From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BF120C77B75 for ; Tue, 16 May 2023 18:35:45 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4FABB900004; Tue, 16 May 2023 14:35:45 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4D0B4900002; Tue, 16 May 2023 14:35:45 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 398EE900004; Tue, 16 May 2023 14:35:45 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 2A3DD900002 for ; Tue, 16 May 2023 14:35:45 -0400 (EDT) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id A5BD3A0391 for ; Tue, 16 May 2023 18:35:44 +0000 (UTC) X-FDA: 80796971808.16.12EB445 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf11.hostedemail.com (Postfix) with ESMTP id AF1834000A for ; Tue, 16 May 2023 18:35:42 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=qsSCep0o; spf=pass (imf11.hostedemail.com: domain of ardb@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=ardb@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1684262142; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Z+rISdoaaFjE0H3onVx9q3vVqV+GW7MmEBF4x723LEk=; b=fwzQZFhQO6fN8LDAKuKI0GNpjTmLGd3ZfSsI/8XFqBW5ve/XVg3n5FUlubhDj5Inz4/TLp 3j2sraa97HrbXQcx0m4NWhNRW/JTlAv4HxD/Aw+FhLDTuoUFXPp4QN+V7cCKlZKLHWS6tJ G26T5qWXulB+FKIzQ7egFbU0bij7b9M= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1684262142; a=rsa-sha256; cv=none; b=mAji5lU6c4pmO31qrqWlYcs2xuDEYG7G1FvWEHju7Pn9Y3YuAk2MYr316SHS4eZYZV3YDX WDLlw6cgFVuCrzoW0ZObbEkPI5llY/5eF14H11874L0phFt11LOOqtkfy+6/rEQj56Boir 4Zn7t7qew19HTj5P8orjb67zTw5CtpM= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=qsSCep0o; spf=pass (imf11.hostedemail.com: domain of ardb@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=ardb@kernel.org; dmarc=pass (policy=none) header.from=kernel.org Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 9924963DEE for ; Tue, 16 May 2023 18:35:41 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id A05AAC43442 for ; Tue, 16 May 2023 18:35:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1684262140; bh=Z+rISdoaaFjE0H3onVx9q3vVqV+GW7MmEBF4x723LEk=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=qsSCep0ovkhnWtUBCdQLs1goten8s2jtIjcw8Yn2A2Fx9CEsj8jaFZW5pav22M/HH XlvZMyzFG13P/7meyUFtu84nuLvAQXuG4R0y7+LgQ8V1zVT18jpd6BpkyvH3yKLAV/ bdmUK7ysNMhHrbnGRgjCkgfN3VBQW4CKjLOlxE2was/rt8ZpfT5eH6JcsX8IIknCGe Vj+md7SuXZceBuvLqI49DO3mcpc6wzNUQHWckel1K3XT343ftCeDkunrEoGR+J8Ewp AeUsFU9acu5rgFVPCiBlN20Fb4XjLPyQAbym96z38y7pW0PzLE3wiPpr7NULICnHVC DwHhJrmLqcJOw== Received: by mail-lj1-f180.google.com with SMTP id 38308e7fff4ca-2ac8091351eso152420121fa.2 for ; Tue, 16 May 2023 11:35:40 -0700 (PDT) X-Gm-Message-State: AC+VfDxQS4onRWu6KMCJPGOwyKWqjkgyIzDAu+JvBr6f/lQVmi6sFb2m DcUgnf8kv8XqTIkepM30lYxvW/039RCluCkmv3g= X-Google-Smtp-Source: ACHHUZ5zB+8IUFITFhNLmqcHJRTHm2jVmMPsT4tShbTcHbmGuzZnaX0f1Mw5ueRw5K5L4a1Zn7W53eulOz+0dIWl6J0= X-Received: by 2002:a2e:8695:0:b0:2ad:90c9:bd29 with SMTP id l21-20020a2e8695000000b002ad90c9bd29mr8255580lji.18.1684262138332; Tue, 16 May 2023 11:35:38 -0700 (PDT) MIME-Version: 1.0 References: <20230513220418.19357-1-kirill.shutemov@linux.intel.com> <20230513220418.19357-7-kirill.shutemov@linux.intel.com> <6fe42f66-819c-f2c8-176b-759c1c5a9cf5@intel.com> In-Reply-To: <6fe42f66-819c-f2c8-176b-759c1c5a9cf5@intel.com> From: Ard Biesheuvel Date: Tue, 16 May 2023 20:35:27 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCHv11 6/9] efi/unaccepted: Avoid load_unaligned_zeropad() stepping into unaccepted memory To: Dave Hansen Cc: "Kirill A. Shutemov" , Borislav Petkov , Andy Lutomirski , Sean Christopherson , Andrew Morton , Joerg Roedel , Andi Kleen , Kuppuswamy Sathyanarayanan , David Rientjes , Vlastimil Babka , Tom Lendacky , Thomas Gleixner , Peter Zijlstra , Paolo Bonzini , Ingo Molnar , Dario Faggioli , Mike Rapoport , David Hildenbrand , Mel Gorman , marcelo.cerri@canonical.com, tim.gardner@canonical.com, khalid.elmously@canonical.com, philip.cox@canonical.com, aarcange@redhat.com, peterx@redhat.com, x86@kernel.org, linux-mm@kvack.org, linux-coco@lists.linux.dev, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, Dave Hansen Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: AF1834000A X-Stat-Signature: 54jxnxjnawcgr1itnw6gi47be8jggaz3 X-Rspam-User: X-Rspamd-Server: rspam09 X-HE-Tag: 1684262142-552310 X-HE-Meta: U2FsdGVkX1/vXNZEK1jwIGSmysxusFfdnaCJA3VnEEMBlVdQl7CVT6u/cWtPLg6hxMLCcPs7JYxIsSAvVUSJTlwuiT6oVXBI6kZ1OgoDVIL9lQhVjnhxSUAhnB5xceYzIG6MsGQfu33rcdY7dcaHvHLmrGfIwB3A+oNh34G75r+0YzkBzCGIOUJbMitsALOWUS9JojDXgZL+B4uHevvIirrzPQpvWmE3ATikK/BQTY208RzcLq10EXPBn/IzHHvKrgG4amwgRlgQaQNN9lA78dXmZo0qNfqwdwkMRYLOrONLAegN+31klKtCyd01YXd27tR4C8KgxPYDoUewpu5O2vwPet9IiFnwA4DNNhaYzm0GROIcmiR6ibwdA6sDAcC7ZYGyjKYF/OV2L3xW2piLfVN3FjPYBxtNWtOIgoCqFmS7IW65HFmZRQBbztIKtnkqlpJ6lgHlf507j8E8NwdJRxZuQWVPHApACMFAUKhRHVeUXsQdP+ov5aCnL/FETgWhsAElX7gYk0Yl8wM++dYabDgvFluKiJM/hPX0lEW6Qvz12fNl5hnqDUOQTzUKw+D0JLojauHoLaADxxKZOxqJDIQ978xNc/1VdS3m/OB1Oe46Wasxx7wakyN1UFn6rBy/UD0qkveRHdqJuJXFnS0RC/Zfkc3Lfktiqa5tY7E/EuBT7cqgnbNBWvHIlSOV3F+YAOlYqGddtKa4O1+37HQNKUOfp5zDXUpd0aKH0hpOZPVW5tjudpI4zWA/v9bNgZjSOgLfoNsp9SpRWu2Tok5PWfkQgHRwox6bBh2vqZi7YUvKmWKvFeqlxlOhnljYVf5ltwXdEJP4v+YwEidO5uC2cNiEnEzYHI8rDlQtIFzlQj6rQ3gBaYzRRoJdiRfWkAh62wlK+6rbvVpJBcKALATQC6STRbUcSj0EZo/NfHwJqQOKQUyfqcqf8JSSy9DgL4PrysNrESsm07PEFXxUzG3 75i+vq1y OJlQnF409xfAV6Om7Xp3CKHs3VnwKRrA18VZjSrtQUTAeD4R7lbWr41KJF5RTeB/rAjSbDjFyOoVzmq9rIGdKf0seOH1VQFo7jrWbf1defkWS9su8CAI8TUYzDWPa+LJQ3rSm8FfHeglQHU8Q+qZ1+i9uyhCBPbf8lWGTxuah3Y4Re2fnkpf5H2em0XODfeGTQXreqF6CCH+iq8PBaYtt56mED9jtNZAbqyY6wPKBj3Zy62t7cPY2/HcyhFUih6esIgOowK952LGiFVyMxU7E9y6feRTEuF/5FTYq0+61qsf/ezXgQqTroOym+zzAt+D0yymPnsAF6tshCMN5GWSX0NYM5hHQTeft/iGS9Ig6eT044x7oo3f2DjkZ1tX8mDzPQpTV X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, 16 May 2023 at 20:27, Dave Hansen wrote: > > On 5/16/23 11:08, Ard Biesheuvel wrote: > >> But, this approach does not work for unaccepted memory. For TDX, a load > >> from unaccepted memory will not lead to a recoverable exception within > >> the guest. The guest will exit to the VMM where the only recourse is to > >> terminate the guest. > >> > > Does this mean that the kernel maps memory before accepting it? As > > otherwise, I would assume that such an access would page fault inside > > the guest before triggering an exception related to the unaccepted > > state. > > Yes, the kernel maps memory before accepting it (modulo things like > DEBUG_PAGEALLOC). > OK, and so the architecture stipulates that prefetching or other speculative accesses must never deliver exceptions to the host regarding such ranges? If this all works as it should, then I'm ok with leaving this here, but I imagine we may want to factor out some arch specific policy here in the future, as I don't think this would work the same on ARM.