From: "Huang, Kai" <kai.huang@intel.com>
To: "kirill.shutemov@linux.intel.com"
<kirill.shutemov@linux.intel.com>,
"Hansen, Dave" <dave.hansen@intel.com>
Cc: "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"Luck, Tony" <tony.luck@intel.com>,
"david@redhat.com" <david@redhat.com>,
"bagasdotme@gmail.com" <bagasdotme@gmail.com>,
"ak@linux.intel.com" <ak@linux.intel.com>,
"Wysocki, Rafael J" <rafael.j.wysocki@intel.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"Chatre, Reinette" <reinette.chatre@intel.com>, "Christopherson,,
Sean" <seanjc@google.com>,
"pbonzini@redhat.com" <pbonzini@redhat.com>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"Yamahata, Isaku" <isaku.yamahata@intel.com>,
"peterz@infradead.org" <peterz@infradead.org>,
"Shahar, Sagi" <sagis@google.com>,
"imammedo@redhat.com" <imammedo@redhat.com>,
"Gao, Chao" <chao.gao@intel.com>,
"Brown, Len" <len.brown@intel.com>,
"sathyanarayanan.kuppuswamy@linux.intel.com"
<sathyanarayanan.kuppuswamy@linux.intel.com>,
"Huang, Ying" <ying.huang@intel.com>,
"Williams, Dan J" <dan.j.williams@intel.com>
Subject: Re: [PATCH v11 18/20] x86: Handle TDX erratum to reset TDX private memory during kexec() and reboot
Date: Tue, 13 Jun 2023 00:51:23 +0000 [thread overview]
Message-ID: <3bbb6b384ba89dfaa13be01654ad27e41d779fba.camel@intel.com> (raw)
In-Reply-To: <48d5a29a-878c-665d-6ac2-6f0563bf6f3c@intel.com>
On Mon, 2023-06-12 at 06:47 -0700, Dave Hansen wrote:
> On 6/12/23 03:27, Huang, Kai wrote:
> > So I think a __mb() after setting tdmr->pamt_4k_base should be good enough, as
> > it guarantees when setting to any pamt_*_size happens, the valid pamt_4k_base
> > will be seen by other cpus.
> >
> > Does it make sense?
>
> Just use a normal old atomic_t or set_bit()/test_bit(). They have
> built-in memory barriers are are less likely to get botched.
Thanks for the suggestion.
Hi Dave, Kirill,
I'd like to check with you that whether we should introduce a mechanism to track
TDX private pages for both this patch and the next.
As you can see this patch only deals PAMT pages due to couple of reasons that
mnentioned in the changelog. The next MCE patch handles all TDX private pages,
but it uses SEAMCALL in the #MC handler. Using SEAMCALL has two cons: 1) it is
slow (probably doesn't matter, though); 2) it brings additional risk of
triggering further #MC inside TDX module, although such risk should be a
theoretical thing.
If we introduce a helper to mark a page as TDX private page, then both above
patches can utilize it. We don't need to consult TDMRs to get PAMT anymore in
this patch (we will need a way to loop all TDX-usable memory pages, but this
needs to be done anyway with TDX guests). I believe eventually we can end up
with less code.
In terms of how to do, for PAMT pages, we can set page->private to a TDX magic
number because they come out of page allocator directly. Secure-EPT pages are
like PAMT pages too. For TDX guest private pages, Sean is moving to implement
KVM's own pseudo filesystem so they will have a unique mapping to identify.
https://github.com/sean-jc/linux/commit/40d338c8629287dda60a9f7c800ede8549295a7c
And my thinking is in this TDX host series, we can just handle PAMT pages. Both
secure-EPT and TDX guest private pages can be handled later in KVM TDX series.
I think eventually we can have a function like below to tell whether a page is
TDX private page:
bool page_is_tdx_private(struct page *page)
{
if (page->private == TDX_PRIVATE_MAGIC)
return true;
if (!page_mapping(page))
return false;
return page_mapping(page)->a_ops == &kvm_gmem_ops;
}
How does this sound? Or any other comments? Thanks!
next prev parent reply other threads:[~2023-06-13 0:51 UTC|newest]
Thread overview: 144+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <cover.1685887183.git.kai.huang@intel.com>
[not found] ` <af4e428ab1245e9441031438e606c14472daf927.1685887183.git.kai.huang@intel.com>
[not found] ` <a2da8af2-41a9-a0cf-dbe9-7f0a14bf05fe@linux.intel.com>
2023-06-06 22:58 ` [PATCH v11 02/20] x86/virt/tdx: Detect TDX during kernel boot Huang, Kai
2023-06-06 23:44 ` Isaku Yamahata
2023-06-19 12:12 ` David Hildenbrand
2023-06-19 23:58 ` Huang, Kai
[not found] ` <ec640452a4385d61bec97f8b761ed1ff38898504.1685887183.git.kai.huang@intel.com>
2023-06-06 23:55 ` [PATCH v11 05/20] x86/virt/tdx: Add SEAMCALL infrastructure Isaku Yamahata
2023-06-07 14:24 ` Dave Hansen
2023-06-07 18:53 ` Isaku Yamahata
2023-06-07 19:27 ` Dave Hansen
2023-06-07 19:47 ` Isaku Yamahata
2023-06-07 20:08 ` Sean Christopherson
2023-06-07 20:22 ` Dave Hansen
2023-06-08 0:51 ` Huang, Kai
2023-06-08 13:50 ` Dave Hansen
2023-06-07 22:56 ` Huang, Kai
2023-06-08 14:05 ` Dave Hansen
2023-06-19 12:52 ` David Hildenbrand
2023-06-20 10:37 ` Huang, Kai
2023-06-20 12:20 ` kirill.shutemov
2023-06-20 12:39 ` David Hildenbrand
2023-06-20 15:15 ` Dave Hansen
[not found] ` <f9148e67e968d7aed4707b67ea9b1aa761401255.1685887183.git.kai.huang@intel.com>
2023-06-07 15:54 ` [PATCH v11 10/20] x86/virt/tdx: Add placeholder to construct TDMRs to cover all TDX memory regions Dave Hansen
2023-06-07 15:57 ` Dave Hansen
2023-06-08 10:18 ` Huang, Kai
2023-06-08 22:52 ` kirill.shutemov
2023-06-12 2:21 ` Huang, Kai
2023-06-12 3:01 ` Dave Hansen
[not found] ` <cee2f2664aac3c5314896c6d14cba50f2617c0e5.1685887183.git.kai.huang@intel.com>
2023-06-08 0:08 ` [PATCH v11 03/20] x86/virt/tdx: Make INTEL_TDX_HOST depend on X86_X2APIC kirill.shutemov
[not found] ` <50386eddbb8046b0b222d385e56e8115ed566526.1685887183.git.kai.huang@intel.com>
2023-06-07 15:25 ` [PATCH v11 08/20] x86/virt/tdx: Get information about TDX module and TDX-capable memory Dave Hansen
2023-06-08 0:27 ` kirill.shutemov
2023-06-08 2:40 ` Huang, Kai
2023-06-08 11:41 ` kirill.shutemov
2023-06-08 13:13 ` Dave Hansen
2023-06-12 2:00 ` Huang, Kai
2023-06-08 23:29 ` Isaku Yamahata
2023-06-08 23:54 ` kirill.shutemov
2023-06-09 1:33 ` Isaku Yamahata
2023-06-09 10:02 ` kirill.shutemov
2023-06-12 2:00 ` Huang, Kai
2023-06-19 13:29 ` David Hildenbrand
2023-06-19 23:51 ` Huang, Kai
2023-06-08 21:03 ` [PATCH v11 00/20] TDX host kernel support Dan Williams
2023-06-12 10:56 ` Huang, Kai
[not found] ` <468533166590ff5ed11730350c4af8cdb0b99165.1685887183.git.kai.huang@intel.com>
2023-06-07 15:48 ` [PATCH v11 09/20] x86/virt/tdx: Use all system memory when initializing TDX module as TDX memory Dave Hansen
2023-06-07 23:22 ` Huang, Kai
2023-06-08 22:40 ` kirill.shutemov
[not found] ` <409448809f7c78191aa27d6d2970ba1384c2d464.1685887183.git.kai.huang@intel.com>
2023-06-08 23:53 ` [PATCH v11 13/20] x86/virt/tdx: Designate reserved areas for all TDMRs kirill.shutemov
[not found] ` <4e6cd933edd2501147366df7a17e1087560a4320.1685887183.git.kai.huang@intel.com>
2023-06-08 23:53 ` [PATCH v11 14/20] x86/virt/tdx: Configure TDX module with the TDMRs and global KeyID kirill.shutemov
[not found] ` <30358db4eff961c69783bbd4d9f3e50932a9a759.1685887183.git.kai.huang@intel.com>
2023-06-08 23:53 ` [PATCH v11 15/20] x86/virt/tdx: Configure global KeyID on all packages kirill.shutemov
2023-06-15 8:12 ` Nikolay Borisov
2023-06-15 22:24 ` Huang, Kai
2023-06-19 14:56 ` kirill.shutemov
2023-06-19 23:38 ` Huang, Kai
[not found] ` <34853e0f8f38ec2fda66b0ba480d4df63b8aab43.1685887183.git.kai.huang@intel.com>
2023-06-08 23:56 ` [PATCH v11 20/20] Documentation/x86: Add documentation for TDX host support Dave Hansen
2023-06-12 3:41 ` Huang, Kai
2023-06-16 9:02 ` Nikolay Borisov
2023-06-16 16:26 ` Dave Hansen
[not found] ` <927ec9871721d2a50f1aba7d1cf7c3be50e4f49b.1685887183.git.kai.huang@intel.com>
2023-06-07 16:05 ` [PATCH v11 11/20] x86/virt/tdx: Fill out TDMRs to cover all TDX memory regions Dave Hansen
2023-06-08 10:48 ` Huang, Kai
2023-06-08 13:11 ` Dave Hansen
2023-06-12 2:33 ` Huang, Kai
2023-06-12 14:33 ` kirill.shutemov
2023-06-12 22:10 ` Huang, Kai
2023-06-13 10:18 ` kirill.shutemov
2023-06-13 23:19 ` Huang, Kai
2023-06-08 23:02 ` kirill.shutemov
2023-06-12 2:25 ` Huang, Kai
2023-06-09 4:01 ` Sathyanarayanan Kuppuswamy
2023-06-12 2:28 ` Huang, Kai
2023-06-14 12:31 ` Nikolay Borisov
2023-06-14 22:45 ` Huang, Kai
[not found] ` <7bd7d0c6196deb58b54d6e629603775844b1307d.1685887183.git.kai.huang@intel.com>
2023-06-09 10:03 ` [PATCH v11 16/20] x86/virt/tdx: Initialize all TDMRs kirill.shutemov
[not found] ` <17bcbe3e154415ee7a4c77489809a3db0c5ddf3f.1685887183.git.kai.huang@intel.com>
2023-06-09 10:14 ` [PATCH v11 17/20] x86/kexec: Flush cache of TDX private memory kirill.shutemov
[not found] ` <116cafb15625ac0bcda7b47143921d0c42061b69.1685887183.git.kai.huang@intel.com>
2023-06-09 13:17 ` [PATCH v11 19/20] x86/mce: Improve error log of kernel space TDX #MC due to erratum kirill.shutemov
2023-06-12 3:08 ` Huang, Kai
2023-06-12 7:59 ` kirill.shutemov
2023-06-12 13:51 ` Dave Hansen
2023-06-12 23:31 ` Huang, Kai
[not found] ` <5aa7506d4fedbf625e3fe8ceeb88af3be1ce97ea.1685887183.git.kai.huang@intel.com>
2023-06-09 13:23 ` [PATCH v11 18/20] x86: Handle TDX erratum to reset TDX private memory during kexec() and reboot kirill.shutemov
2023-06-12 3:06 ` Huang, Kai
2023-06-12 7:58 ` kirill.shutemov
2023-06-12 10:27 ` Huang, Kai
2023-06-12 11:48 ` kirill.shutemov
2023-06-12 13:18 ` David Laight
2023-06-12 13:47 ` Dave Hansen
2023-06-13 0:51 ` Huang, Kai [this message]
2023-06-13 11:05 ` kirill.shutemov
2023-06-14 0:15 ` Huang, Kai
2023-06-13 14:25 ` Dave Hansen
2023-06-13 23:18 ` Huang, Kai
2023-06-14 0:24 ` Dave Hansen
2023-06-14 0:38 ` Huang, Kai
2023-06-14 0:42 ` Huang, Kai
2023-06-19 11:43 ` Huang, Kai
2023-06-19 14:31 ` Dave Hansen
2023-06-19 14:46 ` kirill.shutemov
2023-06-19 23:35 ` Huang, Kai
2023-06-19 23:41 ` Dave Hansen
2023-06-20 0:56 ` Huang, Kai
2023-06-20 1:06 ` Dave Hansen
2023-06-20 7:58 ` Peter Zijlstra
2023-06-25 15:30 ` Huang, Kai
2023-06-25 23:26 ` Huang, Kai
2023-06-20 7:48 ` Peter Zijlstra
2023-06-20 8:11 ` Peter Zijlstra
2023-06-20 10:42 ` Huang, Kai
2023-06-20 10:56 ` Peter Zijlstra
2023-06-14 9:33 ` Huang, Kai
2023-06-14 10:02 ` kirill.shutemov
2023-06-14 10:58 ` Huang, Kai
2023-06-14 11:08 ` kirill.shutemov
2023-06-14 11:17 ` Huang, Kai
[not found] ` <4e108968c3294189ad150f62df1f146168036342.1685887183.git.kai.huang@intel.com>
2023-06-08 23:24 ` [PATCH v11 12/20] x86/virt/tdx: Allocate and set up PAMTs for TDMRs kirill.shutemov
2023-06-08 23:43 ` Dave Hansen
2023-06-12 2:52 ` Huang, Kai
2023-06-25 15:38 ` Huang, Kai
2023-06-15 7:48 ` Nikolay Borisov
[not found] ` <86f2a8814240f4bbe850f6a09fc9d0b934979d1b.1685887183.git.kai.huang@intel.com>
[not found] ` <20230606123821.exit7gyxs42dxotz@box.shutemov.name>
2023-06-06 22:58 ` [PATCH v11 04/20] x86/cpu: Detect TDX partial write machine check erratum Huang, Kai
2023-06-07 15:06 ` kirill.shutemov
2023-06-07 14:15 ` Dave Hansen
2023-06-07 22:43 ` Huang, Kai
2023-06-19 11:37 ` Huang, Kai
2023-06-20 15:44 ` Dave Hansen
2023-06-20 23:11 ` Huang, Kai
2023-06-19 12:21 ` David Hildenbrand
2023-06-20 10:31 ` Huang, Kai
2023-06-20 15:39 ` Dave Hansen
2023-06-20 16:03 ` David Hildenbrand
2023-06-20 16:21 ` Dave Hansen
[not found] ` <9b3582c9f3a81ae68b32d9997fcd20baecb63b9b.1685887183.git.kai.huang@intel.com>
2023-06-07 8:19 ` [PATCH v11 06/20] x86/virt/tdx: Handle SEAMCALL running out of entropy error Isaku Yamahata
2023-06-07 15:08 ` Dave Hansen
2023-06-07 23:36 ` Huang, Kai
2023-06-08 0:29 ` Dave Hansen
2023-06-08 0:08 ` kirill.shutemov
2023-06-09 14:42 ` Nikolay Borisov
2023-06-12 11:04 ` Huang, Kai
2023-06-19 13:00 ` David Hildenbrand
2023-06-20 10:39 ` Huang, Kai
2023-06-20 11:14 ` David Hildenbrand
[not found] ` <21b3a45cb73b4e1917c1eba75b7769781a15aa14.1685887183.git.kai.huang@intel.com>
2023-06-07 15:22 ` [PATCH v11 07/20] x86/virt/tdx: Add skeleton to enable TDX on demand Dave Hansen
2023-06-08 2:10 ` Huang, Kai
2023-06-08 13:43 ` Dave Hansen
2023-06-12 11:21 ` Huang, Kai
2023-06-19 13:16 ` David Hildenbrand
2023-06-19 23:28 ` Huang, Kai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3bbb6b384ba89dfaa13be01654ad27e41d779fba.camel@intel.com \
--to=kai.huang@intel.com \
--cc=ak@linux.intel.com \
--cc=bagasdotme@gmail.com \
--cc=chao.gao@intel.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@intel.com \
--cc=david@redhat.com \
--cc=imammedo@redhat.com \
--cc=isaku.yamahata@intel.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=len.brown@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rafael.j.wysocki@intel.com \
--cc=reinette.chatre@intel.com \
--cc=sagis@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=ying.huang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox