Re: AMD SEV-SNP/Intel TDX: validation of memory pages

linux-mm.kvack.org archive mirror
 help / color / mirror / Atom feed

From: Peter Zijlstra <peterz@infradead.org>
To: Andi Kleen <ak@linux.intel.com>
Cc: Joerg Roedel <jroedel@suse.de>,
	David Rientjes <rientjes@google.com>,
	Borislav Petkov <bp@alien8.de>, Andy Lutomirski <luto@kernel.org>,
	Sean Christopherson <seanjc@google.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Jon Grimm <jon.grimm@amd.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Christoph Hellwig <hch@lst.de>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Ingo Molnar <mingo@redhat.com>,
	x86@kernel.org, linux-mm@kvack.org
Subject: Re: AMD SEV-SNP/Intel TDX: validation of memory pages
Date: Tue, 16 Feb 2021 15:46:36 +0100	[thread overview]
Message-ID: <YCvazPK7wf+CwZcv@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <20210216142741.GI365765@tassilo.jf.intel.com>

On Tue, Feb 16, 2021 at 06:27:41AM -0800, Andi Kleen wrote:
> I think the IST solution should at least be explored before
> dismissing it. It might be simpler than anything else (like
> using new APIs)

Have you seen the trainwreck bonzini proposed? The very simplest thing
is saying no to TDX.

That 'solution' also hard relies on #VE not nesting more than once, so
lovely things like: #VE -> #DB -> #VE -> #NMI -> #VE, or #VE -> NMI ->
#VE -> #MC -> #VE or any number of other possible 'fun' combinations
_must_ not happen.

And yes, I know #MC isn't supported just now, but the above would
mandate it never be supported _ever_, because otherwise the IST hack
crumbles.

Again, repeat after me: ISTs are a part of the problem.

So how about fixing TDX instead of forcing us to do horrible fragile
things we all know will end up in tears?

next prev parent reply	other threads:[~2021-02-16 14:47 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-02  1:51 David Rientjes
2021-02-02 13:17 ` Matthew Wilcox
2021-02-02 16:02 ` Kirill A. Shutemov
2021-02-03  0:16   ` Brijesh Singh
2021-02-11 17:46     ` Sean Christopherson
2021-02-02 22:37 ` Andi Kleen
2021-02-11 20:46 ` Peter Zijlstra
2021-02-12 13:19 ` Joerg Roedel
2021-02-12 14:17   ` Peter Zijlstra
2021-02-12 14:53     ` Joerg Roedel
2021-02-12 15:19       ` Peter Zijlstra
2021-02-12 15:28         ` Joerg Roedel
2021-02-12 16:12           ` Peter Zijlstra
2021-02-12 16:18             ` Joerg Roedel
2021-02-12 16:45               ` Peter Zijlstra
2021-02-12 17:48                 ` Dave Hansen
2021-02-12 18:22                   ` Sean Christopherson
2021-02-12 18:38                     ` Andy Lutomirski
2021-02-12 18:43                       ` Sean Christopherson
2021-02-12 18:46                     ` Dave Hansen
2021-02-12 19:24                       ` Sean Christopherson
2021-02-16 10:00                 ` Joerg Roedel
2021-02-16 14:27                   ` Andi Kleen
2021-02-16 14:46                     ` Peter Zijlstra [this message]
2021-02-16 15:59                       ` Paolo Bonzini
2021-02-16 16:25                         ` Joerg Roedel
2021-02-16 16:48                           ` Paolo Bonzini
2021-02-16 18:26                             ` Joerg Roedel
2021-02-16 18:33                               ` Paolo Bonzini
2021-02-16 16:47                         ` Peter Zijlstra
2021-02-16 16:57                         ` Andy Lutomirski
2021-02-16 17:05                           ` Paolo Bonzini
2021-02-16 16:55                       ` Andi Kleen
2021-02-12 21:42             ` Andi Kleen
2021-02-12 21:58               ` Peter Zijlstra
2021-02-12 22:39                 ` Andi Kleen
2021-02-12 22:46                   ` Andy Lutomirski
2021-02-13  9:38                   ` Peter Zijlstra
2021-02-12 23:51                 ` Paolo Bonzini
2021-03-23  9:33 ` Joerg Roedel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YCvazPK7wf+CwZcv@hirez.programming.kicks-ass.net \
    --to=peterz@infradead.org \
    --cc=ak@linux.intel.com \
    --cc=akpm@linux-foundation.org \
    --cc=bp@alien8.de \
    --cc=brijesh.singh@amd.com \
    --cc=hch@lst.de \
    --cc=jon.grimm@amd.com \
    --cc=jroedel@suse.de \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=linux-mm@kvack.org \
    --cc=luto@kernel.org \
    --cc=mingo@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=rientjes@google.com \
    --cc=seanjc@google.com \
    --cc=tglx@linutronix.de \
    --cc=thomas.lendacky@amd.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox