From: Tom Roeder <tmroeder@google.com>
To: Christoph Hellwig <hch@lst.de>
Cc: Keith Busch <kbusch@kernel.org>, Jens Axboe <axboe@fb.com>,
Sagi Grimberg <sagi@grimberg.me>, Peter Gonda <pgonda@google.com>,
Marios Pomonis <pomonis@google.com>,
linux-nvme@lists.infradead.org, linux-kernel@vger.kernel.org,
Thomas.Lendacky@amd.com, David.Kaplan@amd.com
Subject: Re: [PATCH v2] nvme: Cache DMA descriptors to prevent corruption.
Date: Mon, 30 Nov 2020 10:50:45 -0800 [thread overview]
Message-ID: <20201130185045.GA744128@google.com> (raw)
In-Reply-To: <20201120080243.GA20463@lst.de>
On Fri, Nov 20, 2020 at 09:02:43AM +0100, Christoph Hellwig wrote:
>On Thu, Nov 19, 2020 at 05:27:37PM -0800, Tom Roeder wrote:
>> This patch changes the NVMe PCI implementation to cache host_mem_descs
>> in non-DMA memory instead of depending on descriptors stored in DMA
>> memory. This change is needed under the malicious-hypervisor threat
>> model assumed by the AMD SEV and Intel TDX architectures, which encrypt
>> guest memory to make it unreadable. Some versions of these architectures
>> also make it cryptographically hard to modify guest memory without
>> detection.
>
>I don't think this is a useful threat model, and I've not seen a
>discussion on lkml where we had any discussion on this kind of threat
>model either.
Thanks for the feedback and apologies for the lack of context.
I was under the impression that support for AMD SEV SNP will start
showing up in KVM soon, and my understanding of SNP is that it
implies this threat model for the guest. See the patchset
for SEV-ES, which is the generation before SNP:
https://lkml.org/lkml/2020/9/14/1168. This doesn't get quite to the SNP
threat model, but it starts to assume more maliciousness on the part of
the hypervisor.
You can also see the talk from David Kaplan of AMD from the 2019 Linux
Security Summit for info about SNP:
https://www.youtube.com/watch?v=yr56SaJ_0QI.
>
>Before you start sending patches that regress optimizations in various
>drivers (and there will be lots with this model) we need to have a
>broader discussion first.
I've added Tom Lendacky and David Kaplan from AMD on the thread now,
since I don't think I have enough context to say where this discussion
should take place or the degree to which they think it has or hasn't.
Tom, David: can you please comment on this?
>
>And HMB support, which is for low-end consumer devices that are usually
>not directly assigned to VMs aren't a good starting point for this.
I'm glad to hear that this case doesn't apply directly to cases we would
care about for assignment to guests. I'm not very familiar with this
codebase, unfortunately. Do the same kinds of issues apply for the kinds
of devices that would be assigned to guests?
WARNING: multiple messages have this Message-ID (diff)
From: Tom Roeder <tmroeder@google.com>
To: Christoph Hellwig <hch@lst.de>
Cc: Thomas.Lendacky@amd.com, Sagi Grimberg <sagi@grimberg.me>,
David.Kaplan@amd.com, linux-kernel@vger.kernel.org,
linux-nvme@lists.infradead.org,
Marios Pomonis <pomonis@google.com>, Jens Axboe <axboe@fb.com>,
Peter Gonda <pgonda@google.com>, Keith Busch <kbusch@kernel.org>
Subject: Re: [PATCH v2] nvme: Cache DMA descriptors to prevent corruption.
Date: Mon, 30 Nov 2020 10:50:45 -0800 [thread overview]
Message-ID: <20201130185045.GA744128@google.com> (raw)
In-Reply-To: <20201120080243.GA20463@lst.de>
On Fri, Nov 20, 2020 at 09:02:43AM +0100, Christoph Hellwig wrote:
>On Thu, Nov 19, 2020 at 05:27:37PM -0800, Tom Roeder wrote:
>> This patch changes the NVMe PCI implementation to cache host_mem_descs
>> in non-DMA memory instead of depending on descriptors stored in DMA
>> memory. This change is needed under the malicious-hypervisor threat
>> model assumed by the AMD SEV and Intel TDX architectures, which encrypt
>> guest memory to make it unreadable. Some versions of these architectures
>> also make it cryptographically hard to modify guest memory without
>> detection.
>
>I don't think this is a useful threat model, and I've not seen a
>discussion on lkml where we had any discussion on this kind of threat
>model either.
Thanks for the feedback and apologies for the lack of context.
I was under the impression that support for AMD SEV SNP will start
showing up in KVM soon, and my understanding of SNP is that it
implies this threat model for the guest. See the patchset
for SEV-ES, which is the generation before SNP:
https://lkml.org/lkml/2020/9/14/1168. This doesn't get quite to the SNP
threat model, but it starts to assume more maliciousness on the part of
the hypervisor.
You can also see the talk from David Kaplan of AMD from the 2019 Linux
Security Summit for info about SNP:
https://www.youtube.com/watch?v=yr56SaJ_0QI.
>
>Before you start sending patches that regress optimizations in various
>drivers (and there will be lots with this model) we need to have a
>broader discussion first.
I've added Tom Lendacky and David Kaplan from AMD on the thread now,
since I don't think I have enough context to say where this discussion
should take place or the degree to which they think it has or hasn't.
Tom, David: can you please comment on this?
>
>And HMB support, which is for low-end consumer devices that are usually
>not directly assigned to VMs aren't a good starting point for this.
I'm glad to hear that this case doesn't apply directly to cases we would
care about for assignment to guests. I'm not very familiar with this
codebase, unfortunately. Do the same kinds of issues apply for the kinds
of devices that would be assigned to guests?
_______________________________________________
Linux-nvme mailing list
Linux-nvme@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-nvme
next prev parent reply other threads:[~2020-11-30 18:51 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-20 1:27 [PATCH v2] nvme: Cache DMA descriptors to prevent corruption Tom Roeder
2020-11-20 1:27 ` Tom Roeder
2020-11-20 8:02 ` Christoph Hellwig
2020-11-20 8:02 ` Christoph Hellwig
2020-11-20 14:29 ` Keith Busch
2020-11-20 14:29 ` Keith Busch
2020-11-30 18:55 ` Tom Roeder
2020-11-30 18:55 ` Tom Roeder
2020-11-30 18:50 ` Tom Roeder [this message]
2020-11-30 18:50 ` Tom Roeder
2020-12-02 16:31 ` Tom Lendacky
2020-12-02 16:31 ` Tom Lendacky
2023-01-24 17:24 Julien Bachmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201130185045.GA744128@google.com \
--to=tmroeder@google.com \
--cc=David.Kaplan@amd.com \
--cc=Thomas.Lendacky@amd.com \
--cc=axboe@fb.com \
--cc=hch@lst.de \
--cc=kbusch@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=pgonda@google.com \
--cc=pomonis@google.com \
--cc=sagi@grimberg.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.