Re: [PATCH Part2 v6 14/49] crypto: ccp: Handle the legacy TMR allocation when SNP is enabled

From: Kalra, Ashish
Date: Wed Nov 16 2022 - 13:55:25 EST


On 11/16/2022 12:33 PM, Borislav Petkov wrote:
On Wed, Nov 16, 2022 at 12:01:11PM -0600, Kalra, Ashish wrote:
Ok, so i will work on implementing this leaked pages list and put it on a
sev/snp associated structure.

See __sgx_sanitize_pages() and the poison list there, for an example.

Also to add here, we will actually get a not-present #PF instead of the RMP
violation #PF on writing to these leaked pages, as these pages would have
been removed from the kernel direct map.

So if you do the list and still have the kernel raise a RMP fault for
those pages, traversing that list in the RMP handler to check whether
the page is there on it, should be a lot faster operation than doing the
#PF thing and removing them from the direct map.


Actually, these host allocated pages would have already been removed from the kernel direct map, when they were transitioned to the firmware state. So actually the not-present #PF fault will happen on any read/write access to these leaked pages instead of the RMP violation #PF (not-present #PF has higher priority than RMP violation #PF).

If these pages cannot be reclaimed, they are unsafe to use and cannot be added back to the kernel direct map.

Thanks,
Ashish

And sorry for misleading you about UPM - we were thinking wrong
yesterday.

Thx.