Re: [RFC 00/16] KVM protected memory extension

From: Jim Mattson
Date: Thu Jun 04 2020 - 17:03:28 EST

Next message: Denis Efremov: "Re: [Cocci] [PATCH v2] coccinelle: api: add kzfree script"
Previous message: Max Filippov: "[PATCH] kernel/modules: fix build without ARCH_HAS_STRICT_MODULE_RWX"
In reply to: Nakajima, Jun: "Re: [RFC 00/16] KVM protected memory extension"
Next in thread: Nakajima, Jun: "Re: [RFC 00/16] KVM protected memory extension"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jun 4, 2020 at 12:09 PM Nakajima, Jun <jun.nakajima@xxxxxxxxx> wrote:

> We (Intel virtualization team) are also working on a similar thing, prototyping to meet such requirements, i..e "some level of confidentiality to guestsâ. Linux/KVM is the host, and the Kirillâs patches are helpful when removing the mappings from the host to achieve memory isolation of a guest. But, itâs not easy to prove there are no other mappings.
>
> To raise the level of security, our idea is to de-privilege the host kernel just to enforce memory isolation using EPT (Extended Page Table) that virtualizes guest (the host kernel in this case) physical memory; almost everything is passthrough. And the EPT for the host kernel excludes the memory for the guest(s) that has confidential info. So, the host kernel shouldnât cause VM exits as long as itâs behaving well (CPUID still causes a VM exit, though).

You're Intel. Can't you just change the CPUID intercept from required
to optional? It seems like this should be in the realm of a small
microcode patch.

Next message: Denis Efremov: "Re: [Cocci] [PATCH v2] coccinelle: api: add kzfree script"
Previous message: Max Filippov: "[PATCH] kernel/modules: fix build without ARCH_HAS_STRICT_MODULE_RWX"
In reply to: Nakajima, Jun: "Re: [RFC 00/16] KVM protected memory extension"
Next in thread: Nakajima, Jun: "Re: [RFC 00/16] KVM protected memory extension"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]