From: Kai Huang <kai.huang@intel.com>
To: Sean Christopherson <seanjc@google.com>
Cc: kvm@vger.kernel.org, linux-sgx@vger.kernel.org,
pbonzini@redhat.com, bp@alien8.de, jarkko@kernel.org,
dave.hansen@intel.com, luto@kernel.org,
rick.p.edgecombe@intel.com, haitao.huang@intel.com
Subject: Re: [PATCH v4 07/11] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions
Date: Thu, 8 Apr 2021 10:16:38 +1200 [thread overview]
Message-ID: <20210408101638.6ce24b50924425308ee7c616@intel.com> (raw)
In-Reply-To: <YG4sh72soS6JC107@google.com>
On Wed, 7 Apr 2021 22:04:55 +0000 Sean Christopherson wrote:
> On Thu, Apr 08, 2021, Kai Huang wrote:
> > On Wed, 7 Apr 2021 21:52:50 +0000 Sean Christopherson wrote:
> > > On Thu, Apr 08, 2021, Kai Huang wrote:
> > > > + /*
> > > > + * Copy contents into kernel memory to prevent TOCTOU attack. E.g. the
> > > > + * guest could do ECREATE w/ SECS.SGX_ATTR_PROVISIONKEY=0, and
> > > > + * simultaneously set SGX_ATTR_PROVISIONKEY to bypass the check to
> > > > + * enforce restriction of access to the PROVISIONKEY.
> > > > + */
> > > > + contents = (struct sgx_secs *)__get_free_page(GFP_KERNEL);
> > >
> > > This should use GFP_KERNEL_ACCOUNT.
> >
> > May I ask why? The page is only a temporary allocation, it will be freed before
> > this function returns. I guess a 4K page is OK?
>
> A hard limit should not be violated, even temporarily. This is also per vCPU,
> e.g. a 256 vCPU VM could go 1mb over the limit.
OK. Will change in next version.
next prev parent reply other threads:[~2021-04-07 22:16 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-07 20:49 [PATCH v4 00/11] KVM SGX virtualization support (KVM part) Kai Huang
2021-04-07 20:49 ` [PATCH v4 01/11] KVM: x86: Export kvm_mmu_gva_to_gpa_{read,write}() for SGX (VMX) Kai Huang
2021-04-07 20:49 ` [PATCH v4 02/11] KVM: x86: Define new #PF SGX error code bit Kai Huang
2021-04-07 20:49 ` [PATCH v4 03/11] KVM: x86: Add support for reverse CPUID lookup of scattered features Kai Huang
2021-04-07 20:49 ` [PATCH v4 04/11] KVM: x86: Add reverse-CPUID lookup support for scattered SGX features Kai Huang
2021-04-07 20:49 ` [PATCH v4 05/11] KVM: VMX: Add basic handling of VM-Exit from SGX enclave Kai Huang
2021-04-07 20:49 ` [PATCH v4 06/11] KVM: VMX: Frame in ENCLS handler for SGX virtualization Kai Huang
2021-04-07 22:16 ` Sean Christopherson
2021-04-07 22:33 ` Kai Huang
2021-04-07 22:35 ` Sean Christopherson
2021-04-07 22:44 ` Kai Huang
2021-04-07 22:47 ` Sean Christopherson
2021-04-07 22:59 ` Kai Huang
2021-04-07 20:49 ` [PATCH v4 07/11] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions Kai Huang
2021-04-07 21:52 ` Sean Christopherson
2021-04-07 21:58 ` Kai Huang
2021-04-07 22:04 ` Sean Christopherson
2021-04-07 22:16 ` Kai Huang [this message]
2021-04-07 22:10 ` Sean Christopherson
2021-04-07 22:15 ` Kai Huang
2021-04-07 20:49 ` [PATCH v4 08/11] KVM: VMX: Add emulation of SGX Launch Control LE hash MSRs Kai Huang
2021-04-07 20:49 ` [PATCH v4 09/11] KVM: VMX: Add ENCLS[EINIT] handler to support SGX Launch Control (LC) Kai Huang
2021-04-07 20:49 ` [PATCH v4 10/11] KVM: VMX: Enable SGX virtualization for SGX1, SGX2 and LC Kai Huang
2021-04-07 20:49 ` [PATCH v4 11/11] KVM: x86: Add capability to grant VM access to privileged SGX attribute Kai Huang
2021-04-07 23:08 ` [PATCH v4 00/11] KVM SGX virtualization support (KVM part) Kai Huang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210408101638.6ce24b50924425308ee7c616@intel.com \
--to=kai.huang@intel.com \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=haitao.huang@intel.com \
--cc=jarkko@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-sgx@vger.kernel.org \
--cc=luto@kernel.org \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.