Re: [PATCH v1 11/26] x86/sev: Invalidate pages from the direct map when adding them to the RMP table

From: Borislav Petkov
Date: Mon Jan 15 2024 - 04:02:38 EST

Next message: Vignesh Raman: "Flaky tests for msm sdm845"
Previous message: Gang Li: "Re: [PATCH v3 3/7] padata: dispatch works on different nodes"
In reply to: Borislav Petkov: "Re: [PATCH v1 11/26] x86/sev: Invalidate pages from the direct map when adding them to the RMP table"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Dec 30, 2023 at 10:19:39AM -0600, Michael Roth wrote:
> + /*
> + * If the kernel uses a 2MB directmap mapping to write to an address,
> + * and that 2MB range happens to contain a 4KB page that set to private
> + * in the RMP table, an RMP #PF will trigger and cause a host crash.

Also:

diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c
index 7d294d1a620b..2ad83e7fb2da 100644
--- a/arch/x86/virt/svm/sev.c
+++ b/arch/x86/virt/svm/sev.c
@@ -415,8 +415,9 @@ static int rmpupdate(u64 pfn, struct rmp_state *state)

/*
* If the kernel uses a 2MB directmap mapping to write to an address,
- * and that 2MB range happens to contain a 4KB page that set to private
- * in the RMP table, an RMP #PF will trigger and cause a host crash.
+ * and that 2MB range happens to contain a 4KB page that has been set
+ * to private in the RMP table, an RMP #PF will trigger and cause a
+ * host crash.
*
* Prevent this by removing pages from the directmap prior to setting
* them as private in the RMP table.

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: Vignesh Raman: "Flaky tests for msm sdm845"
Previous message: Gang Li: "Re: [PATCH v3 3/7] padata: dispatch works on different nodes"
In reply to: Borislav Petkov: "Re: [PATCH v1 11/26] x86/sev: Invalidate pages from the direct map when adding them to the RMP table"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]