Re: [RFC PATCH V4 06/17] x86/hyperv: decrypt VMBus pages for sev-snp enlightened guest

From: Tianyu Lan
Date: Fri Apr 14 2023 - 00:41:03 EST

Next message: Krishna Kurapati PSSNV: "Re: [PATCH v6 0/8] Add multiport support for DWC3 controllers"
Previous message: Lin, Wayne: "RE: [PATCH] drm: make drm_dp_add_payload_part2 gracefully handle NULL state pointer"
In reply to: Michael Kelley (LINUX): "RE: [RFC PATCH V4 06/17] x86/hyperv: decrypt VMBus pages for sev-snp enlightened guest"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/12/2023 10:32 PM, Michael Kelley (LINUX) wrote:

@@ -191,6 +222,15 @@ void hv_synic_free(void)
free_page((unsigned long)hv_cpu->synic_event_page);
free_page((unsigned long)hv_cpu->synic_message_page);
free_page((unsigned long)hv_cpu->post_msg_page);
+
+ if (hv_isolation_type_en_snp()) {
+ set_memory_encrypted((unsigned long)
+ hv_cpu->synic_message_page, 1);
+ set_memory_encrypted((unsigned long)
+ hv_cpu->synic_event_page, 1);
+ set_memory_encrypted((unsigned long)
+ hv_cpu->post_msg_page, 1);
+ }

The re-encryption must be done*before* pages are freed!

Furthermore, if the re-encryption fails, we should not free
the page as it would pollute the free memory pool. The best
we can do is leak the memory. See Patch 5 in Dexuan's
TDX series, which does the same thing (but still doesn't
get it quite right, per my comments).

You are right. The order is wrong. we should figure out a right solution to handle such case.

Next message: Krishna Kurapati PSSNV: "Re: [PATCH v6 0/8] Add multiport support for DWC3 controllers"
Previous message: Lin, Wayne: "RE: [PATCH] drm: make drm_dp_add_payload_part2 gracefully handle NULL state pointer"
In reply to: Michael Kelley (LINUX): "RE: [RFC PATCH V4 06/17] x86/hyperv: decrypt VMBus pages for sev-snp enlightened guest"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]