From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4E789C4345F for ; Fri, 26 Apr 2024 19:57:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D6FEE6B0083; Fri, 26 Apr 2024 15:57:13 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D1F316B00A2; Fri, 26 Apr 2024 15:57:13 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BE6CB6B00A6; Fri, 26 Apr 2024 15:57:13 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id A1ABD6B0083 for ; Fri, 26 Apr 2024 15:57:13 -0400 (EDT) Received: from smtpin23.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 527E71608EB for ; Fri, 26 Apr 2024 19:57:13 +0000 (UTC) X-FDA: 82052741946.23.63B69FF Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) by imf08.hostedemail.com (Postfix) with ESMTP id 91964160014 for ; Fri, 26 Apr 2024 19:57:11 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=c9T3UDF7; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf08.hostedemail.com: domain of 3FgcsZgYKCA05rn0wpt11tyr.p1zyv07A-zzx8npx.14t@flex--seanjc.bounces.google.com designates 209.85.128.202 as permitted sender) smtp.mailfrom=3FgcsZgYKCA05rn0wpt11tyr.p1zyv07A-zzx8npx.14t@flex--seanjc.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1714161431; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=7JHOwynv12T0Y/tQm4DZx8daXixOsghTKfdQCt+IwUg=; b=TWsRDUMNHzeUcU57mURH41qTchfyfcvYISURKmqr8J1IYdB6ffdx6+NymwP7wLOE0SLRNa 2+7QzvSN8hb32TuMuvEctP4TzpU7EVf6pczsdfeIRgmRNN53HgZqJ5x3tnc08zLhwKZrTm rY/04lFRKINVDkZbABTR65kx0FeRGw8= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1714161431; a=rsa-sha256; cv=none; b=Jmu8ByyK9oO9/VeMdxw8Qulllb0s1N0GtgGoXKev3iDsxvdSioeh9hCpBpmbik1aRGw1Bd rSqHBBsghI8WqecFWLn++hhUQra3rVgq48XzTf59ufy8yBKLVYR7ht1BG///SmC+TwpDhp ra7NDKgz3CXHgiUoWkAZtpkHPHaBuxg= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=c9T3UDF7; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf08.hostedemail.com: domain of 3FgcsZgYKCA05rn0wpt11tyr.p1zyv07A-zzx8npx.14t@flex--seanjc.bounces.google.com designates 209.85.128.202 as permitted sender) smtp.mailfrom=3FgcsZgYKCA05rn0wpt11tyr.p1zyv07A-zzx8npx.14t@flex--seanjc.bounces.google.com Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-61afb46bad8so32221177b3.0 for ; Fri, 26 Apr 2024 12:57:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714161430; x=1714766230; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=7JHOwynv12T0Y/tQm4DZx8daXixOsghTKfdQCt+IwUg=; b=c9T3UDF7em1qZE1ylJAUE4uJIu+JPTIWz/1JNGn6bbO46A9peHnRprX4DdXqsOkN33 oEe/8sGESqxG56tJnx830GeMl1hWhWGXPd2GjfTgDpI6pNKAArwWeZ4jOO3ngBXa/pyD uMUlC38C2/3IKdYniHnRAqvnaMPccmCNJ3cu65dMedHZr/UlLmF1qjVp/rACLOipvGQ8 92Mdr78g7SPFXiXihZv3k9k78LU47BuwcycGm/h/5PGO0/YISoZ+m4/4bbdndRYu45pf ukEtueCPQDclRzgx6S5yF+31+CpcV1H8nmKAGhpD9C4oEuBrL0INgizv/hkwqH2v3E12 s6aA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714161430; x=1714766230; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=7JHOwynv12T0Y/tQm4DZx8daXixOsghTKfdQCt+IwUg=; b=NM6mALJqFAK4OV5QNy/SU4ckws//eSJV38d/W8RzfNdDkyKw/cr+tj/3MXU18/8uMf d+9KZ+NsLRbqzcvCHr7T29AIWoWqr0RydOZD9sJwAMG2Vc+YAeRapSk6C++C+9KTlf9q xVKF3vOFtSLGJa/9whKDlICUY7c4oN2XE7JEbecCFHuiNj36LMHjDm5MDIzrJ1+AG35R T5gnFQywaiU8UWjeNwEPNsX7xK37E/wWjVHgEWcdrsJ6xG1UM3rAPMmU6MSAnY5r4Ykr DoIXOLjq8sA7u5QOgji/ceUoHNBTvcuYp0pmSaiQ7bbVNwEtbghkySvnQWmy+1eT5vSk mCHg== X-Forwarded-Encrypted: i=1; AJvYcCVuFKbgYXFxBbPALO7QxmJDrAe89Kw64ir9mJ6NuupFBrU0GDGVzM1xQdyAKeH9u8bv5dYQL0lHdBdsyeZayz8Issw= X-Gm-Message-State: AOJu0YzuBq61S0LnSQ42o68Iki56Yn+EgUI6LXfNnlONokFhLgfFvbxm +cQkuWurhjsiZvTHacqacXAbaDlZGXbefVI0ec8X87GNwhvd0meSz7QoKayZZF+3WVr8i3fZW0b bLA== X-Google-Smtp-Source: AGHT+IGVs0AhQC/2tCuBf1vwuuUKjoCfCrLrEQi6QfgrOK53aglDlk7/orKA5npkCNzcOFKzvJ7EPkWyDNk= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:9e13:0:b0:61a:d420:3b57 with SMTP id m19-20020a819e13000000b0061ad4203b57mr174224ywj.0.1714161430548; Fri, 26 Apr 2024 12:57:10 -0700 (PDT) Date: Fri, 26 Apr 2024 12:57:08 -0700 In-Reply-To: <20240426173515.6pio42iqvjj2aeac@amd.com> Mime-Version: 1.0 References: <20240421180122.1650812-1-michael.roth@amd.com> <20240421180122.1650812-22-michael.roth@amd.com> <20240426173515.6pio42iqvjj2aeac@amd.com> Message-ID: Subject: Re: [PATCH v14 21/22] crypto: ccp: Add the SNP_{PAUSE,RESUME}_ATTESTATION commands From: Sean Christopherson To: Michael Roth Cc: kvm@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de, thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, pbonzini@redhat.com, vkuznets@redhat.com, jmattson@google.com, luto@kernel.org, dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com, peterz@infradead.org, srinivas.pandruvada@linux.intel.com, rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de, vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com, tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com, nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com Content-Type: text/plain; charset="us-ascii" X-Rspamd-Queue-Id: 91964160014 X-Rspam-User: X-Rspamd-Server: rspam03 X-Stat-Signature: jmep6dooewqpk53pjgxqpc4mhraqckzf X-HE-Tag: 1714161431-157497 X-HE-Meta: U2FsdGVkX1842LBWXt69UxrJCtOsuCcHNK1TWUXZQEvYhcU3UY/gEPg9/IZo78KfghUCZFepoe2x7xhFiJRpjsw0XnnQ0qs3NsUHY0YBoAt/emWIIKpCUKy7WjePCvRWyv1WkbJTWcttGzpzFeSJ5EujUd6CyzeF9JpwITL6ubsDUtHOlBrhfSmr7EUx59upy1V3LSJMIONEb7L0f8dZWN0kxDpn6DoYMw/KIL64S+x0IGSjbLoOrXEWHgLMvpq56td55UgyT/SYsvszTFS96rItjrrLroR/e7NwK+1N7kNc7MFCtt0SRMBEuWgNf/0vdRLMwNzoMMXBHtSoOGjRZYzxAbbLu8JockoVeHKpucVkQwfyHVlZTuJmuVs87F/T/B8Mlf5tdlI8JjlMMptrKy9nMzk0xy76qducPtA7yD1Diwn4DCqy4CRRWfPYbYXzVDBk7jaMmTCuCbksSkiCsV7xScZASZpK+Bfq6o7e/GsdkVvk6il+dUpibw31YgWN4ZUDDTMqHlS5tqLw3anMA4eILzpHUg5BZlFr+yWLiw9Fu/evndiN72aTH9QdW3N2M6cAkMl5+lrSr4jzX7u3E4m6pU1DOR2tMPbdObDiUGLQ7j7/YXqtYio8EWXor+mQtD1J3EoywtSSkP67emBYj8IV4M4j5WqS3MBlAPIK1/FxOycGtUy05OowDaXDhKpZri2s49LOoBpFxNkY5WypTYpU0Rr/OeJDZbD3h9Tg3tyMQsNg/p8rQqP9njgt6rlHCMKSog2fkfTbIqh6mrB7bCiwWy5Sxxiv9zDlht8cDqiLDSOR4Cg3Vp7N67fgRQ6VFbBqtVAPfw7xMz0BSg1QN5dxdx8ZRbp/AVW0KnXV9LKWrj4x51ok4v3AksBpVxqwmCd5jJOTCv2AH7McyciB07uwtId4EJ4FcPPu+gY4gilqo5+npkcKK49jZamissHfIdViCGn3D6w+WnlgHaF tc7wWybp /3bjsyZdnIqxoXxoPFn3LjCv2KDU5VopSB9XAnHiYcu6P/DMwjH656folvhps7xkMhlt+5GxIoG14SohtnTsrmXnJHojJDmlWaXCG+RY1/uemqbJElrmUpsd6WyikUZ2nH+AsJ5J97+LYh2zv7YF+EndCCZr+6HhPVI6ros7b0TfnOiwuzC4lMCqD7GsEaD6LSaWUX37AfDo69pthc7J1ZVAGoeVWo4Pt3QsvKJOHtq5/nJRzt2hGJfD7L6pSv0/YO9tfGnwSzBduBhHleqvoUbVaXktSeKjSNZKryG4OpbEI49YGbKREkPYDdzAkpkrttToGghbllXDu2QBKKy7c5jjewkCjmQEkTK14n+oLXjxKOQphS1u1swCRmJb7dPBnSpfjWr/vDk16Pc8PFZNl/j+pIZW8mYupd4oA5jwHTax8dWjMbgkuCveNWbSRgZka8AutWVlpvFrnPcdOLGo26oXcmz80AJ+UR+GmxUKd8jTiAdA//b9Pf7jJ5WIi6b4TxBGSe+rsdh0DsByUmu3mQqjmkQpfFq9Ww37bg/5FROWEz5GxE/XwVf3RkACC32QCthver0jTUWSGoBEBgdSDBqXxz8r3xgGLmB+CWLvqFSipWL37YqL1rv5YLAe4fQNO67ih X-Bogosity: Ham, tests=bogofilter, spamicity=0.000135, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, Apr 26, 2024, Michael Roth wrote: > On Wed, Apr 24, 2024 at 05:15:40PM -0700, Sean Christopherson wrote: > > On Sun, Apr 21, 2024, Michael Roth wrote: > > > These commands can be used to pause servicing of guest attestation > > > requests. This useful when updating the reported TCB or signing key with > > > commands such as SNP_SET_CONFIG/SNP_COMMIT/SNP_VLEK_LOAD, since they may > > > in turn require updates to userspace-supplied certificates, and if an > > > attestation request happens to be in-flight at the time those updates > > > are occurring there is potential for a guest to receive a certificate > > > blob that is out of sync with the effective signing key for the > > > attestation report. > > > > > > These interfaces also provide some versatility with how similar > > > firmware/certificate update activities can be handled in the future. > > > > Wait, IIUC, this is using the kernel to get two userspace components to not > > stomp over each other. Why is this the kernel's problem to solve? > > It's not that they are stepping on each other, but that kernel and > userspace need to coordinate on updating 2 components whose updates need > to be atomic from a guest perspective. Take an update to VLEK key for > instance: > > 1) management gets a new VLEK endorsement key from KDS along with What is "management"? I assume its some userspace daemon? > associated certificate chain > 2) management uses SNP_VLEK_LOAD to update key > 3) management updates the certs at the path VMM will grab them > from when the EXT_GUEST_REQUEST userspace exit is issued > > If an attestation request comes in after 2), but before 3), then the > guest sees an attestation report signed with the new key, but still > gets the old certificate. > > If you reverse the ordering: > > 1) management gets a new VLEK endorsement key from KDS along with > associated certificate chain > 2) management updates the certs at the path VMM will grab them > from when the EXT_GUEST_REQUEST userspace exit is issued > 3) management uses SNP_VLEK_LOAD to update key > > then an attestation request between 2) and 3) will result in the guest > getting the new cert, but getting an attestation report signed with an old > endorsement key. > > Providing a way to pause guest attestation requests prior to 2), and > resume after 3), provides a straightforward way to make those updates > atomic to the guest. Assuming "management" is a userspace component, I still don't see why this requires kernel involvement. "management" can tell VMMs to pause attestation without having to bounce through the kernel. It doesn't even require a push model, e.g. wrap/redirect the certs with a file that has a "pause" flag and a sequence counter.