Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp150123rwb; Tue, 13 Dec 2022 15:25:57 -0800 (PST) X-Google-Smtp-Source: AA0mqf7j/KEh2QDcFWfabeUAHlrNf1kPVbtvranVGnRCsgtrm72XFYLfUjqtIOQQRS1dNbsBZYr1 X-Received: by 2002:a17:907:90d4:b0:7c0:db61:dbd5 with SMTP id gk20-20020a17090790d400b007c0db61dbd5mr16631764ejb.62.1670973957732; Tue, 13 Dec 2022 15:25:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670973957; cv=none; d=google.com; s=arc-20160816; b=0s0KC6hZH/on53xMGV1PoWYVwJwifKnw/eBB3UfBEJcVjVHNLwEiU+iZlTp3ZY136j V3I8DTyX4WODxCiiH4GdA3GlxT2lB/6c4zCeYL/FPSa8Q0DfWQjaBBA+HYCJssuGUEhU u1LcL0qs/0HV3kZfMU9OEfdn1BjtujXkKOgAumLfOEJZ/l5OKQNo7iiotsncEwityTcx ttfCnF65bIi4SuTBI318qTpk8QSB0LY3gunfOofcmUdEqSXmwqbG9EgcbNd/rB9E60jf jv6Mcw+vWU6N5Q7L7IWUWCCTUdTO9rq3Kw3i03itr43RsY2AmRhbt/n8vvgSKBMw1f0F Tybw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=pfSUkci1EDUFy+tjz6iitLRRe5EZZGf0NCS2vkjQ13M=; b=pDo4WvaxgtA5pavPMh0lbfdPOUhPBONkUuY8imv8VdVMgyq1g1Ts6GjRrtPMQBeNX3 3woTtztFDSWCNnyr9dGAlwL3lbURLi+axv5PAnLgBhgOOc6UzHHHclkhPJGNlE5y6y1i GCl1Wb/ls42YJcQIpIt8j4mNRODIuU5zcHA7QT9XhawgkSpjBd78qDEJ5tHijxUIjVD/ BEIULMM1nws1jVJFa9rEbtcHx7VxXZae2GyxvZNZgmLTxAVRVXNHG7JrnSUqhbC/3iXf kQodveDTlbXSE7qrV4drtfS3K3HpQv4Znkv2xalebvQIXDCBhqwZkGjkrxiU6fgZb7ie 3aog== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="GkUye/dk"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id qa8-20020a170907868800b007c0a0f207c0si10022228ejc.117.2022.12.13.15.25.40; Tue, 13 Dec 2022 15:25:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="GkUye/dk"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236970AbiLMXNt (ORCPT + 72 others); Tue, 13 Dec 2022 18:13:49 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34402 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236962AbiLMXNq (ORCPT ); Tue, 13 Dec 2022 18:13:46 -0500 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 56BCFBF59 for ; Tue, 13 Dec 2022 15:13:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1670973225; x=1702509225; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=bhHTeRftPavsWtwdAURnlzeya5sIPgv+TpvVOQO96to=; b=GkUye/dkfXy5LnPIuBncK8lD9i/173pR+XFul5kptYRPGiviJgaA93Yk eQaXCLGe3GMiHGLUrQM7SLss2AFaMVd002z8BV3qxygzu/qHij50EHdw/ Fnx9opbhNZw39f52hjwQqTnE7rVH/M8wepcKDY0W7agwkkJC1ZcapOEuc wzDgZg/RSACOYBglk6KwxP1cIeV8jgeHfsz+ZQbY77qmCOq6rAsw1c/o3 8nUUq7mMfFxr6jCc9AAccuF7QP8ulGDzqxEbEgBnT8oXUMpRS+CqTg5xd uMve5bjTCSYGNM6M6XxClEcLHoZeEBTUT/aOIkF2pS8L6LFUNXOGDXVvR Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10560"; a="305900709" X-IronPort-AV: E=Sophos;i="5.96,242,1665471600"; d="scan'208";a="305900709" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Dec 2022 15:13:44 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10560"; a="791106051" X-IronPort-AV: E=Sophos;i="5.96,242,1665471600"; d="scan'208";a="791106051" Received: from snjones-mobl1.amr.corp.intel.com (HELO [10.212.218.27]) ([10.212.218.27]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Dec 2022 15:13:43 -0800 Message-ID: <4e595e75-2c5f-e114-9c2c-37689870639c@intel.com> Date: Tue, 13 Dec 2022 15:13:43 -0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.4.2 Subject: Re: [PATCH 3/4] x86/tdx: Relax SEPT_VE_DISABLE check for debug TD Content-Language: en-US To: "Kirill A. Shutemov" , Borislav Petkov , Andy Lutomirski Cc: Kuppuswamy Sathyanarayanan , Thomas Gleixner , Elena Reshetova , x86@kernel.org, linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org References: <20221209132524.20200-1-kirill.shutemov@linux.intel.com> <20221209132524.20200-4-kirill.shutemov@linux.intel.com> From: Dave Hansen In-Reply-To: <20221209132524.20200-4-kirill.shutemov@linux.intel.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 12/9/22 05:25, Kirill A. Shutemov wrote: > SEPT_VE_DISABLE check is required to keep the TD protected from VMM > attacks, but it makes harder to debug guest kernel bugs. If guest > touches unaccepted memory the TD will get terminated without any > traces on what has happened. This is a bit sparse. -- A "SEPT #VE" occurs when a TDX guest touches memory that is not properly mapped into the "secure EPT". This can be the result of hypervisor attacks or bugs, *OR* guest bugs. Most notably, buggy guests might touch unaccepted memory for lots of different memory safety bugs like buffer overflows. TDX guests do not want to continue in the face of hypervisor attacks or hypervisor bugs. They want to terminate as fast and safely as possible. SEPT_VE_DISABLE ensures that TDX guests *can't* continue in the face of these kinds of issues. But, that causes a problem. TDX guests that can't continue can't spit out oopses or other debugging info. In essence SEPT_VE_DISABLE=1 guests are not debuggable. That's a problem. -- Eh? > Relax the SEPT_VE_DISABLE check to warning on debug TD and panic() in > the #VE handler on EPT-violation on private memory. It will produce > useful backtrace. > > Signed-off-by: Kirill A. Shutemov > --- > arch/x86/coco/tdx/tdx.c | 14 ++++++++++++-- > 1 file changed, 12 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c > index 8ad04d101270..0e47846ff8ff 100644 > --- a/arch/x86/coco/tdx/tdx.c > +++ b/arch/x86/coco/tdx/tdx.c > @@ -38,6 +38,7 @@ > #define VE_GET_PORT_NUM(e) ((e) >> 16) > #define VE_IS_IO_STRING(e) ((e) & BIT(4)) > > +#define ATTR_DEBUG BIT(0) > #define ATTR_SEPT_VE_DISABLE BIT(28) > > /* TDX Module call error codes */ > @@ -207,8 +208,15 @@ static void tdx_parse_tdinfo(u64 *cc_mask) > * TD-private memory. Only VMM-shared memory (MMIO) will #VE. > */ > td_attr = out.rdx; > - if (!(td_attr & ATTR_SEPT_VE_DISABLE)) > - tdx_panic("TD misconfiguration: SEPT_VE_DISABLE attribute must be set."); > + if (!(td_attr & ATTR_SEPT_VE_DISABLE)) { > + const char *msg = "TD misconfiguration: SEPT_VE_DISABLE attribute must be set."; > + > + /* Relax SEPT_VE_DISABLE check for debug TD. */ > + if (td_attr & ATTR_DEBUG) > + pr_warn("%s\n", msg); > + else > + tdx_panic(msg); > + } > } > > /* > @@ -682,6 +690,8 @@ static int virt_exception_kernel(struct pt_regs *regs, struct ve_info *ve) > case EXIT_REASON_CPUID: > return handle_cpuid(regs, ve); > case EXIT_REASON_EPT_VIOLATION: > + if (ve->gpa != cc_mkdec(ve->gpa)) > + panic("Unexpected EPT-violation on private memory."); What's the cc_mkdec() doing?