Re: SEV guest regression in 4.18

From: Paolo Bonzini
Date: Fri Aug 24 2018 - 11:50:24 EST

Next message: Olof Johansson: "Re: [PATCH v2 0/4] iommu/rockchip: Runtime PM fixes"
Previous message: Will Deacon: "Re: [PATCH 3/4] mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE"
In reply to: Brijesh Singh: "Re: SEV guest regression in 4.18"
Next in thread: Brijesh Singh: "Re: SEV guest regression in 4.18"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 24/08/2018 17:41, Brijesh Singh wrote:
>>>
>>> Wouldn't that result in exposing/leaking whatever code/data happened
>>> to reside on the same 2M page (or corrupting it if the entire page
>>> isn't decrypted)?Â Or are you suggesting that we'd also leave the
>>> encrypted mapping intact?
>>
>> Yes, exactly the latter, because...
>
>
> Hardware does not enforce coherency between the encrypted and
> unencrypted mapping for the same physical page. So, creating a
> two mapping of same physical address will lead a possible data
> corruption.
>
> Note, SME creates two mapping of the same physical address to perform
> in-place encryption of kernel and initrd images; this is a special case
> and APM documents steps on how to do this.

Ah, so that's what I was thinking about. But a single cache line would
never be used both encrypted and unencrypted, would it?

Paolo

Next message: Olof Johansson: "Re: [PATCH v2 0/4] iommu/rockchip: Runtime PM fixes"
Previous message: Will Deacon: "Re: [PATCH 3/4] mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE"
In reply to: Brijesh Singh: "Re: SEV guest regression in 4.18"
Next in thread: Brijesh Singh: "Re: SEV guest regression in 4.18"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]