Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support

From: Joerg Roedel
Date: Wed Nov 24 2021 - 11:03:49 EST

Next message: Andy Shevchenko: "Re: [PATCH 1/3] hwmon: (nct6775) Use nct6775_*() lock function pointers in nct6775_data."
Previous message: Babu Moger: "[PATCH v2] hwmon: (k10temp) Support up to 12 CCDs on AMD Family of processors"
Next in thread: Dave Hansen: "Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Nov 22, 2021 at 02:51:35PM -0800, Dave Hansen wrote:
> My preference would be that we never have SEV-SNP code in the kernel
> that can panic() the host from guest userspace. If that means waiting
> until there's common guest unmapping infrastructure around, then I think
> we should wait.

Can you elaborate how to crash host kernel from guest user-space? If I
understood correctly it was about crashing host kernel from _host_
user-space.

I think the RMP-fault path in the page-fault handler needs to take the
uaccess exception tables into account before actually causing a panic.
This should solve most of the problems discussed here.

Maybe we also need the previously suggested copy_from/to_guest()
interfaces.

Regards,

--
Jörg Rödel
jroedel@xxxxxxx

SUSE Software Solutions Germany GmbH
Maxfeldstr. 5
90409 Nürnberg
Germany

(HRB 36809, AG Nürnberg)
Geschäftsführer: Ivo Totev

Next message: Andy Shevchenko: "Re: [PATCH 1/3] hwmon: (nct6775) Use nct6775_*() lock function pointers in nct6775_data."
Previous message: Babu Moger: "[PATCH v2] hwmon: (k10temp) Support up to 12 CCDs on AMD Family of processors"
Next in thread: Dave Hansen: "Re: [PATCH Part2 v5 00/45] Add AMD Secure Nested Paging (SEV-SNP) Hypervisor Support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]