Re: [PATCH] Allow RDTSC and RDTSCP from userspace

From: Dave Hansen
Date: Mon Apr 27 2020 - 14:47:10 EST

Next message: Suren Baghdasaryan: "Re: lockdep warning about possible circular dependency in PSI"
Previous message: Soeren Moch: "Re: [PATCH v2 0/5] mfd: RK8xx tidyup"
In reply to: Andrew Cooper: "Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)"
Next in thread: Joerg Roedel: "Re: [PATCH] Allow RDTSC and RDTSCP from userspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/25/20 5:49 AM, Joerg Roedel wrote:
>> That's a fun point because it means that the (untrusted) hypervisor can
>> cause endless faults. I *guess* we have mitigation for this with our
>> stack guard pages, but it's still a bit nasty that the hypervisor can
>> arbitrarily land a guest in the double-fault handler.
>>
>> It just all seems a bit weak for the hypervisor to be considered
>> untrusted. But, it's _certainly_ a steep in the right direction from SEV.
> Yeah, a malicious hypervisor can do bad things to an SEV-ES VM, but it
> can't easily steal its secrets from memory or registers. The #VC handler
> does its best to just crash the VM if unexpected hypervisor behavior is
> detected.

This is the kind of design information that would be very useful to
reviewers. Will some of this information make it into the cover letter
eventually? Or, Documentation/?

Also, for the security purists, an SEV-ES host is still trusted (in the
same TCB as the guest). Truly guest-untrusted VMMs won't be available
until SEV-SNP, right?

Next message: Suren Baghdasaryan: "Re: lockdep warning about possible circular dependency in PSI"
Previous message: Soeren Moch: "Re: [PATCH v2 0/5] mfd: RK8xx tidyup"
In reply to: Andrew Cooper: "Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)"
Next in thread: Joerg Roedel: "Re: [PATCH] Allow RDTSC and RDTSCP from userspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]