Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp3305042pxb; Mon, 18 Oct 2021 12:20:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwGVjaHFAfrljXn0nXdzOuTLJqL0rWLxdl9stxcSYwQnLgwCq83Bb2jFMVuOkaiydG4T+Va X-Received: by 2002:a17:907:1c29:: with SMTP id nc41mr27410627ejc.135.1634584830817; Mon, 18 Oct 2021 12:20:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634584830; cv=none; d=google.com; s=arc-20160816; b=aVS88po1bdnIEulcGmVTE+OhtzkJ7mVlFu/EG4FgBxHQt8M3yn6TYZtJCS/8CN/7GV HnSoY+VC2ddsK/jLB1ZPsdseBDsITsLf1opvVN17ZIZ2nLU8bCF+YOHqou9tVopp8b+V +xx8nOUKZqThYj+X+u+8tEJQVeT4ziqEiQ0gmPfG5Z0kUuOB7YkZX79Qbrhle85MB/7W +rKToXc5iT1WYPVFm9wQuSPYhEFQD++epBy7dVJq5AvrtaVnVI+9j+AtXZIa3QqAbiqW 707WcZZjV4r0OlVeV4NoPf9o8oTJJov9/kqapSOlT/hIO9MTP+BCo21iIZENGJAzGp8w EVjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=H0D9fMYiemWaywKhrFeRx22doUmAUI5poz1BHecVEck=; b=rFf1n5GpDpt1cg1d3K0WDdbj7/bRUaRRoyMdhuwzbIZmxFFob/MU0TUYk+VuS7gJo4 kZhHt5hNqcsRAR0j8gxo8s7YDFIZ7Bdgyedv0hc/qNawH886/rxHyuqIm79UeaueaWgl R7n6KO95j6a/2Sr27pE30R4H7KQqxuO/DLu8rgpI5FFSrNoTWZp9NHnrPrutLwBOqxXd LDEQD6FuopxUNc4Fb5hLYz7WYwHzDHH8UaX58EWgZdY5lVVwgUc5RvUEr782IK2NTZER C0v6WSTDw8/ihEL9tC/u1OUbNga1ewmFdZllr6OER36nUgIJB2ueu8CYlZFjLJ5KqY/B Y2dA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=aaPBSilQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id qw15si30174700ejc.112.2021.10.18.12.20.02; Mon, 18 Oct 2021 12:20:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=aaPBSilQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232759AbhJRTU1 (ORCPT + 99 others); Mon, 18 Oct 2021 15:20:27 -0400 Received: from mail.skyhub.de ([5.9.137.197]:36098 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230159AbhJRTU0 (ORCPT ); Mon, 18 Oct 2021 15:20:26 -0400 Received: from zn.tnic (p200300ec2f085700af6a7a3215758573.dip0.t-ipconnect.de [IPv6:2003:ec:2f08:5700:af6a:7a32:1575:8573]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id CA2981EC04A9; Mon, 18 Oct 2021 21:18:13 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1634584693; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=H0D9fMYiemWaywKhrFeRx22doUmAUI5poz1BHecVEck=; b=aaPBSilQLVoxx5ZYTymlL1LpcFbbTPdvT1VQjLz4BWf9YVHrCwCMueZkzHVjXeysrg0/eo EpZ0n8bosyKFGw3HgTiyge1sVQRj2H/scBFwyVzUsSGSBApNBZPU/wVXSMAAfNGzdpIW8A e30476Q54MX2AXNg4o+ioUpfa98cro8= Date: Mon, 18 Oct 2021 21:18:13 +0200 From: Borislav Petkov To: Michael Roth Cc: Brijesh Singh , x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , "Dr . David Alan Gilbert" , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com Subject: Re: [PATCH v6 08/42] x86/sev-es: initialize sev_status/features within #VC handler Message-ID: References: <20211008180453.462291-1-brijesh.singh@amd.com> <20211008180453.462291-9-brijesh.singh@amd.com> <20211018184003.3ob2uxcpd2rpee3s@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20211018184003.3ob2uxcpd2rpee3s@amd.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Oct 18, 2021 at 01:40:03PM -0500, Michael Roth wrote: > If CPUID has lied, that would result in a #GP, rather than a controlled > termination in the various checkers/callers. The latter is easier to > debug. > > Additionally, #VC is arguably a better indicator of SEV MSR availability > for SEV-ES/SEV-SNP guests, since it is only generated by ES/SNP hardware > and doesn't rely directly on hypervisor/EFI-provided CPUID values. It > doesn't work for SEV guests, but I don't think it's a bad idea to allow > SEV-ES/SEV-SNP guests to initialize sev_status in #VC handler to make > use of the added assurance. Ok, let's take a step back and analyze what we're trying to solve first. So I'm looking at sme_enable(): 1. Code checks SME/SEV support leaf. HV lies and says there's none. So guest doesn't boot encrypted. Oh well, not a big deal, the cloud vendor won't be able to give confidentiality to its users => users go away or do unencrypted like now. Problem is solved by political and economical pressure. 2. Check SEV and SME bit. HV lies here. Oh well, same as the above. 3. HV lies about 1. and 2. but says that SME/SEV is supported. Guest attempts to read the MSR Guest explodes due to the #GP. The same political/economical pressure thing happens. If the MSR is really there, we've landed at the place where we read the SEV MSR. Moment of truth - SEV/SNP guests have a communication protocol which is independent from the HV and all good. Now, which case am I missing here which justifies the need to do those acrobatics of causing #VCs just to detect the SEV MSR? Thx. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette