Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts

[PATCH V2 00/12] More virtio hardening · Jason Wang <jasowang@redhat.com> · 2021-10-12
[PATCH V2 01/12] virtio-blk: validate num_queues during probe · Jason Wang <jasowang@redhat.com> · 2021-10-12
Re: [PATCH V2 01/12] virtio-blk: validate num_queues during probe · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-13
Re: [PATCH V2 01/12] virtio-blk: validate num_queues during probe · Jason Wang <jasowang@redhat.com> · 2021-10-14
Re: [PATCH V2 01/12] virtio-blk: validate num_queues during probe · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-14
Re: [PATCH V2 01/12] virtio-blk: validate num_queues during probe · Jason Wang <jasowang@redhat.com> · 2021-10-14
[PATCH V2 02/12] virtio: add doc for validate() method · Jason Wang <jasowang@redhat.com> · 2021-10-12
Re: [PATCH V2 02/12] virtio: add doc for validate() method · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-13
Re: [PATCH V2 02/12] virtio: add doc for validate() method · Jason Wang <jasowang@redhat.com> · 2021-10-14
[PATCH V2 05/12] virtio_config: introduce a new ready method · Jason Wang <jasowang@redhat.com> · 2021-10-12
Re: [PATCH V2 05/12] virtio_config: introduce a new ready method · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-13
[PATCH V2 04/12] virtio_console: validate max_nr_ports before trying to use it · Jason Wang <jasowang@redhat.com> · 2021-10-12
[PATCH V2 03/12] virtio-console: switch to use .validate() · Jason Wang <jasowang@redhat.com> · 2021-10-12
Re: [PATCH V2 03/12] virtio-console: switch to use .validate() · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-13
Re: [PATCH V2 03/12] virtio-console: switch to use .validate() · Jason Wang <jasowang@redhat.com> · 2021-10-14
Re: [PATCH V2 03/12] virtio-console: switch to use .validate() · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-14
[PATCH V2 06/12] virtio_pci: harden MSI-X interrupts · Jason Wang <jasowang@redhat.com> · 2021-10-12
Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-13
Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts · Jason Wang <jasowang@redhat.com> · 2021-10-14
Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts · Dongli Zhang <hidden> · 2021-10-15
Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-15
Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts · Jason Wang <jasowang@redhat.com> · 2021-10-19
Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts · Dongli Zhang <hidden> · 2021-10-19
Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts · Jason Wang <jasowang@redhat.com> · 2021-10-20
Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-20
[PATCH V2 09/12] virtio_ring: validate used buffer length · Jason Wang <jasowang@redhat.com> · 2021-10-12
Re: [PATCH V2 09/12] virtio_ring: validate used buffer length · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-13
Re: [PATCH V2 09/12] virtio_ring: validate used buffer length · Jason Wang <jasowang@redhat.com> · 2021-10-14
[PATCH V2 12/12] virtio-scsi: don't let virtio core to validate used buffer length · Jason Wang <jasowang@redhat.com> · 2021-10-12
[PATCH V2 07/12] virtio-pci: harden INTX interrupts · Jason Wang <jasowang@redhat.com> · 2021-10-12
Re: [PATCH V2 07/12] virtio-pci: harden INTX interrupts · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-13
Re: [PATCH V2 07/12] virtio-pci: harden INTX interrupts · Jason Wang <jasowang@redhat.com> · 2021-10-14
Re: [PATCH V2 07/12] virtio-pci: harden INTX interrupts · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-14
Re: [PATCH V2 07/12] virtio-pci: harden INTX interrupts · Jason Wang <jasowang@redhat.com> · 2021-10-14
Re: [PATCH V2 07/12] virtio-pci: harden INTX interrupts · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-14
Re: [PATCH V2 07/12] virtio-pci: harden INTX interrupts · Jason Wang <jasowang@redhat.com> · 2021-10-14
Re: [PATCH V2 07/12] virtio-pci: harden INTX interrupts · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-14
Re: [PATCH V2 07/12] virtio-pci: harden INTX interrupts · Jason Wang <jasowang@redhat.com> · 2021-10-14
Re: [PATCH V2 07/12] virtio-pci: harden INTX interrupts · "Michael S. Tsirkin" <mst@redhat.com> · 2021-10-14
Re: [PATCH V2 07/12] virtio-pci: harden INTX interrupts · Jason Wang <jasowang@redhat.com> · 2021-10-14
[PATCH V2 10/12] virtio-net: don't let virtio core to validate used length · Jason Wang <jasowang@redhat.com> · 2021-10-12
[PATCH V2 08/12] virtio_ring: fix typos in vring_desc_extra · Jason Wang <jasowang@redhat.com> · 2021-10-12
[PATCH V2 11/12] virtio-blk: don't let virtio core to validate used length · Jason Wang <jasowang@redhat.com> · 2021-10-12

From: "Michael S. Tsirkin" <mst@redhat.com>
Date: 2021-10-20 06:56:36
Also in: lkml

On Wed, Oct 20, 2021 at 09:33:49AM +0800, Jason Wang wrote:

quoted

In my own opinion, the threat model is:

Attacker: 'malicious' hypervisor

Victim: VM with SEV/TDX/SGX

The attacker should not be able to steal secure/private data from VM, when the
hypervisor's action is unexpected. DoS is out of the scope.

My concern is: it is very hard to clearly explain in the patchset how the
hypervisor is able to steal VM's data, by setting queue=0 or injecting unwanted
interrupts to VM.

Yes, it's a hard question but instead of trying to answer that, we can
just fix the case of e.g unexpected interrupts.

Thanks

I think this it's still early days for TDX. So it's a bit early to talk
about threat models, start opening CVEs and distinguishing between
security and non-security bugs.

-- 
MST

_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help