Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp4031151pxu; Tue, 20 Oct 2020 06:51:03 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxHydPMgSsvKyG6mAYUHe9uryHQecv7GodBO3yF8GlELzwdmdBb75RR5hJyHJHzzbgTfutO X-Received: by 2002:aa7:d61a:: with SMTP id c26mr2872789edr.303.1603201863491; Tue, 20 Oct 2020 06:51:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1603201863; cv=none; d=google.com; s=arc-20160816; b=eWg0/FCAIeO9rz2jbEBy/GjfNTbPelF9jiQjqC8mZS450nQyPTR33nwC+ZfnSkeJIj lo81w9M18N7Hy2ZsuVLGSv2ADjpZ3WeOh5wMg4KM6ZajfZWosGKNOMWqBF5LPK781xJq mJ38FW0HYry6K5wd2ksuOZDeFfW6953yTSRFpAb++/UoUSr+ptimPWT133MOqIpW1RtF TYL0So40F7cXWlgPrXCpUOBtIznkaJ8IDidM/Ox+RtXlFGGq6XmhMHjbC8U+eipIGoi8 Q39S+tNxrzqP5tsv8UDtDDsYuhD8hcNqUWpi5BKdlOZXWa8YBBZOYl9ZoVseOy7be78D Zy3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=1o8TpeHhno8OE2SrDdQUqRsdXAVOC0TzkDg0pRysRCg=; b=O162waL8NmDTXcEpHhPVmGQmgY3ZJ2QIwKS10TBWC0t+Wlty9cEpdESDBDhb09cksc qJGoAaCUH+rWEBoJAds5hU0uuVL4XRQCWugnmqfJf6FXUhqQiAAy5CsS3JcXe9CuYpBr 18UWZKLqkvG2CjMgPrw4xMkYQHSO8/E79R07WV3BwmmbJbivRU+IUo0NsFex/6b1LuBg fMZ2AQ+WIg26Yay176t9OSDmSY68ck+FCSSeN9X28WNC8a9p+gakyAiUQrrmmo8CM+rq I7xqglIU26E9G9RftviamWlo4Px0fxuW1TYcAGiCrpJcbMdvnVW+YDkS44hA/YO31O4r OmtA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=cicVnczs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p2si1180347edm.265.2020.10.20.06.50.40; Tue, 20 Oct 2020 06:51:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=cicVnczs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2407683AbgJTNt2 (ORCPT + 99 others); Tue, 20 Oct 2020 09:49:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33750 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2407630AbgJTNt2 (ORCPT ); Tue, 20 Oct 2020 09:49:28 -0400 Received: from mail-lf1-x144.google.com (mail-lf1-x144.google.com [IPv6:2a00:1450:4864:20::144]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EBB29C0613CE for ; Tue, 20 Oct 2020 06:49:27 -0700 (PDT) Received: by mail-lf1-x144.google.com with SMTP id c141so2185807lfg.5 for ; Tue, 20 Oct 2020 06:49:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=1o8TpeHhno8OE2SrDdQUqRsdXAVOC0TzkDg0pRysRCg=; b=cicVnczstWRFH9gw+EuYx/lkIIBZzIw/xFGQDmuS3kVvj7vDkCCzApdH1mGBpMoiA9 UtpBzyMmwiraaOs2MZMRvwTopaDFxaacSqLiI/IFdi8hKKrlZORdjZIJsLS3cLypFks/ Bda/wOENIgPWwOMRaDoliBIRfRwHPiY6madPv88jbUecOdIdC863Zw3wYV4k28/eBqGi W2EDYSVlOfa6oSB3jXwakuWfGlTrNxPtkIc3sHP4hip+5nDyO4AZhVF1W7eZd1S7ISnM q/XrxAC2qb0wuhsp5epuANvG0/N4WWTpFeq7y8QxSVLZcING1Hvt56ZqLKl9e4GR5Zim 1olw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to; bh=1o8TpeHhno8OE2SrDdQUqRsdXAVOC0TzkDg0pRysRCg=; b=EHIHHlMtupJ2bDBWIZAguY9VPBg+rwWBvExdTMuZAEP5LidMcnrUUPY9HkYVT/8kT7 eTLIPXvWmup2WmOJIqKTOllAB4hsdLXZ2gCoGlTh4tdlPuj/1S0dJhjPOQ/GMxUQhblS nbCb5CFF9pi2ToRoLDqG8GDZvAUfS+iZcyEzbQfOfV7rnbttiAJHb1fP4TmTfJ+KPZz7 nPPKmRX73J7zlFt6G18mJvYxVgLvzh1FbvM2w1a5KpFukqVukqH8tZxZ4AbB4pPlQzb/ I95JJv60Q1s0qDsspSn0XpVOnAu5qUCSofdcKndADGsHzw+5KYAr1EM7aFxQQp2zXT3E NtOg== X-Gm-Message-State: AOAM5334+c3hkltKHDPhKWYe9EW1DdJlFpU2nOk7ZqYtzyKFrnU8xuT/ L9S4xFusk2W8Zi/WwIXeVuq8VA== X-Received: by 2002:ac2:5a05:: with SMTP id q5mr976885lfn.592.1603201766368; Tue, 20 Oct 2020 06:49:26 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id o17sm319166lfb.55.2020.10.20.06.49.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Oct 2020 06:49:25 -0700 (PDT) Received: by box.localdomain (Postfix, from userid 1000) id 2039A102328; Tue, 20 Oct 2020 16:49:24 +0300 (+03) Date: Tue, 20 Oct 2020 16:49:24 +0300 From: "Kirill A. Shutemov" To: Vitaly Kuznetsov Cc: David Rientjes , Andrea Arcangeli , Kees Cook , Will Drewry , "Edgecombe, Rick P" , "Kleen, Andi" , Liran Alon , Mike Rapoport , x86@kernel.org, kvm@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" , Dave Hansen , Andy Lutomirski , Peter Zijlstra , Paolo Bonzini , Sean Christopherson , Wanpeng Li , Jim Mattson , Joerg Roedel Subject: Re: [RFCv2 00/16] KVM protected memory extension Message-ID: <20201020134924.2i4z4kp6bkiheqws@box> References: <20201020061859.18385-1-kirill.shutemov@linux.intel.com> <87ft6949x8.fsf@vitty.brq.redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <87ft6949x8.fsf@vitty.brq.redhat.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Oct 20, 2020 at 09:46:11AM +0200, Vitaly Kuznetsov wrote: > "Kirill A. Shutemov" writes: > > > == Background / Problem == > > > > There are a number of hardware features (MKTME, SEV) which protect guest > > memory from some unauthorized host access. The patchset proposes a purely > > software feature that mitigates some of the same host-side read-only > > attacks. > > > > > > == What does this set mitigate? == > > > > - Host kernel ”accidental” access to guest data (think speculation) > > > > - Host kernel induced access to guest data (write(fd, &guest_data_ptr, len)) > > > > - Host userspace access to guest data (compromised qemu) > > > > - Guest privilege escalation via compromised QEMU device emulation > > > > == What does this set NOT mitigate? == > > > > - Full host kernel compromise. Kernel will just map the pages again. > > > > - Hardware attacks > > > > > > The second RFC revision addresses /most/ of the feedback. > > > > I still didn't found a good solution to reboot and kexec. Unprotect all > > the memory on such operations defeat the goal of the feature. Clearing up > > most of the memory before unprotecting what is required for reboot (or > > kexec) is tedious and error-prone. > > Maybe we should just declare them unsupported? > > Making reboot unsupported is a hard sell. Could you please elaborate on > why you think that "unprotect all" hypercall (or rather a single > hypercall supporting both protecting/unprotecting) defeats the purpose > of the feature? If guest has some data that it prefers not to leak to the host and use the feature for the purpose, share all the memory to get through reboot is a very weak point. > > clean up *all* its memory upon reboot, however: > - It may only clean up the most sensitive parts. This should probably be > done even without this new feature and even on bare metal (think about > next boot target being malicious). > - The attack window shrinks significantly. "Speculative" bugs require > time to exploit and it will only remain open until it boots up again > (few seconds). Maybe it would be cleaner to handle reboot in userspace? If we got the VM rebooted, just reconstruct it from scratch as if it would be new boot. -- Kirill A. Shutemov