Re: [RFC v1 05/26] x86/traps: Add #VE support for TDX guest

From: Dave Hansen
Date: Fri Feb 12 2021 - 15:18:19 EST

Next message: Andy Lutomirski: "Re: [RFC v1 05/26] x86/traps: Add #VE support for TDX guest"
Previous message: Andrew Morton: "Re: [PATCH mm] kasan: export HW_TAGS symbols for KUnit tests"
In reply to: Sean Christopherson: "Re: [RFC v1 05/26] x86/traps: Add #VE support for TDX guest"
Next in thread: Sean Christopherson: "Re: [RFC v1 05/26] x86/traps: Add #VE support for TDX guest"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2/12/21 12:06 PM, Sean Christopherson wrote:
>> What happens if the guest attempts to access a secure GPA that is not
>> ACCEPTed? For example, suppose the VMM does THH.MEM.PAGE.REMOVE on a secure
>> address and the guest accesses it, via instruction fetch or data access.
>> What happens?
> Well, as currently written in the spec, it will generate an EPT violation and
> the host will have no choice but to kill the guest.

That's actually perfect behavior from my perspective. Host does
something stupid. Host gets left holding the pieces. No enabling to do
in the guest.

This doesn't *preclude* the possibility that the VMM and guest could
establish a protocol to remove guest pages. It just means that the host
can't go it alone and that if they guest and host get out of sync, the
guest dies.

In other words, I think I'm rooting for the docs, as written. :)

Next message: Andy Lutomirski: "Re: [RFC v1 05/26] x86/traps: Add #VE support for TDX guest"
Previous message: Andrew Morton: "Re: [PATCH mm] kasan: export HW_TAGS symbols for KUnit tests"
In reply to: Sean Christopherson: "Re: [RFC v1 05/26] x86/traps: Add #VE support for TDX guest"
Next in thread: Sean Christopherson: "Re: [RFC v1 05/26] x86/traps: Add #VE support for TDX guest"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]