Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp1196917rwr; Fri, 5 May 2023 10:22:48 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6lEeLNhS0cPWydT1Vf31hrmNsuZG3gm5CqD3K7/JSioMJVp5H3hTFHhHHCi5hIaJAxPMlH X-Received: by 2002:a05:6a21:3406:b0:ee:2bc1:6e01 with SMTP id yn6-20020a056a21340600b000ee2bc16e01mr2444132pzb.24.1683307368107; Fri, 05 May 2023 10:22:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683307368; cv=none; d=google.com; s=arc-20160816; b=czbVqosagdzbdPlslzHCB0RT3Fr9Y9JJTcm6sXZeDXGeS2GEmxygRcYMY1AotIkg4+ x+/KeTqv8xglcThD9h5Eg9Usf5AnagStNLUPPwJrehSHIo/dbuC0Kc3kz3MJzKcRhbUR iFr16rqW9E7eCD2XKuD/ElUXoXK6y6A/uPQK/LtqHLgrX37cAgVONHGJbeA0uB/EJbeQ 2Imoj5Vjiq2dIsEKyEaaLmvYTE1GRaQzdAdhn0F6UXsODnuR+Z+XnRJKVq8Nkaa/SHCX cZVV2RDAKr4JbIhMjDQJEMXajEgSmQwDbrRgAwe2jBWKfokCUzbmkCyBDyu1FLSWWJwC UxyQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:from:subject :message-id:references:mime-version:in-reply-to:date:dkim-signature; bh=SxwNvfp9yRlruqDpvJxkAnrRtCk6mE67Bd3BubjypxQ=; b=FYjjqZyy7ATFfMpStWIhgkieFR5WZG2EWisv98cDRWMqwYLQtGzLseeyPIJB8Sm8tt UFHD2VLO+i8gFHg2sqtZf3hJcHSEs3USC3F183aUJtlTm1btDZyPUegkUnnzZ+pKkMKs lWX7Np8atHEZ9Uxax8GVJOqDCfA41T0Z2lVVXxkpFMZgf72fhMz6sPzoRbHdecwNlk9y DDOkm8oHZWDbOAL0P/E4yKKgZi9nC7AoKlzAaYIypJ7xiortYmJ3QhvYfENagVosvM0G LYI1k/k5gAWrneDY6QkLfRAgfPuX9j/nh4fEcLmsE29hKTZmGcxwgoyDuVAZm7S3qZUr aseQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=cXXc3M6y; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i65-20020a625444000000b0063a149e3c85si2347032pfb.401.2023.05.05.10.22.33; Fri, 05 May 2023 10:22:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=cXXc3M6y; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231636AbjEERSG (ORCPT + 99 others); Fri, 5 May 2023 13:18:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53410 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231754AbjEERSD (ORCPT ); Fri, 5 May 2023 13:18:03 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4D2D912E8D for ; Fri, 5 May 2023 10:18:01 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id 41be03b00d2f7-5287c9b01fdso1565739a12.2 for ; Fri, 05 May 2023 10:18:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683307081; x=1685899081; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id :reply-to; bh=SxwNvfp9yRlruqDpvJxkAnrRtCk6mE67Bd3BubjypxQ=; b=cXXc3M6yYogaCUYe2c+SrQc2MIdAmLJbXRkHUS9zG7xhw6MiEu2sitOw7/Gs8N+qYL oXgYeStpeUI6b4JASS0HSftlcCCRj/X7n1N9WbKprVd/yNpe36+Ro8ZtPUj3p6Ld50JH pqxQnHXwImJi8vy3sHQBgx80mx2LtgRBbImqJGjt3ifJhQvYtGUkTdTjALM0pcmAV+1D 6vpr8yMdnFBHG32elxIu/SKRWE8X5JKVIrtIk1RplILzJzkSNycRYJAr+Iqs6tbgmR/S ugGjoODz+nslHOA/c91Rz89LssATB8IAOjXVho0NUWdysNmyIv7F6uQ3Fm1u7pfzIzFf Lo4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683307081; x=1685899081; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=SxwNvfp9yRlruqDpvJxkAnrRtCk6mE67Bd3BubjypxQ=; b=BUMHnr0l2JOiC7ZYJnIUWZQjX9l8dlRsKBVsy2NlFr8SLIh6zWZkBOMTAeMLkvaEgx JYRLFN1kmaFIuaIItW0ToQ7NL+cfSdnYVCMl7mRiTOf9bxFwFxV9tG3uPbIglsB4m/aC t+8C1uS0Fnnk8JIi8+9FiKfwTlhBFsLRYpD5MY2Yczkh+esjNqDSi4f9GMhDPqA9sLdo kPzicbb6iRI0aez2o1WCU1jhFQEPCXdjQgw7yUitfVPdZjmnFSd6M5CfUSnOO/TQtS2P YG3sm0T75dc4X2WyjO0UbKzC/qtIR4FFBImLSLiPcZMJXYG+tjCQijdVfPpIS/NYZMy/ UL4w== X-Gm-Message-State: AC+VfDwoou49zn4azjC9buOMCVHh9b/f6H4VZGi3+OEfdHZnSQSZTWbT Hu411cQS67fL988mJf2vRJZcDvHZzjY= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a63:8ac1:0:b0:513:efd4:d76 with SMTP id y184-20020a638ac1000000b00513efd40d76mr529931pgd.5.1683307080808; Fri, 05 May 2023 10:18:00 -0700 (PDT) Date: Fri, 5 May 2023 10:17:59 -0700 In-Reply-To: <39125b11-659f-35f4-ac7a-a3ba31365950@digikod.net> Mime-Version: 1.0 References: <20230505152046.6575-1-mic@digikod.net> <20230505152046.6575-5-mic@digikod.net> <39125b11-659f-35f4-ac7a-a3ba31365950@digikod.net> Message-ID: Subject: Re: [PATCH v1 4/9] KVM: x86: Add new hypercall to set EPT permissions From: Sean Christopherson To: "=?iso-8859-1?Q?Micka=EBl_Sala=FCn?=" Cc: Borislav Petkov , Dave Hansen , "H . Peter Anvin" , Ingo Molnar , Kees Cook , Paolo Bonzini , Thomas Gleixner , Vitaly Kuznetsov , Wanpeng Li , Alexander Graf , Forrest Yuan Yu , James Morris , John Andersen , Liran Alon , "Madhavan T . Venkataraman" , Marian Rotariu , "Mihai =?utf-8?B?RG9uyJt1?=" , "=?utf-8?B?TmljdciZb3IgQ8OuyJt1?=" , Rick Edgecombe , Thara Gopinath , Will Deacon , Zahra Tarkhani , "=?utf-8?Q?=C8=98tefan_=C8=98icleru?=" , dev@lists.cloudhypervisor.org, kvm@vger.kernel.org, linux-hardening@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, qemu-devel@nongnu.org, virtualization@lists.linux-foundation.org, x86@kernel.org, xen-devel@lists.xenproject.org Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, May 05, 2023, Micka=EF=BF=BDl Sala=EF=BF=BDn wrote: >=20 > On 05/05/2023 18:44, Sean Christopherson wrote: > > On Fri, May 05, 2023, Micka=EF=BF=BDl Sala=EF=BF=BDn wrote: > > > Add a new KVM_HC_LOCK_MEM_PAGE_RANGES hypercall that enables a guest = to > > > set EPT permissions on a set of page ranges. > >=20 > > IMO, manipulation of protections, both for memory (this patch) and CPU = state > > (control registers in the next patch) should come from userspace. I ha= ve no > > objection to KVM providing plumbing if necessary, but I think userspace= needs to > > to have full control over the actual state. >=20 > By user space, do you mean the host user space or the guest user space? Host userspace, a.k.a. the VMM. Definitely not guest userspace. > About the guest user space, I see several issues to delegate this kind of > control: > - These are restrictions only relevant to the kernel. > - The threat model is to protect against user space as early as possible. > - It would be more complex for no obvious gain. >=20 > This patch series is an extension of the kernel self-protections mechanis= ms, > and they are not configured by user space. >=20 >=20 > >=20 > > One of the things that caused Intel's control register pinning series t= o stall > > out was how to handle edge cases like kexec() and reboot. Deferring to= userspace > > means the kernel doesn't need to define policy, e.g. when to unprotect = memory, > > and avoids questions like "should userspace be able to overwrite pinned= control > > registers". >=20 > The idea is to authenticate every changes. For kexec, the VMM (or somethi= ng > else) would have to authenticate the new kernel. Do you have something el= se > in mind that could legitimately require such memory or CR changes? I think we're on the same page, the VMM (host userspace) would need to ack = any changes. FWIW, SMM is another wart as entry to SMM clobbers CRs. Now that CONFIG_KV= M_SMM is a thing, the easiest solution would be to disallow coexistence with SMM,= though that might not be an option for many use cases (IIUC, QEMU-based deployment= s use SMM to implement secure boot). > > And like the confidential VM use case, keeping userspace in the loop is= a big > > beneifit, e.g. the guest can't circumvent protections by coercing users= pace into > > writing to protected memory . >=20 > I don't understand this part. Are you talking about the host user space? = How > the guest could circumvent protections? Host userspace. Guest configures a device buffer in write-protected memory= , gets a host (synthetic) device to write into the memory.