Re: [PATCH v3 5/5] x86/sev-es: Do not support MMIO to/from encrypted memory

From: Borislav Petkov
Date: Tue Oct 27 2020 - 07:26:44 EST

Next message: Valentin Schneider: "Re: default cpufreq gov, was: [PATCH] sched/fair: check for idle core"
Previous message: Greg KH: "Re: [PATCH] staging: rtl8192e, rtl8192u: use correct notation to define pointer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 21, 2020 at 02:39:38PM +0200, Joerg Roedel wrote:
> From: Joerg Roedel <jroedel@xxxxxxx>
>
> MMIO memory is usually not mapped encrypted, so there is no reason to
> support emulated MMIO when it is mapped encrypted.
>
> This prevents a possible hypervisor attack where it maps a RAM page as

"Prevent... "

> an MMIO page in the nested page-table, so that any guest access to it
> will trigger a #VC exception and leak the data on that page to the
^

"... via the GHCB (like with normal MMIO)... "

Thx.

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: Valentin Schneider: "Re: default cpufreq gov, was: [PATCH] sched/fair: check for idle core"
Previous message: Greg KH: "Re: [PATCH] staging: rtl8192e, rtl8192u: use correct notation to define pointer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]