accesses to guest
> private memory can induce bad behavior.

I keep repeating this suggestion of mine that we should treat
guest-private pages as hw-poisoned pages which have experienced a
uncorrectable error in the past.

mm already knows how to stay away from those.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Follow-Ups:
- Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support
  - From: Sean Christopherson

References:
- [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support
  - From: Brijesh Singh
- Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support
  - From: Peter Gonda
- Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support
  - From: Brijesh Singh
- Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support
  - From: Dave Hansen
- Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support
  - From: Brijesh Singh
- Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support
  - From: Dave Hansen
- Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support
  - From: Brijesh Singh
- Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support
  - From: Dave Hansen

Prev by Date: Re: [PATCH v1 1/9] mm: add zone device coherent type memory support
Next by Date: [PATCH] mm/rmap: fix potential batched TLB flush race
Previous by thread: RE: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support
Next by thread: Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Bugtraq] [Linux OMAP] [Linux MIPS] [eCos] [Asterisk Internet PBX] [Linux API]