Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp1196338ybg; Thu, 4 Jun 2020 03:40:57 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzKoAzXMpGHDdNLRzhOubI1fOkRFH168MCveoir1R5dgnj5RH0Bfl6AUXbSHMtPRxT7nxin X-Received: by 2002:aa7:c986:: with SMTP id c6mr3732467edt.335.1591267257293; Thu, 04 Jun 2020 03:40:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591267257; cv=none; d=google.com; s=arc-20160816; b=F2Yb88NcGDah5Y++T0wxZbiWHdskVlhxS1qsG7UKK+gT9taJyfYwfTg4s99u7eQ3HD wscheUVEeaK5YCofbsYFrUXk3rJitqGx5ZiWYuCAUDAjxb/V0sxyvcQY4fbTLZHP9la8 jfo2FYnpw5aaW55FV12UNwYrXgYMp+JAbN3k8Ya2MZje1kknYsh4aDjRdZ7ubPwwYS6c 9ynVSt0MmNVybkFVdZia8u/PVIIxXwDOvCN/R9zRiey+UpvFRL1go9dCRDcW/2RlS7If 0ZEOu5eal8Tl1aGQ7gAXFkJ6cRbhECsb2kIeG+cqw33TYTFPqHu3x5HSGSzf01xS1XFt AeBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=eoG+ptELIkIJFRyOdt/L4Jgbc/yMY/ceKK/WBf5Zg8M=; b=t9ndcmb/oeUL8Ru/wBusQJ4rCtqAIodf8xkL++bMxymMoOl6rcBoiddGpLlYxu6wKt oiI6Cwj5+D/UpQ6X3M6l2JLqwcti9TDfcEJlDB4bQuiSfUcbefwSQQfKOR64aS9aBu19 wrM5jB1RfMAbMSQyG4FZh2z0OL7IM9Q0WuS1R7eY6bJZLlzfaXMM7u5RSo4cvMmsiJdI QiWjxzmQR3Kq+ZECqdf8UY0/iremvpbznhLYa2WAfkk3KRqkrym4WLYAjhex/Ol/1WRG F20vHSI3T8AxTZWS+npSOOsyR/u8MrQgSCsBAJtDyFYt1PrIdnZ3QNkx8rLNl8eoeyCI 1V4A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id n9si1385241eju.428.2020.06.04.03.40.34; Thu, 04 Jun 2020 03:40:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728369AbgFDKPJ (ORCPT + 99 others); Thu, 4 Jun 2020 06:15:09 -0400 Received: from 8bytes.org ([81.169.241.247]:46204 "EHLO theia.8bytes.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727850AbgFDKPF (ORCPT ); Thu, 4 Jun 2020 06:15:05 -0400 Received: by theia.8bytes.org (Postfix, from userid 1000) id D9CA726F; Thu, 4 Jun 2020 12:15:03 +0200 (CEST) Date: Thu, 4 Jun 2020 12:15:02 +0200 From: Joerg Roedel To: Sean Christopherson Cc: x86@kernel.org, hpa@zytor.com, Andy Lutomirski , Dave Hansen , Peter Zijlstra , Thomas Hellstrom , Jiri Slaby , Dan Williams , Tom Lendacky , Juergen Gross , Kees Cook , David Rientjes , Cfir Cohen , Erdem Aktas , Masami Hiramatsu , Mike Stunes , Joerg Roedel , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, virtualization@lists.linux-foundation.org Subject: Re: [PATCH v3 25/75] x86/sev-es: Add support for handling IOIO exceptions Message-ID: <20200604101502.GA20739@8bytes.org> References: <20200428151725.31091-1-joro@8bytes.org> <20200428151725.31091-26-joro@8bytes.org> <20200520062055.GA17090@linux.intel.com> <20200603142325.GB23071@8bytes.org> <20200603230716.GD25606@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200603230716.GD25606@linux.intel.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jun 03, 2020 at 04:07:16PM -0700, Sean Christopherson wrote: > On Wed, Jun 03, 2020 at 04:23:25PM +0200, Joerg Roedel wrote: > > User-space can also cause IOIO #VC exceptions, and user-space can be > > 32-bit legacy code with segments, so es_base has to be taken into > > account. > > Is there actually a use case for this? Exposing port IO to userspace > doesn't exactly improve security. Might be true, but Linux supports it and this patch-set is not the place to challenge this feature. > Given that i386 ABI requires EFLAGS.DF=0 upon function entry/exit, i.e. is > the de facto default, the DF bug implies this hasn't been tested. And I > don't see how this could possibly have worked for SEV given that the kernel > unrolls string I/O because the VMM can't emulate string I/O. Presumably > someone would have complained if they "needed" to run legacy crud. The > host and guest obviously need major updates, so supporting e.g. DPDK with > legacy virtio seems rather silly. With SEV-ES and this unrolling of string-io doesn't need to happen anymore. It is on the list of things to improve, but this patch-set is already pretty big. > > True, #DBs won't be correct anymore. Currently debugging is not > > supported in SEV-ES guests anyway, but if it is supported the #DB > > exception would happen in the #VC handler and not on the original > > instruction. > > As in, the guest can't debug itself? Or the host can't debug the guest? Both, the guest can't debug itself because writes to DR7 never make it to the hardware DR7 register. And the host obviously can't debug the guest because it has no access to its unencrypted memory and register state. Regards, Joerg