Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5527385yba; Mon, 13 May 2019 12:26:16 -0700 (PDT) X-Google-Smtp-Source: APXvYqwzzxo+GAKpe7OtyM2m5T0u48yjM75mSWuYAoY5R3ZqQsXSu2iEFjeIbx5RUAAKul7Hi0X9 X-Received: by 2002:a17:902:7797:: with SMTP id o23mr32483878pll.147.1557775575890; Mon, 13 May 2019 12:26:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557775575; cv=none; d=google.com; s=arc-20160816; b=uC+Xv5tOYvhfXggPJEOoKM+pQw5xUzujvBYJ8YJqOrnhK9CJtCi2WBC0iWtCrnDLkx 1T25kDd4Iez9SqGRv7IKqZ5MZh14GGDSXCVLlNxWnCDqEHu3DR9uX30Mot0iYxUO9nKZ yaFOxDt2/jLI4SoLHzldUbbG77VWTTTic9aevUP/+HaULgcBdc/d/gAq9W8fO3oecqlH SWISxdw17JtlSXrh0UM+lN3EbSSQ7d7MEWhBj1v/iuMtLDDmGxmYXNa4Je4/ExZ2QUwq 5iBJCCjBxHgeSBYTL7RBGkKApXldJdmf/xJl6vq+YKm9CoMfGBvrF23KIeI2eFRiVmW2 bThQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=eCJScE0b+VNTPBqsRt3H1dcVApPbPwSgCSFEuoANhc8=; b=wLFzmYtRvTexrsWywbRxr7ra0fXFzu2uw8in5V4Rj2r6raBKrVlQ/yXu61p5PXIYwZ ieD9yYRCLhcVSyuep5kBC95juwCEf8mCCcJr2lQbBMl9zN5UNAmfALKW+EuVyQCaD//N 0K5kPXbpWCLlrYrBpii09cLlPkRRJQhAEj2QYAwVWWOYanN6m/PuiKW9i9BfBlntCV4p LMeXNrMbV34Xmpog3EMInd5S0L/PVLRy6agjEBL1IrxpIpQ+vbpCLeq/LBqcDjfhrUZ2 MD8CnifTpz1SyDW7lF9g5AGXNP/tPxitzBNj0zqioFnO3EZ8AoEWtiEnhNe1r6QKVpjg utwA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=QnhBLyrl; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 61si17988729plr.51.2019.05.13.12.25.59; Mon, 13 May 2019 12:26:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=QnhBLyrl; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730364AbfEMQCr (ORCPT + 99 others); Mon, 13 May 2019 12:02:47 -0400 Received: from mail.kernel.org ([198.145.29.99]:44022 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730250AbfEMQCr (ORCPT ); Mon, 13 May 2019 12:02:47 -0400 Received: from mail-wr1-f48.google.com (mail-wr1-f48.google.com [209.85.221.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 111742168B for ; Mon, 13 May 2019 16:02:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1557763366; bh=beoZx4frclCxoXSfTxDXkTuSz0AY0hIAwe1mG3lYD+0=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=QnhBLyrlFAFdFMdYGjrxtpZTRix4ohkczb2rqgQsWALhgFd6D7tiD8w3qEuQjKa4t 6gACJ1mq+rjkrjjgv78C9L1ngGrELfh60U9CNvxeFR0bF4yIiw25vABiO2v6YO8nwh 2BOKdf6lHrzPUcK3M8mxJ2O4+dZiPBseqIuRUnko= Received: by mail-wr1-f48.google.com with SMTP id b18so5942405wrq.12 for ; Mon, 13 May 2019 09:02:46 -0700 (PDT) X-Gm-Message-State: APjAAAXVTghcHUeekLFqUl2ClpKc5SLuxdD2AL++L+cu8mNfmKldqJBn zLqAswuLBqr4hIhFKB1a5mOloWcJqaSFTomedjImug== X-Received: by 2002:adf:fb4a:: with SMTP id c10mr17614362wrs.309.1557763364695; Mon, 13 May 2019 09:02:44 -0700 (PDT) MIME-Version: 1.0 References: <1557758315-12667-1-git-send-email-alexandre.chartre@oracle.com> <1557758315-12667-25-git-send-email-alexandre.chartre@oracle.com> In-Reply-To: <1557758315-12667-25-git-send-email-alexandre.chartre@oracle.com> From: Andy Lutomirski Date: Mon, 13 May 2019 09:02:33 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [RFC KVM 24/27] kvm/isolation: KVM page fault handler To: Alexandre Chartre Cc: Paolo Bonzini , Radim Krcmar , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Dave Hansen , Andrew Lutomirski , Peter Zijlstra , kvm list , X86 ML , Linux-MM , LKML , Konrad Rzeszutek Wilk , jan.setjeeilers@oracle.com, Liran Alon , Jonathan Adams Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 13, 2019 at 7:39 AM Alexandre Chartre wrote: > > The KVM page fault handler handles page fault occurring while using > the KVM address space by switching to the kernel address space and > retrying the access (except if the fault occurs while switching > to the kernel address space). Processing of page faults occurring > while using the kernel address space is unchanged. > > Page fault log is cleared when creating a vm so that page fault > information doesn't persist when qemu is stopped and restarted. Are you saying that a page fault will just exit isolation? This completely defeats most of the security, right? Sure, it still helps with side channels, but not with actual software bugs.