On Wed, Nov 16, 2022 at 12:02 PM Tom Lendacky thomas.lendacky@amd.com wrote:
On 11/16/22 11:55, Peter Gonda wrote:
The AMD Secure Processor (ASP) and an SNP guest use a series of AES-GCM keys called VMPCKs to communicate securely with each other. The IV to this scheme is a sequence number that both the ASP and the guest track. Currently this sequence number in a guest request must exactly match the sequence number tracked by the ASP. This means that if the guest sees an error from the host during a request it can only retry that exact request or disable the VMPCK to prevent an IV reuse. AES-GCM cannot tolerate IV reuse see: "Authentication Failures in NIST version of GCM" - Antoine Joux et al.
In order to address this make handle_guest_request() delete the VMPCK on any non successful return. To allow userspace querying the cert_data length make handle_guest_request() safe the number of pages required by
s/safe/save/
the host, then handle_guest_request() retry the request without
... then have handle_guest_request() ...
requesting the extended data, then return the number of pages required back to userspace.
Fixes: fce96cf044308 ("virt: Add SEV-SNP guest driver") Signed-off-by: Peter Gonda pgonda@google.com Reported-by: Peter Gonda pgonda@google.com
Just some nits on the commit message and comments below, otherwise
Reviewed-by: Tom Lendacky thomas.lendacky@amd.com
Thanks Tom. I'll update with all the feedback after Boris chimes in.