Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp2822763pxb; Tue, 9 Mar 2021 11:44:45 -0800 (PST) X-Google-Smtp-Source: ABdhPJzYZmnYrZ4SR1ctBvPWNssIAf09+27wDJdKdjIgDdHgILybW4dEwZrPaMBPn6+VQ+9XxHp+ X-Received: by 2002:a17:906:d938:: with SMTP id rn24mr23136953ejb.87.1615319085312; Tue, 09 Mar 2021 11:44:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1615319085; cv=none; d=google.com; s=arc-20160816; b=Odl0urYgPF+NbV/hQcs7UWVvoNknbGI0eNwx6jcyTcxPbkBbMPeHCMGsyYiolNwc/o PiASPAs7tWX1tkQppc6Ftj/k7/288qDxODMQaofcveCmzK5W4W3UHr7BgpBEZ9g0RSr6 vsBdbUmzfZkhDsXtsZf7zkdQzHG+2Vp3ug5GTPOHuwJrfg4IlLFjY1Jtoo6iVtlTnjb0 chMrltR9FepmpZNuPFbdvFvOy4leuFx+U4sYBwkT0MhVY50bFj29hpCpX5UrRXblblTV jWKRsYfVKSGb30M7bEXjBT1YwFhTUVGzxzF/rFg7k7QjPlvTgAUhiz8fkBLgiG1R9XRT rJoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=nrSjbcfbtpDu99fWTpmyTiTS4z7P8iLrCevZq+OwJDk=; b=JMf4qCAxU1+x56ONpYOBfmuyI/y/S/iQQ/zZODiVoNCWI9c1wP0slqpNwOSPuBlrqn zG5D2+7Eetrdpgeuro4nPRaewDValhTLLk88mkQZr45ZoqrvAgwOraopSW0t1cFI5DUI m5GNKUNY6Al46JYrO1/VBoMRnQ2pvr/xaKgeLnp85BKdGthwrvMvCk0Pvj2dUJWZbLGV r4anOApkT5T44Y4WmsMKe9wAO/E3O/trY4HzcLLG3EhoW9ovvatyQBKzEIObCrAO75hs S/aOkywmHr8QnSb1sr+Dbx7YB9mvNAYZ+XnHzuhwmQcJtGUMmAhHhUhfn6VqCFrcqhNv SG6w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=fxZkdSwl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b6si10330080eju.321.2021.03.09.11.44.22; Tue, 09 Mar 2021 11:44:45 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=fxZkdSwl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231400AbhCITnN (ORCPT + 99 others); Tue, 9 Mar 2021 14:43:13 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42194 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231161AbhCITnE (ORCPT ); Tue, 9 Mar 2021 14:43:04 -0500 Received: from mail-pg1-x529.google.com (mail-pg1-x529.google.com [IPv6:2607:f8b0:4864:20::529]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9B986C06174A for ; Tue, 9 Mar 2021 11:43:04 -0800 (PST) Received: by mail-pg1-x529.google.com with SMTP id o38so9497900pgm.9 for ; Tue, 09 Mar 2021 11:43:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=nrSjbcfbtpDu99fWTpmyTiTS4z7P8iLrCevZq+OwJDk=; b=fxZkdSwllM3KcD1tprgJ8Qwwl3PI5A+cU8oORbvgRMWthQA0elQUWYTsTefxo87ZMH csmfaAMMCvh7WBAPvVauUmDmZGZj1yKsoDGNatLLTaHDvpE93tQVrzeqnmrkE8dw+19g H4NzNxqJTkhxUUKb6moJUDCHrSdkD3Mn2YC8vv8/ax319/eIZFWqVitKiicr3Q9vwnWL C8iZA/cO52ZIoF+Y0a8FtA3ipQmjOmywD6Dl4b4oDoU8/FL4gYiEU9PEuhi7cG6ryrpP LpmHctDWZMDMaQIz2OpaVQeOHmmf0/qTOSIh/dx5RZKdqq6dBJPmVN2QpiTqphqK9QNM SSGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=nrSjbcfbtpDu99fWTpmyTiTS4z7P8iLrCevZq+OwJDk=; b=dfRynS+z8vjTX6RRUGNj5usy9SuVc8V7iMOyER/xo8vKUZ0SZ4zbD+PXdwF6L3B9+i IEsrpRHkU2tlcc7//ExKqyXaY80az4I0AvDMpbSk94zXWP45nLtHTXaKBMS5tfLj4tbf EuGIMytMqGJhHs0FDuJBf2Z7l//+hS+nyxZTJVBMcPUxgVZfeFoJbwi2InOqur2H4tNh wy9TYyBkuFdphi9/QJ1edM+FMX2qUXVQxXhFnf+jWztmiP6OcFv4TfLQRH1bbjh+Japm COM0zd5jtWqVgu+sO3rDbchqeUiSe1C00WxrZUBCvB1uxsvq5nvXvlYfhNKtnSbiXMAv W2KA== X-Gm-Message-State: AOAM532PfHxibPmlFGDyPutPP6ZYPGb+ngLoR7gYz958p/vDjw+VC0JG L9eqYaMecCtr2VhlCb5pB1EPIQ== X-Received: by 2002:a62:3085:0:b029:1ec:a6b8:6dd2 with SMTP id w127-20020a6230850000b02901eca6b86dd2mr26760622pfw.7.1615318983949; Tue, 09 Mar 2021 11:43:03 -0800 (PST) Received: from google.com ([2620:15c:f:10:e4dd:6c31:9463:f8da]) by smtp.gmail.com with ESMTPSA id 25sm14296910pfh.199.2021.03.09.11.43.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Mar 2021 11:43:03 -0800 (PST) Date: Tue, 9 Mar 2021 11:42:56 -0800 From: Sean Christopherson To: Steve Rutherford Cc: Brijesh Singh , Ashish Kalra , "pbonzini@redhat.com" , "joro@8bytes.org" , "Lendacky, Thomas" , "kvm@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "venu.busireddy@oracle.com" , Will Deacon , Quentin Perret Subject: Re: [PATCH v10 10/16] KVM: x86: Introduce KVM_GET_SHARED_PAGES_LIST ioctl Message-ID: References: <20210224175122.GA19661@ashkalra_ubuntu_server> <20210225202008.GA5208@ashkalra_ubuntu_server> <20210226140432.GB5950@ashkalra_ubuntu_server> <20210308104014.GA5333@ashkalra_ubuntu_server> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Mar 08, 2021, Steve Rutherford wrote: > On Mon, Mar 8, 2021 at 1:11 PM Brijesh Singh wrote: > > On 3/8/21 1:51 PM, Sean Christopherson wrote: > > > If the guest does the hypercall after writing the page, then the guest is hosed > > > if it gets migrated while writing the page (scenario #1): > > > > > > vCPU Userspace > > > zero_bytes[0:N] > > > > > > > > > zero_bytes[N+1:4095] > > > set_shared (dest) > > > kaboom! > > > > > > Maybe I am missing something, this is not any different from a normal > > operation inside a guest. Making a page shared/private in the page table > > does not update the content of the page itself. In your above case, I > > assume zero_bytes[N+1:4095] are written by the destination VM. The > > memory region was private in the source VM page table, so, those writes > > will be performed encrypted. The destination VM later changed the memory > > to shared, but nobody wrote to the memory after it has been transitioned > > to the shared, so a reader of the memory should get ciphertext and > > unless there was a write after the set_shared (dest). Sorry, that wasn't clear, there's an implied page table update to make the page shared before zero_bytes. > > > If userspace does GET_DIRTY after GET_LIST, then the host would transfer bad > > > data by consuming a stale list (scenario #2): > > > > > > vCPU Userspace > > > get_list (from KVM or internally) > > > set_shared (src) > > > zero_page (src) > > > get_dirty > > > > > > > > > kaboom! > > > > > > I don't remember how things are done in recent Ashish Qemu/KVM patches > > but in previous series, the get_dirty() happens before the querying the > > encrypted state. There was some logic in VMM to resync the encrypted > > bitmap during the final migration stage and perform any additional data > > transfer since last sync. It's likely that Ashish's patches did the correct thing, I just wanted to point out that both host and guest need to do everything in a very specific order. > > > If both guest and host order things to avoid #1 and #2, the host can still > > > migrate the wrong data (scenario #3): > > > > > > vCPU Userspace > > > set_private > > > zero_bytes[0:4096] > > > get_dirty > > > set_shared (src) > > > get_list > > > > > > > > > set_private (dest) > > > kaboom! > > > > > > Since there was no write to the memory after the set_shared (src), so > > the content of the page should not have changed. After the set_private > > (dest), the caller should be seeing the same content written by the > > zero_bytes[0:4096] > > I think Sean was going for the situation where the VM has moved to the > destination, which would have changed the VEK. That way the guest > would be decrypting the old ciphertext with the new (wrong) key. I think that's what I was saying? I was pointing out that the userspace VMM would see the page as "shared" and so read the guest memory directly instead of routing it through the PSP. Anyways, my intent wasn't to point out a known issue anywhere. I was working through how GET_LIST would interact with GET_DIRTY_LOG to convince myself that the various flows were bombproof. I wanted to record those thoughts so that I can remind myself of the requirements when I inevitably forget them in the future. > > > Scenario #3 is unlikely, but plausible, e.g. if the guest bails from its > > > conversion flow for whatever reason, after making the initial hypercall. Maybe > > > it goes without saying, but to address #3, the guest must consider existing data > > > as lost the instant it tells the host the page has been converted to a different > > > type. > > > > > >> For the above reason if we do in-kernel hypercall handling for page > > >> encryption status (which we probably won't require for SEV-SNP & > > >> correspondingly there will be no hypercall exiting), > > > As above, that doesn't preclude KVM from exiting to userspace on conversion. > > > > > >> then we can implement a standard GET/SET ioctl interface to get/set the guest > > >> page encryption status for userspace, which will work across SEV, SEV-ES and > > >> SEV-SNP.