LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: "Michael S. Tsirkin" <mst@redhat.com>
To: Jason Wang <jasowang@redhat.com>
Cc: Dongli Zhang <dongli.zhang@oracle.com>,
"Paul E . McKenney" <paulmck@kernel.org>,
"kaplan, david" <david.kaplan@amd.com>,
Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
Peter Zijlstra <peterz@infradead.org>,
"Hetzelt, Felicitas" <f.hetzelt@tu-berlin.de>,
linux-kernel <linux-kernel@vger.kernel.org>,
virtualization <virtualization@lists.linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>
Subject: Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts
Date: Wed, 20 Oct 2021 02:56:27 -0400 [thread overview]
Message-ID: <20211020022529-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <CACGkMEvSVA=qx6m7BvM-P9mm=KpPihWhVWUycj2WGnwxfa+HAA@mail.gmail.com>
On Wed, Oct 20, 2021 at 09:33:49AM +0800, Jason Wang wrote:
> > In my own opinion, the threat model is:
> >
> > Attacker: 'malicious' hypervisor
> >
> > Victim: VM with SEV/TDX/SGX
> >
> > The attacker should not be able to steal secure/private data from VM, when the
> > hypervisor's action is unexpected. DoS is out of the scope.
> >
> > My concern is: it is very hard to clearly explain in the patchset how the
> > hypervisor is able to steal VM's data, by setting queue=0 or injecting unwanted
> > interrupts to VM.
>
> Yes, it's a hard question but instead of trying to answer that, we can
> just fix the case of e.g unexpected interrupts.
>
> Thanks
I think this it's still early days for TDX. So it's a bit early to talk
about threat models, start opening CVEs and distinguishing between
security and non-security bugs.
--
MST
next prev parent reply other threads:[~2021-10-20 6:56 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-12 6:52 [PATCH V2 00/12] More virtio hardening Jason Wang
2021-10-12 6:52 ` [PATCH V2 01/12] virtio-blk: validate num_queues during probe Jason Wang
2021-10-13 10:04 ` Michael S. Tsirkin
2021-10-14 2:32 ` Jason Wang
2021-10-14 5:45 ` Michael S. Tsirkin
2021-10-14 6:23 ` Jason Wang
2021-10-12 6:52 ` [PATCH V2 02/12] virtio: add doc for validate() method Jason Wang
2021-10-13 10:09 ` Michael S. Tsirkin
2021-10-14 2:32 ` Jason Wang
2021-10-12 6:52 ` [PATCH V2 03/12] virtio-console: switch to use .validate() Jason Wang
2021-10-13 9:50 ` Michael S. Tsirkin
2021-10-14 2:28 ` Jason Wang
2021-10-14 5:58 ` Michael S. Tsirkin
2021-10-12 6:52 ` [PATCH V2 04/12] virtio_console: validate max_nr_ports before trying to use it Jason Wang
2021-10-12 6:52 ` [PATCH V2 05/12] virtio_config: introduce a new ready method Jason Wang
2021-10-13 9:57 ` Michael S. Tsirkin
2021-10-12 6:52 ` [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts Jason Wang
2021-10-13 9:59 ` Michael S. Tsirkin
2021-10-14 2:29 ` Jason Wang
2021-10-15 12:09 ` Dongli Zhang
2021-10-15 17:27 ` Michael S. Tsirkin
2021-10-19 1:33 ` Jason Wang
2021-10-19 17:01 ` Dongli Zhang
2021-10-20 1:33 ` Jason Wang
2021-10-20 6:56 ` Michael S. Tsirkin [this message]
2021-10-12 6:52 ` [PATCH V2 07/12] virtio-pci: harden INTX interrupts Jason Wang
2021-10-13 9:42 ` Michael S. Tsirkin
2021-10-14 2:35 ` Jason Wang
2021-10-14 5:49 ` Michael S. Tsirkin
2021-10-14 6:20 ` Jason Wang
2021-10-14 6:26 ` Michael S. Tsirkin
2021-10-14 6:32 ` Jason Wang
2021-10-14 7:04 ` Michael S. Tsirkin
2021-10-14 7:12 ` Jason Wang
2021-10-14 9:25 ` Michael S. Tsirkin
2021-10-14 10:03 ` Jason Wang
2021-10-12 6:52 ` [PATCH V2 08/12] virtio_ring: fix typos in vring_desc_extra Jason Wang
2021-10-12 6:52 ` [PATCH V2 09/12] virtio_ring: validate used buffer length Jason Wang
2021-10-13 10:02 ` Michael S. Tsirkin
2021-10-14 2:30 ` Jason Wang
2021-10-12 6:52 ` [PATCH V2 10/12] virtio-net: don't let virtio core to validate used length Jason Wang
2021-10-12 6:52 ` [PATCH V2 11/12] virtio-blk: " Jason Wang
2021-10-12 6:52 ` [PATCH V2 12/12] virtio-scsi: don't let virtio core to validate used buffer length Jason Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211020022529-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=david.kaplan@amd.com \
--cc=dongli.zhang@oracle.com \
--cc=f.hetzelt@tu-berlin.de \
--cc=jasowang@redhat.com \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=virtualization@lists.linux-foundation.org \
--subject='Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).