Re: [RFC KVM 24/27] kvm/isolation: KVM page fault handler

From: Andy Lutomirski
Date: Mon May 13 2019 - 12:04:21 EST

Next message: Doug Anderson: "Re: [PATCH 4/4] Revert "platform/chrome: cros_ec_spi: Transfer messages at high priority""
Previous message: Mark Brown: "Re: [PATCH 4/4] Revert "platform/chrome: cros_ec_spi: Transfer messages at high priority""
In reply to: Andy Lutomirski: "Re: [RFC KVM 24/27] kvm/isolation: KVM page fault handler"
Next in thread: Alexandre Chartre: "Re: [RFC KVM 24/27] kvm/isolation: KVM page fault handler"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, May 13, 2019 at 7:39 AM Alexandre Chartre
<alexandre.chartre@xxxxxxxxxx> wrote:
>
> The KVM page fault handler handles page fault occurring while using
> the KVM address space by switching to the kernel address space and
> retrying the access (except if the fault occurs while switching
> to the kernel address space). Processing of page faults occurring
> while using the kernel address space is unchanged.
>
> Page fault log is cleared when creating a vm so that page fault
> information doesn't persist when qemu is stopped and restarted.

Are you saying that a page fault will just exit isolation? This
completely defeats most of the security, right? Sure, it still helps
with side channels, but not with actual software bugs.

Next message: Doug Anderson: "Re: [PATCH 4/4] Revert "platform/chrome: cros_ec_spi: Transfer messages at high priority""
Previous message: Mark Brown: "Re: [PATCH 4/4] Revert "platform/chrome: cros_ec_spi: Transfer messages at high priority""
In reply to: Andy Lutomirski: "Re: [RFC KVM 24/27] kvm/isolation: KVM page fault handler"
Next in thread: Alexandre Chartre: "Re: [RFC KVM 24/27] kvm/isolation: KVM page fault handler"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]