Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)

[RFC PATCH 00/70 v2] x86: SEV-ES Guest Support · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 04/70] x86/traps: Move some definitions to <asm/trap_defs.h> · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 10/70] x86/boot/compressed: Fix debug_puthex() parameter type · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 12/70] x86/boot/compressed/64: Add IDT Infrastructure · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 12/70] x86/boot/compressed/64: Add IDT Infrastructure · Arvind Sankar <hidden> · 2020-04-07
Re: [PATCH 12/70] x86/boot/compressed/64: Add IDT Infrastructure · Joerg Roedel <joro@8bytes.org> · 2020-04-16
[PATCH 13/70] x86/boot/compressed/64: Rename kaslr_64.c to ident_map_64.c · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 15/70] x86/boot/compressed/64: Always switch to own page-table · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 15/70] x86/boot/compressed/64: Always switch to own page-table · Borislav Petkov <bp@alien8.de> · 2020-04-06
[PATCH 16/70] x86/boot/compressed/64: Don't pre-map memory in KASLR code · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 20/70] x86/boot/compressed/64: Check return value of kernel_ident_mapping_init() · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 29/70] x86/head/64: Install boot GDT · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 34/70] x86/head/64: Load IDT earlier · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 39/70] x86/sev-es: Setup GHCB based boot #VC handler · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 45/70] x86/sev-es: Harden runtime #VC handler for exceptions from user-space · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 46/70] x86/sev-es: Filter exceptions not supported from user-space · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 53/70] x86/sev-es: Handle RDPMC Events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 58/70] x86/sev-es: Handle VMMCALL Events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 65/70] x86/realmode: Setup AP jump table · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 66/70] x86/head/64: Don't call verify_cpu() on starting APs · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 63/70] x86/vmware: Add VMware specific handling for VMMCALL under SEV-ES · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 63/70] x86/vmware: Add VMware specific handling for VMMCALL under SEV-ES · Thomas Hellstrom <hidden> · 2020-03-19
[PATCH 62/70] x86/kvm: Add KVM specific VMMCALL handling under SEV-ES · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 62/70] x86/kvm: Add KVM specific VMMCALL handling under SEV-ES · David Rientjes <rientjes@google.com> · 2020-03-20
Re: [PATCH 62/70] x86/kvm: Add KVM specific VMMCALL handling under SEV-ES · Joerg Roedel <joro@8bytes.org> · 2020-03-20
[PATCH 57/70] x86/sev-es: Handle MWAIT/MWAITX Events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 51/70] x86/sev-es: Handle WBINVD Events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 70/70] x86/sev-es: Add NMI state tracking · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 70/70] x86/sev-es: Add NMI state tracking · Andy Lutomirski <luto@kernel.org> · 2020-03-19
Re: [PATCH 70/70] x86/sev-es: Add NMI state tracking · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 70/70] x86/sev-es: Add NMI state tracking · Andy Lutomirski <luto@kernel.org> · 2020-03-19
Re: [PATCH 70/70] x86/sev-es: Add NMI state tracking · Joerg Roedel <hidden> · 2020-03-19
Re: [PATCH 70/70] x86/sev-es: Add NMI state tracking · Andy Lutomirski <luto@kernel.org> · 2020-03-19
Re: [PATCH 70/70] x86/sev-es: Add NMI state tracking · Joerg Roedel <joro@8bytes.org> · 2020-03-20
[RFC PATCH v2.1] x86/sev-es: Handle NMI State · Joerg Roedel <joro@8bytes.org> · 2020-03-20
Re: [RFC PATCH v2.1] x86/sev-es: Handle NMI State · Dave Hansen <hidden> · 2020-03-20
Re: [RFC PATCH v2.1] x86/sev-es: Handle NMI State · Joerg Roedel <joro@8bytes.org> · 2020-03-20
Re: [PATCH 70/70] x86/sev-es: Add NMI state tracking · Mika Penttilä <hidden> · 2020-03-19
Re: [PATCH 70/70] x86/sev-es: Add NMI state tracking · Joerg Roedel <hidden> · 2020-03-19
[PATCH 69/70] x86/cpufeature: Add SEV_ES_GUEST CPU Feature · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 68/70] x86/sev-es: Support CPU offline/online · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 67/70] x86/head/64: Rename start_cpu0 · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 28/70] x86/idt: Move two function from k/idt.c to i/a/desc.h · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 64/70] x86/realmode: Add SEV-ES specific trampoline entry point · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 61/70] x86/paravirt: Allow hypervisor specific VMMCALL handling under SEV-ES · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 60/70] x86/sev-es: Handle #DB Events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 59/70] x86/sev-es: Handle #AC Events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 27/70] x86/idt: Split idt_data setup out of set_intr_gate() · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 56/70] x86/sev-es: Handle MONITOR/MONITORX Events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 55/70] x86/sev-es: Handle RDTSCP Events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH] Allow RDTSC and RDTSCP from userspace · Mike Stunes <hidden> · 2020-04-24
Re: [PATCH] Allow RDTSC and RDTSCP from userspace · Dave Hansen <hidden> · 2020-04-24
Re: [PATCH] Allow RDTSC and RDTSCP from userspace · Tom Lendacky <thomas.lendacky@amd.com> · 2020-04-24
Re: [PATCH] Allow RDTSC and RDTSCP from userspace · Dave Hansen <hidden> · 2020-04-24
Re: [PATCH] Allow RDTSC and RDTSCP from userspace · Joerg Roedel <hidden> · 2020-04-25
Re: [PATCH] Allow RDTSC and RDTSCP from userspace · Andy Lutomirski <luto@kernel.org> · 2020-04-25
Re: [PATCH] Allow RDTSC and RDTSCP from userspace · Joerg Roedel <joro@8bytes.org> · 2020-04-25
Re: [PATCH] Allow RDTSC and RDTSCP from userspace · Andy Lutomirski <luto@amacapital.net> · 2020-04-25
Re: [PATCH] Allow RDTSC and RDTSCP from userspace · Joerg Roedel <joro@8bytes.org> · 2020-04-25
Re: [PATCH] Allow RDTSC and RDTSCP from userspace · Andy Lutomirski <luto@kernel.org> · 2020-04-25
Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Andy Lutomirski <luto@kernel.org> · 2020-04-27
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Andrew Cooper <hidden> · 2020-04-27
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Tom Lendacky <thomas.lendacky@amd.com> · 2020-04-27
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Joerg Roedel <hidden> · 2020-04-28
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Andrew Cooper <hidden> · 2020-04-28
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Joerg Roedel <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Joerg Roedel <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Joerg Roedel <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Joerg Roedel <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Joerg Roedel <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Andrew Cooper <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Dave Hansen <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Borislav Petkov <bp@alien8.de> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Andrew Cooper <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Andrew Cooper <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Borislav Petkov <bp@alien8.de> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Joerg Roedel <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Joerg Roedel <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Joerg Roedel <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Joerg Roedel <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Joerg Roedel <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Peter Zijlstra <peterz@infradead.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Andrew Cooper <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Borislav Petkov <bp@alien8.de> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Andrew Cooper <hidden> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Andy Lutomirski <luto@kernel.org> · 2020-06-23
Re: Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) · Andrew Cooper <hidden> · 2020-06-23
Re: [PATCH] Allow RDTSC and RDTSCP from userspace · Dave Hansen <hidden> · 2020-04-27
Re: [PATCH] Allow RDTSC and RDTSCP from userspace · Joerg Roedel <hidden> · 2020-04-25
[PATCH 54/70] x86/sev-es: Handle INVD Events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 52/70] x86/sev-es: Handle RDTSC Events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 50/70] x86/sev-es: Handle DR7 read/write events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 49/70] x86/sev-es: Handle MSR events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 48/70] x86/sev-es: Handle MMIO String Instructions · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 47/70] x86/sev-es: Handle MMIO events · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 43/70] x86/sev-es: Wire up existing #VC exit-code handlers · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 42/70] x86/sev-es: Support nested #VC exceptions · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 42/70] x86/sev-es: Support nested #VC exceptions · Andy Lutomirski <luto@kernel.org> · 2020-03-19
Re: [PATCH 42/70] x86/sev-es: Support nested #VC exceptions · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 44/70] x86/sev-es: Handle instruction fetches from user-space · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler · Mike Stunes <hidden> · 2020-04-14
Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler · Tom Lendacky <thomas.lendacky@amd.com> · 2020-04-14
Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler · Dave Hansen <hidden> · 2020-04-14
Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler · Tom Lendacky <thomas.lendacky@amd.com> · 2020-04-14
Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler · Tom Lendacky <thomas.lendacky@amd.com> · 2020-04-14
Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler · Joerg Roedel <hidden> · 2020-04-15
Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler · Joerg Roedel <hidden> · 2020-04-15
Re: Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler · Bo Gan <hidden> · 2020-04-23
Re: Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler · Joerg Roedel <hidden> · 2020-04-23
[PATCH 41/70] x86/sev-es: Add Runtime #VC Exception Handler · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 41/70] x86/sev-es: Add Runtime #VC Exception Handler · Andy Lutomirski <luto@kernel.org> · 2020-03-19
Re: [PATCH 41/70] x86/sev-es: Add Runtime #VC Exception Handler · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 41/70] x86/sev-es: Add Runtime #VC Exception Handler · Andy Lutomirski <luto@kernel.org> · 2020-03-19
Re: [PATCH 41/70] x86/sev-es: Add Runtime #VC Exception Handler · Joerg Roedel <hidden> · 2020-03-19
[PATCH 36/70] x86/sev-es: Add SEV-ES Feature Detection · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 38/70] x86/sev-es: Setup early #VC handler · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 37/70] x86/sev-es: Compile early handler code into kernel image · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 35/70] x86/head/64: Move early exception dispatch to C code · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 33/70] x86/head/64: Build k/head64.c with -fno-stack-protector · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 31/70] x86/head/64: Load segment registers earlier · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 32/70] x86/head/64: Switch to initial stack earlier · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 30/70] x86/head/64: Reload GDT after switch to virtual addresses · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 26/70] x86/idt: Move IDT to data segment · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 22/70] x86/boot/compressed/64: Setup GHCB Based VC Exception handler · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 25/70] x86/sev-es: Add CPUID handling to #VC handler · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 23/70] x86/sev-es: Add support for handling IOIO exceptions · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 23/70] x86/sev-es: Add support for handling IOIO exceptions · David Rientjes <rientjes@google.com> · 2020-03-20
Re: [PATCH 23/70] x86/sev-es: Add support for handling IOIO exceptions · Joerg Roedel <hidden> · 2020-03-20
[PATCH 24/70] x86/fpu: Move xgetbv()/xsetbv() into separate header · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 21/70] x86/boot/compressed/64: Add function to map a page unencrypted · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 21/70] x86/boot/compressed/64: Add function to map a page unencrypted · David Rientjes <rientjes@google.com> · 2020-03-20
Re: [PATCH 21/70] x86/boot/compressed/64: Add function to map a page unencrypted · Dave Hansen <hidden> · 2020-03-20
Re: [PATCH 21/70] x86/boot/compressed/64: Add function to map a page unencrypted · Joerg Roedel <joro@8bytes.org> · 2020-03-20
Re: [PATCH 21/70] x86/boot/compressed/64: Add function to map a page unencrypted · Dave Hansen <hidden> · 2020-03-20
Re: [PATCH 21/70] x86/boot/compressed/64: Add function to map a page unencrypted · Joerg Roedel <joro@8bytes.org> · 2020-03-21
[PATCH 18/70] x86/boot/compressed/64: Add stage1 #VC handler · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 18/70] x86/boot/compressed/64: Add stage1 #VC handler · David Rientjes <rientjes@google.com> · 2020-03-20
Re: [PATCH 18/70] x86/boot/compressed/64: Add stage1 #VC handler · Joerg Roedel <joro@8bytes.org> · 2020-03-20
Re: [PATCH 18/70] x86/boot/compressed/64: Add stage1 #VC handler · Borislav Petkov <bp@alien8.de> · 2020-04-06
[PATCH 19/70] x86/boot/compressed/64: Call set_sev_encryption_mask earlier · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 17/70] x86/boot/compressed/64: Change add_identity_map() to take start and end · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 14/70] x86/boot/compressed/64: Add page-fault handler · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 14/70] x86/boot/compressed/64: Add page-fault handler · Borislav Petkov <bp@alien8.de> · 2020-04-02
[PATCH 11/70] x86/boot/compressed/64: Disable red-zone usage · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 11/70] x86/boot/compressed/64: Disable red-zone usage · Borislav Petkov <bp@alien8.de> · 2020-03-31
[PATCH 06/70] x86/umip: Factor out instruction fetch · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 06/70] x86/umip: Factor out instruction fetch · Borislav Petkov <bp@alien8.de> · 2020-03-26
[PATCH 09/70] x86/insn: Add insn_rep_prefix() helper · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 09/70] x86/insn: Add insn_rep_prefix() helper · Masami Hiramatsu <mhiramat@kernel.org> · 2020-03-27
[PATCH 08/70] x86/insn: Add insn_get_modrm_reg_off() · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 08/70] x86/insn: Add insn_get_modrm_reg_off() · Masami Hiramatsu <mhiramat@kernel.org> · 2020-03-27
[PATCH 07/70] x86/umip: Factor out instruction decoding · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 07/70] x86/umip: Factor out instruction decoding · Borislav Petkov <bp@alien8.de> · 2020-03-26
[PATCH 05/70] x86/insn: Make inat-tables.c suitable for pre-decompression code · Joerg Roedel <joro@8bytes.org> · 2020-03-19
Re: [PATCH 05/70] x86/insn: Make inat-tables.c suitable for pre-decompression code · Borislav Petkov <bp@alien8.de> · 2020-03-25
Re: [PATCH 05/70] x86/insn: Make inat-tables.c suitable for pre-decompression code · Masami Hiramatsu <mhiramat@kernel.org> · 2020-03-27
Re: [PATCH 05/70] x86/insn: Make inat-tables.c suitable for pre-decompression code · Joerg Roedel <joro@8bytes.org> · 2020-04-16
Re: [PATCH 05/70] x86/insn: Make inat-tables.c suitable for pre-decompression code · Masami Hiramatsu <mhiramat@kernel.org> · 2020-04-17
Re: [PATCH 05/70] x86/insn: Make inat-tables.c suitable for pre-decompression code · Joerg Roedel <joro@8bytes.org> · 2020-04-17
[PATCH 03/70] x86/cpufeatures: Add SEV-ES CPU feature · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH 01/70] KVM: SVM: Add GHCB definitions · Joerg Roedel <joro@8bytes.org> · 2020-03-19
[PATCH] KVM: SVM: Use __packed shorthard · Borislav Petkov <bp@alien8.de> · 2020-03-23
Re: [PATCH] KVM: SVM: Use __packed shorthard · Joerg Roedel <joro@8bytes.org> · 2020-03-24
[PATCH 02/70] KVM: SVM: Add GHCB Accessor functions · Joerg Roedel <joro@8bytes.org> · 2020-03-19

From: Joerg Roedel <hidden>
Date: 2020-06-23 11:30:17
Also in: kvm, lkml

On Tue, Jun 23, 2020 at 01:07:06PM +0200, Peter Zijlstra wrote:

On Tue, Apr 28, 2020 at 09:55:12AM +0200, Joerg Roedel wrote:

So what happens if this #VC triggers on the first access to the #VC
stack, because the malicious host has craftily mucked with only the #VC
IST stack page?

Or on the NMI IST stack, then we get #VC in NMI before the NMI can fix
you up.

AFAICT all of that is non-recoverable.

I am not 100% sure, but I think if the #VC stack page is not validated,
the #VC should be promoted to a #DF.

Note that this is an issue only with secure nested paging (SNP), which
is not enabled yet with this patch-set. When it gets enabled a stack
recursion check in the #VC handler is needed which panics the VM. That
also fixes the #VC-in-early-NMI problem.

Regards,

	Joerg

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help