Re: [PATCHv11 6/9] efi/unaccepted: Avoid load_unaligned_zeropad() stepping into unaccepted memory

[Kirill A. Shutemov]

On Tue, May 16, 2023 at 08:35:27PM +0200, Ard Biesheuvel wrote:
> On Tue, 16 May 2023 at 20:27, Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
> >
> > On 5/16/23 11:08, Ard Biesheuvel wrote:
> > >> But, this approach does not work for unaccepted memory. For TDX, a load
> > >> from unaccepted memory will not lead to a recoverable exception within
> > >> the guest. The guest will exit to the VMM where the only recourse is to
> > >> terminate the guest.
> > >>
> > > Does this mean that the kernel maps memory before accepting it? As
> > > otherwise, I would assume that such an access would page fault inside
> > > the guest before triggering an exception related to the unaccepted
> > > state.
> >
> > Yes, the kernel maps memory before accepting it (modulo things like
> > DEBUG_PAGEALLOC).
> >
> 
> OK, and so the architecture stipulates that prefetching or other
> speculative accesses must never deliver exceptions to the host
> regarding such ranges?
> 
> If this all works as it should, then I'm ok with leaving this here,
> but I imagine we may want to factor out some arch specific policy here
> in the future, as I don't think this would work the same on ARM.

Even if other architectures don't need this, it is harmless: we just
accept one unit ahead of time.

-- 
  Kiryl Shutsemau / Kirill A. Shutemov