Re: [RFCv2 15/16] KVM: Unmap protected pages from direct mapping

From: Edgecombe, Rick P
Date: Wed Oct 21 2020 - 14:49:57 EST

Next message: Andrea Mayer: "[RFC,net-next, 0/4] seg6: add support for SRv6 End.DT4 behavior"
Previous message: Edgecombe, Rick P: "Re: [RFCv2 09/16] KVM: mm: Introduce VM_KVM_PROTECTED"
In reply to: Edgecombe, Rick P: "Re: [RFCv2 15/16] KVM: Unmap protected pages from direct mapping"
Next in thread: Mike Rapoport: "Re: [RFCv2 15/16] KVM: Unmap protected pages from direct mapping"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2020-10-20 at 09:18 +0300, Kirill A. Shutemov wrote:
> If the protected memory feature enabled, unmap guest memory from
> kernel's direct mappings.
>
> Migration and KSM is disabled for protected memory as it would
> require a
> special treatment.
>
So do we care about this scenario where a malicious userspace causes a
kernel oops? I'm not sure if it's prevented somehow.

CPU0 (exercising other kernel functionality) CPU1
mark page shared
page = get_user_pages(!FOLL_KVM)
mark page private
kmap(page)
access unmapped page and oops

Next message: Andrea Mayer: "[RFC,net-next, 0/4] seg6: add support for SRv6 End.DT4 behavior"
Previous message: Edgecombe, Rick P: "Re: [RFCv2 09/16] KVM: mm: Introduce VM_KVM_PROTECTED"
In reply to: Edgecombe, Rick P: "Re: [RFCv2 15/16] KVM: Unmap protected pages from direct mapping"
Next in thread: Mike Rapoport: "Re: [RFCv2 15/16] KVM: Unmap protected pages from direct mapping"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]