From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 540D4C3DA4A for ; Fri, 16 Aug 2024 21:58:26 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DD4806B02A8; Fri, 16 Aug 2024 17:58:25 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D5CE56B02AA; Fri, 16 Aug 2024 17:58:25 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BD6BE6B02AB; Fri, 16 Aug 2024 17:58:25 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 9611F6B02A8 for ; Fri, 16 Aug 2024 17:58:25 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 43E9AA5D2B for ; Fri, 16 Aug 2024 21:58:25 +0000 (UTC) X-FDA: 82459472970.18.31D5538 Received: from mail-lj1-f170.google.com (mail-lj1-f170.google.com [209.85.208.170]) by imf12.hostedemail.com (Postfix) with ESMTP id 6FC9E40014 for ; Fri, 16 Aug 2024 21:58:23 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b="L16ir6/U"; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf12.hostedemail.com: domain of dionnaglaze@google.com designates 209.85.208.170 as permitted sender) smtp.mailfrom=dionnaglaze@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1723845489; a=rsa-sha256; cv=none; b=bl0uXgJ3uBG1P84Vb+JQxI/d03kZ00xG/Gj5Ewyc5VPouEkkvAu98WOYa4DfKlKAKGcVY5 R17hXsd5glZGXA/QSz95SjBumD55H7fgJOV1hhp+ki5iuOjRuvL4sJPwF8hcPb0qQjwIye LgSSConTgJmdJ/kb4ajfS4Zl8md/h9M= ARC-Authentication-Results: i=1; imf12.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b="L16ir6/U"; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf12.hostedemail.com: domain of dionnaglaze@google.com designates 209.85.208.170 as permitted sender) smtp.mailfrom=dionnaglaze@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1723845489; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=vyAQI0mLIme3ritjMf52b0imeC+VEqOt65MTNAtgvRU=; b=0JnW8YJ7zf/cuDH5P09XaB2A0hdfhUo9ZSWLB3f8d5nqpcp5pCaiHGfp4Hs6p24209Wf1R 9JhTueOZEq/4Gd1pzCKDG7cx9aEU1u19vIkDeTwmwXa4TykxEVGaBuCxt5QSIrIf5+UE5J kGJH9kacD43+nkYFN/maNgUZLxljdcQ= Received: by mail-lj1-f170.google.com with SMTP id 38308e7fff4ca-2f01e9f53e3so38698841fa.1 for ; Fri, 16 Aug 2024 14:58:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1723845502; x=1724450302; darn=kvack.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=vyAQI0mLIme3ritjMf52b0imeC+VEqOt65MTNAtgvRU=; b=L16ir6/UZCAAalzl5XK7WUSUbKqZU+UW51mg+yfPQKVMOsyD8JlqDoQM/k44hNDcpe 3Fc8tN3xPD1IGZlQXIiaLLMcLsBEistjAL5uDawCD/HO7Ejy/Ew/THdrSu62gPtA9ORW 0hvEvgszeyWQoOxeTq2gx4ttBW80oEPxZNA5m57RkWW6Fb88OXRKjSpp1RLzT/VnBdVv GQNoEcu/+zZZO9cXiFL1mhBR0HeUdSyDbeFT8FUn4o6x7BJZJyKGMEMPUZ2ak5uFJQEp tpVxRJzLvWeh52sHrMik0iW7Qt8zsEoCgEJwmJp7lHE9q7pBPynaksYFiCjD8OtsPa1p LA/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723845502; x=1724450302; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=vyAQI0mLIme3ritjMf52b0imeC+VEqOt65MTNAtgvRU=; b=qWl766f0TQBZaiXQqGpF0qKt4P15Ir0S8VV29w61xxEFfsFjLHIfsGxwl35HNaz3sb Ogf3GA2Ff0AhtYAdmNCu9TKutcIDNBFD3EgmOOSMwSloJJ8LwAV2skkX+XAzBcSPF0k9 yDBE9wh5uDPH0w2++Hs97nzegFGZNS52e8fAMOAx0eU4XzwMKn5UvnjA7eg6WDUyNaBx lNBobUjDgHx0Wxak9/y/21F2b/HVp2VI885NYxasWLGe87mWRBvNcmYvi6SSfRtBeIWB MuDM72lDjHXR3Ih7Cx6xLRReuHznLJV9StipOI4stnl2mv1FHtzgcMfOVwx/t8YR4GAk nVnw== X-Forwarded-Encrypted: i=1; AJvYcCVTa1vV6p1AaeqQ2kyz5gWi+tnpBofdndNlbJy/7Al733LmjhyvPrOPP44Gw7+WbOAfTw7I9eMPmabwrbLY7JwKK/s= X-Gm-Message-State: AOJu0YzKkVznFo73OHEVmBWCJzlpXnmvlegW+/rC2lIeyR9zVSZad611 6mBS7ffRUlDnhSSXhyHQ5+mu1vA8ejj1W2JHxFK1FF1QTfsPeorB9nP/Q9uY5dO6JWJ5N6YxkCd NCupA/gawsi+WMrGxCr1v0k24SRRyYqvdaizr X-Google-Smtp-Source: AGHT+IE3OGYvE2Lmfx5P1zwYegVYlgr1AuU2FCcSFUysvWMVPGL4hd0/zjoroW1fldq0JWzGDaAIAmG9Jq4zoll+/tc= X-Received: by 2002:a05:6512:238f:b0:52e:9808:3f48 with SMTP id 2adb3069b0e04-5331c6aee2cmr3903167e87.21.1723845501250; Fri, 16 Aug 2024 14:58:21 -0700 (PDT) MIME-Version: 1.0 References: <20240515012552.801134-1-michael.roth@amd.com> In-Reply-To: From: Dionna Amalie Glaze Date: Fri, 16 Aug 2024 14:58:10 -0700 Message-ID: Subject: Re: [PATCH] KVM: SEV: Replace KVM_EXIT_VMGEXIT with KVM_EXIT_SNP_REQ_CERTS To: Michael Roth Cc: seanjc@google.com, kvm@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de, thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, pbonzini@redhat.com, vkuznets@redhat.com, jmattson@google.com, luto@kernel.org, dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com, peterz@infradead.org, srinivas.pandruvada@linux.intel.com, rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de, vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com, tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com, nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com, papaluri@amd.com Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Rspamd-Queue-Id: 6FC9E40014 X-Rspamd-Server: rspam01 X-Stat-Signature: xz1f5zmbu1wncc9fgyb57ka9kpo4fafy X-HE-Tag: 1723845503-531328 X-HE-Meta: U2FsdGVkX1/U65a0Q696wAE199q84Z/BlcY+4nLzJyRhadepEIRei8g9RiCAg8NPr9jwYLB1JaOsVDDmtjNLpFzU/iZGlk2njjUqBJQPBMZ4/uXQHmtcLKSvkBhexUNg76FJg30DEHq0gTM1cXDX+TaTiUPY3WUi4Ufgc2ZN7wBNS8mLPk00IZ8uZPrDUJdQ09PYz8yeSSH+09OQK8SnyFAHXH/Cfz9FdVMYuASpudhhYiTpGvZXNvuDYiVEgUMazCUwkeLfp2oXWIifgDdz3b2xRfG1sO4HmZ8A6ToQ5mwxL51rHZam15yDpWi+1V/82Mfd4j+yo3929QaNTCbSwDdy5PWaPnkphZ3IGHCSHsf+nrKG107+RdYGCYUEMiC8xCV3k8vTzunzehffUsa4aTORXRavHcIWNAbIFVkkLGc0sBW4bIv0ZMRjpirLGS8+QsjxVA0JA4GzcdFfuPfOZsuRW8xsoqoT7IF80XG1tiyTVQP0UB+s2xEH3qcviZocjvzW/Ycq5NXYzTAuHrtD1aI5WZxoWNM0aWUoXO/uKhWxatg7+FvTxaM2BEouIhiJIN9PZuAw4wSFWXol3TvRU/s/fImXDyBYfC4/tm/JwOJCpYFdWtZ5f8O/dBKYGjMIKyHABiVjZApTdCo/2fvOaeYvujnaCkpBxna4hZQs7exK1T7JO5Pumze6d0JUHEV271p2ta5IVZ9H1HbwXgGyVP1J/SwQAj4rRNEfJnguItkGH4X34pJc6uCz0Vyxxx0kXSddlMN+ckIk50D6gbqvPi0pxWEE8FyuyzZtJtMwmrhaLoxQ7xIW4cseJ/TnS+yq82sY5F2wHTHx0YIafdlAEUT/1j/ND7xEDwL3XomzzgfXugGiP0GAo71f1i32S+gfR5OwHoJ3c4Es3HbpFaCQzDQIoYTqu2vjfmUKeoa5SGQ9B/CuWo0STqrPcfhTWhFstyQ6E//7PkhSYS9VPEW OzMqPFLv LfGQm1pZfVbWGyBXhrHdPLZ3ylKMRh3OfZxuZ+CAHc4UPzBkj5vHYSWf2EmS2xMI0gnjfwqRFMRMTdFA7XFXc8q1IABv7nSFfMNaplvOd4ABpaFYxKl3ntTRFQE3GamQBj+O6s0KX0+JCt27PcnoZyEPjWZJvGFCsWkfn3TEcKd47qqeQtPQwYNNGtCTKNBSeIImtR/CjykHO4KT5RkGBbeB31yNqnnKndH0AWrMNBT5d1RTo4TB1ewzawZOnpas+9Jj0pKaCNZeDKiU= X-Bogosity: Ham, tests=bogofilter, spamicity=0.107517, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: > How do we avoid this? > 1. We can advise that the guest parses the certificate and the > attestation report to determine if their TCBs match expectations and > retry if they're different because of a bad luck data race. > 2. We can add a new global lock that KVM holds from CCP similar to > sev_cmd_lock to sequentialize req_certs, attestation reports, and > SNP_COMMIT. KVM releases the lock before returning to the guest. > SNP_COMMIT must now hold this lock before attempting to grab the sev_cmd_lock. > > I think probably 2 is better. > Actually no, we shouldn't hold a global lock and only release it if user space returns to KVM in a specific way, unless we can ensure it will be unlocked safely on fd close. -- -Dionna Glaze, PhD, CISSP, CCSP (she/her)