Re: [PATCH 05/16] KVM: x86/mmu: Use synthetic page fault error code to indicate private faults

From: Sean Christopherson
Date: Thu Mar 07 2024 - 09:36:31 EST

Next message: Doug Anderson: "Re: [PATCH] drm/panel-edp: Add several generic edp panels"
Previous message: Wenchao Hao: "Re: [PATCH v3 4/4] scsi: scsi_core: Fix IO hang when device removing"
In reply to: Xu Yilun: "Re: [PATCH 05/16] KVM: x86/mmu: Use synthetic page fault error code to indicate private faults"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Mar 07, 2024, Xu Yilun wrote:
> On Wed, Mar 06, 2024 at 06:45:30AM -0800, Sean Christopherson wrote:
> > can be switched between private and shared, e.g. will return false for
> > kvm_arch_has_private_mem().
> >
> > And KVM _can't_ sanely use private/shared memslots for SEV(-ES), because it's
> > impossible to intercept implicit conversions by the guest, i.e. KVM can't prevent
> > the guest from encrypting a page that KVM thinks is private, and vice versa.
>
> Is it because there is no #NPF for RMP violation?

Yep, there is no RMP, thus no way for the host to express its view of shared vs.
private to hardware. As a result, KVM can't block conversions, and the given
state of a page is completely unkown at any given time. E.g. when memory is
reclaimed from an SEV(-ES) guest, KVM has to assume that the page is encrypted
and thus needs to be flushed (see sev_guest_memory_reclaimed()).

Next message: Doug Anderson: "Re: [PATCH] drm/panel-edp: Add several generic edp panels"
Previous message: Wenchao Hao: "Re: [PATCH v3 4/4] scsi: scsi_core: Fix IO hang when device removing"
In reply to: Xu Yilun: "Re: [PATCH 05/16] KVM: x86/mmu: Use synthetic page fault error code to indicate private faults"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]