Re: [PATCH RFC 3/4] mm: guest_memfd: Add option to remove guest private memory from direct map

From: Manwaring, Derek
Date: Thu Aug 15 2024 - 15:08:39 EST

Next message: Benno Lossin: "Re: [PATCH v5 06/26] rust: alloc: implement `Vmalloc` allocator"
Previous message: Esther Shimanovich: "[PATCH v3] PCI: Detect and trust built-in Thunderbolt chips"
In reply to: Patrick Roy: "Re: [PATCH RFC 3/4] mm: guest_memfd: Add option to remove guest private memory from direct map"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2024-08-07 17:16-0700 Derek Manwaring wrote:
> All that said, we're also dependent on hardware not being subject to
> L1TF-style issues for the currently proposed non-CoCo method to be
> effective. We're simply clearing the Present bit while the physmap PTE
> still points to the guest physical page.

I was wrong here. The set_direct_map_invalid_noflush implementation
moves through __change_page_attr and pfn_pte, eventually arriving at
flip_protnone_guard where the PFN is inverted & thus no longer valid for
pages marked not present. So we do benefit from that prior work's extra
protection against L1TF.

Thank you for finding this, Patrick.

Derek

Next message: Benno Lossin: "Re: [PATCH v5 06/26] rust: alloc: implement `Vmalloc` allocator"
Previous message: Esther Shimanovich: "[PATCH v3] PCI: Detect and trust built-in Thunderbolt chips"
In reply to: Patrick Roy: "Re: [PATCH RFC 3/4] mm: guest_memfd: Add option to remove guest private memory from direct map"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]