Re: [PATCHv11 6/9] efi/unaccepted: Avoid load_unaligned_zeropad() stepping into unaccepted memory

[Dave Hansen]

On 5/16/23 11:35, Ard Biesheuvel wrote:
>>> Does this mean that the kernel maps memory before accepting it? As
>>> otherwise, I would assume that such an access would page fault inside
>>> the guest before triggering an exception related to the unaccepted
>>> state.
>> Yes, the kernel maps memory before accepting it (modulo things like
>> DEBUG_PAGEALLOC).
>>
> OK, and so the architecture stipulates that prefetching or other
> speculative accesses must never deliver exceptions to the host
> regarding such ranges?

I don't know of anywhere that this is explicitly written.  It's probably
implicit _somewhere_ in the reams of VMX/TDX and base SDM docs, but heck
if I know where it is. :)

If this is something anyone wants to see added to the SEPT_VE_DISABLE
documentation, please speak up.  I don't think it would be hard to get
it added and provide an explicit guarantee.