Re: [PATCH] Allow RDTSC and RDTSCP from userspace
From: Dave Hansen
Date: Mon Apr 27 2020 - 14:47:10 EST
On 4/25/20 5:49 AM, Joerg Roedel wrote:
>> That's a fun point because it means that the (untrusted) hypervisor can
>> cause endless faults. I *guess* we have mitigation for this with our
>> stack guard pages, but it's still a bit nasty that the hypervisor can
>> arbitrarily land a guest in the double-fault handler.
>>
>> It just all seems a bit weak for the hypervisor to be considered
>> untrusted. But, it's _certainly_ a steep in the right direction from SEV.
> Yeah, a malicious hypervisor can do bad things to an SEV-ES VM, but it
> can't easily steal its secrets from memory or registers. The #VC handler
> does its best to just crash the VM if unexpected hypervisor behavior is
> detected.
This is the kind of design information that would be very useful to
reviewers. Will some of this information make it into the cover letter
eventually? Or, Documentation/?
Also, for the security purists, an SEV-ES host is still trusted (in the
same TCB as the guest). Truly guest-untrusted VMMs won't be available
until SEV-SNP, right?