Re: Runtime Memory Validation in Intel-TDX and AMD-SNP

Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <hidden> · 2021-07-19
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Matthew Wilcox <willy@infradead.org> · 2021-07-19
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <hidden> · 2021-07-19
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Andi Kleen <hidden> · 2021-07-19
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Dr. David Alan Gilbert <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Andy Lutomirski <luto@kernel.org> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Erdem Aktas <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Erdem Aktas <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · "Andy Lutomirski" <luto@kernel.org> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Erdem Aktas <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Andi Kleen <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Erdem Aktas <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Andi Kleen <hidden> · 2021-07-21
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <hidden> · 2021-07-21
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Andi Kleen <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Andi Kleen <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Erdem Aktas <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Andi Kleen <hidden> · 2021-07-21
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Marc Orr <hidden> · 2021-07-22
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <joro@8bytes.org> · 2021-07-26
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Dave Hansen <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Kirill A. Shutemov <hidden> · 2021-07-20
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Mike Rapoport <rppt@kernel.org> · 2021-07-21
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Kirill A. Shutemov <hidden> · 2021-07-21
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <hidden> · 2021-07-21
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Mike Rapoport <rppt@kernel.org> · 2021-07-21
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <hidden> · 2021-07-21
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Kirill A. Shutemov <hidden> · 2021-07-21
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <hidden> · 2021-07-21
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · David Hildenbrand <hidden> · 2021-07-22
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <joro@8bytes.org> · 2021-07-26
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · David Hildenbrand <hidden> · 2021-07-27
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <joro@8bytes.org> · 2021-08-02
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · David Hildenbrand <hidden> · 2021-08-02
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · David Hildenbrand <hidden> · 2021-07-22
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Kirill A. Shutemov <hidden> · 2021-07-22
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Mike Rapoport <rppt@kernel.org> · 2021-07-23
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Kirill A. Shutemov <hidden> · 2021-07-23
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Mike Rapoport <rppt@kernel.org> · 2021-07-25
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Kirill A. Shutemov <hidden> · 2021-07-25
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Mike Rapoport <rppt@kernel.org> · 2021-07-26
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Kirill A. Shutemov <hidden> · 2021-07-26
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Joerg Roedel <joro@8bytes.org> · 2021-07-26
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Erdem Aktas <hidden> · 2021-07-26
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Kirill A. Shutemov <hidden> · 2021-07-26
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Erdem Aktas <hidden> · 2021-07-27
Re: Runtime Memory Validation in Intel-TDX and AMD-SNP · Varad Gautam <hidden> · 2021-07-23
RE: Runtime Memory Validation in Intel-TDX and AMD-SNP · Kaplan, David <hidden> · 2021-07-23

From: Joerg Roedel <hidden>
Date: 2021-07-21 13:40:33
Also in: linux-coco

On Tue, Jul 20, 2021 at 03:01:13PM -0700, Andi Kleen wrote:

On Tue, Jul 20, 2021 at 12:54:16PM -0700, Erdem Aktas wrote:

quoted

I did not see any #VE implementation to handle SEPT violations when a
page is in PENDING state. I am assuming that this needs to be
supported at some point (If not then we need to discuss the use cases
for such support).

We actually plan to disable those #VEs, to avoid any problems with
the system call gap. Instead the plan is that the kernel will know
in advance what memory has been accepted or not, and accept it before
touching.

This confuses me a bit, what happens when the VMM is malicious and
re-maps an already accepted page and the TD tries to access it?

My thinking was that this causes a #VE, but what happens instead when
this #VE can be disabled?

Regards,

	Joerg

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help