Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support

[Andy Lutomirski]

On 11/12/21 13:16, Marc Orr wrote:
> > > So cloud providers should have an interest to prevent such random stray
> > > accesses if they wanna have guests. :)
> >
> > Yes, but IMO inducing a fault in the guest because of _host_ bug is wrong.
>
> I want to push back on "inducing a fault in the guest because of
> _host_ bug is wrong.". The guest is _required_ to be robust against
> the host maliciously (or accidentally) writing its memory. SNP
> security depends on the guest detecting such writes. Therefore, why is
> leveraging this system property that the guest will detect when its
> private memory has been written wrong?

>
> Especially when its orders or
> magnitudes simpler than the alternative to have everything in the
> system -- kernel, user-space, and guest -- all coordinate to agree
> what's private and what's shared. Such a complex approach is likely to
> bring a lot of bugs, vulnerabilities, and limitations on future design
> into the picture.

SEV-SNP, TDX, and any reasonable software solution all require that the 
host know which pages are private and which pages are shared.  Sure, the 
old SEV-ES Linux host implementation was very simple, but it's nasty and 
fundamentally can't support migration.