diff options
| author | Yan Zhao <yan.y.zhao@intel.com> | 2025-02-27 09:20:03 +0800 | 
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2025-03-14 14:20:56 -0400 | 
| commit | e6a85781f7837037fb780f322df47ff2142dbd8f (patch) | |
| tree | a91c2fdd5705f913b8d7bed76e63685b5ad83738 /rust/helpers/security.c | |
| parent | da407fe4590878754c790ec22d89398651790856 (diff) | |
KVM: TDX: Detect unexpected SEPT violations due to pending SPTEs
Detect SEPT violations that occur when an SEPT entry is in PENDING state
while the TD is configured not to receive #VE on SEPT violations.
A TD guest can be configured not to receive #VE by setting SEPT_VE_DISABLE
to 1 in tdh_mng_init() or modifying pending_ve_disable to 1 in TDCS when
flexible_pending_ve is permitted. In such cases, the TDX module will not
inject #VE into the TD upon encountering an EPT violation caused by an SEPT
entry in the PENDING state. Instead, TDX module will exit to VMM and set
extended exit qualification type to PENDING_EPT_VIOLATION and exit
qualification bit 6:3 to 0.
Since #VE will not be injected to such TDs, they are not able to be
notified to accept a GPA. TD accessing before accepting a private GPA
is regarded as an error within the guest.
Detect such guest error by inspecting the (extended) exit qualification
bits and make such VM dead.
Cc: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: Rick Edgecombe <rick.p.edgecombe@intel.com>
Signed-off-by: Yan Zhao <yan.y.zhao@intel.com>
Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
Message-ID: <20250227012021.1778144-3-binbin.wu@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'rust/helpers/security.c')
0 files changed, 0 insertions, 0 deletions
