Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support

From: Borislav Petkov
Date: Tue Nov 23 2021 - 02:18:40 EST

Next message: kernel test robot: "[tglx-devel:msi 18/91] drivers/pci/msi/legacy.c:54:5: warning: no previous prototype for function 'pci_msi_legacy_setup_msi_irqs'"
Previous message: Akhil R: "[PATCH v2] i2c: tegra: Add ACPI support"
In reply to: Luck, Tony: "RE: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support"
Next in thread: Sean Christopherson: "Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Nov 22, 2021 at 02:51:35PM -0800, Dave Hansen wrote:
> By "supporting", do you mean doing something functional? I don't really
> care if ptrace() to guest private memory returns -EINVAL or whatever.
> The most important thing is not crashing the host.
>
> Also, as Sean mentioned, this isn't really about ptrace() itself. It's
> really about ensuring that no kernel or devices accesses to guest
> private memory can induce bad behavior.

I keep repeating this suggestion of mine that we should treat
guest-private pages as hw-poisoned pages which have experienced a
uncorrectable error in the past.

mm already knows how to stay away from those.

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: kernel test robot: "[tglx-devel:msi 18/91] drivers/pci/msi/legacy.c:54:5: warning: no previous prototype for function 'pci_msi_legacy_setup_msi_irqs'"
Previous message: Akhil R: "[PATCH v2] i2c: tegra: Add ACPI support"
In reply to: Luck, Tony: "RE: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support"
Next in thread: Sean Christopherson: "Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]