Re: [RFC v1 05/26] x86/traps: Add #VE support for TDX guest
From: Andi Kleen
Date: Sun Feb 14 2021 - 14:38:24 EST
On Fri, Feb 12, 2021 at 01:48:36PM -0800, Dave Hansen wrote:
> On 2/12/21 1:47 PM, Andy Lutomirski wrote:
> >> What about adding a property to the TD, e.g. via a flag set during TD creation,
> >> that controls whether unaccepted accesses cause #VE or are, for all intents and
> >> purposes, fatal? That would allow Linux to pursue treating EPT #VEs for private
> >> GPAs as fatal, but would give us a safety and not prevent others from utilizing
> >> #VEs.
> > That seems reasonable.
>
> Ditto.
>
> We first need to double check to see if the docs are right, though.
I confirmed with the TDX module owners that #VE can only happen for:
- unaccepted pages
- instructions like MSR access or CPUID
- specific instructions that are no in the syscall gap
Also if there are future asynchronous #VEs they would only happen
with IF=1, which would also protect the gap.
So no need to make #VE an IST.
-Andi