From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 735EBC433EF
	for <linux-mm@archiver.kernel.org>; Fri, 13 May 2022 05:31:25 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id BC24B6B0073; Fri, 13 May 2022 01:31:24 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id B717A8D0002; Fri, 13 May 2022 01:31:24 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id A11D48D0001; Fri, 13 May 2022 01:31:24 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12])
	by kanga.kvack.org (Postfix) with ESMTP id 8FF816B0073
	for <linux-mm@kvack.org>; Fri, 13 May 2022 01:31:24 -0400 (EDT)
Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay12.hostedemail.com (Postfix) with ESMTP id 56A8312055B
	for <linux-mm@kvack.org>; Fri, 13 May 2022 05:31:24 +0000 (UTC)
X-FDA: 79459596888.18.3695728
Received: from mail-yw1-f182.google.com (mail-yw1-f182.google.com [209.85.128.182])
	by imf23.hostedemail.com (Postfix) with ESMTP id 5DEC01400AE
	for <linux-mm@kvack.org>; Fri, 13 May 2022 05:31:09 +0000 (UTC)
Received: by mail-yw1-f182.google.com with SMTP id 00721157ae682-2feb8eac315so1465057b3.3
        for <linux-mm@kvack.org>; Thu, 12 May 2022 22:31:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=gKLughjFlyED9GD+lezUGFZUmIZgaJat/1TiEmkmMkM=;
        b=mwkhJOS1JILPbq6/evvj/H6+BD7Yb/ikfiCpOb/8IZnBJUQhVnn+88dVWNq6OIM+P2
         jPHtcEQI3AhGQFPnDInzAuyYMtD7C+dzKsfsxlwb9QTQe/js/Mh0iBF/obm1UwAUGOeO
         mx94EKB+zsajqUvR1jIQ6OEfTFace3rUuBGQoo4gZtgrGrYRb1FxlEP12bptXFSLUDTJ
         0THrPQfD8YjrH9B9POWV3vgCgEkSeG2uXxf/dVh3ENHV6YJlIEyxXT+H1LGduLeP8UD8
         tFCuFh7xOQY/Uzw44UV6DkD6MqcpGaPrCIvK32kuRPUkoMArsR9ZpcqC3ZN6d0Hm0xg6
         Noyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=gKLughjFlyED9GD+lezUGFZUmIZgaJat/1TiEmkmMkM=;
        b=dSoW00zSWLgJXGTSDwXPgifspWDigNK3jhsTfjFgyI+krmncnX+Za8+yJGv+3ax3cz
         FzaJprttGMBkBBFOt8CDwf53D4en3AWAYU9//BNMw//UURjrFGl+hecXkf+BzmfWfbrl
         QeJvoQamBSxMqoyVmXioeiBDtuHgWqTY7Pk1ufDZKkXKEdR0brKg/nfw8o9awNzveRZ2
         ShFz132YsROTDFxE15EjHpl8E9g0Hf2qKz++ie2QDrXAWuI37qf4FeyGKDqsigTiLHF1
         Ni7pNrqHdQYgvBun9lNm+S/5zkAadgmzzSvNlYNTDJ4dee+y2AOhRcJO05t11O6oEccc
         yDlg==
X-Gm-Message-State: AOAM5301FoWC0n152d2iAKdi+GMeDhHXqMebUqRTUiRXjxzxcgn54ouB
	6/2ZSpyo96Wc5/k90Hb7RuDk67tsl2UgGf9nnMkmzA==
X-Google-Smtp-Source: ABdhPJz2cZ0IvZMDzhhF0xOQnhb2xs00R0rVKuA925zeDQJ6oRzg6AMj8TLbkp/OPK3kIMllFTKbJVbRmRtXDslcIPM=
X-Received: by 2002:a81:9d1:0:b0:2eb:ee42:4281 with SMTP id
 200-20020a8109d1000000b002ebee424281mr3831392ywj.371.1652419882926; Thu, 12
 May 2022 22:31:22 -0700 (PDT)
MIME-Version: 1.0
References: <20220425033934.68551-1-kirill.shutemov@linux.intel.com>
 <20220425033934.68551-7-kirill.shutemov@linux.intel.com> <YnE4ZzzVrxUnr3Uv@zn.tnic>
 <20220506153013.e6v4q2qhuhqumfiu@box.shutemov.name> <YnpGnMoviGoK4Ucq@zn.tnic>
In-Reply-To: <YnpGnMoviGoK4Ucq@zn.tnic>
From: Dionna Amalie Glaze <dionnaglaze@google.com>
Date: Thu, 12 May 2022 22:31:11 -0700
Message-ID: <CAAH4kHae4RKafOUVkmAwOD3BKtkb2LPNAJKs1KaGe_eKzkftzQ@mail.gmail.com>
Subject: Re: [PATCHv5 06/12] x86/boot/compressed: Handle unaccepted memory
To: Borislav Petkov <bp@alien8.de>
Cc: "Kirill A. Shutemov" <kirill@shutemov.name>, 
	"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>, Andy Lutomirski <luto@kernel.org>, 
	Sean Christopherson <seanjc@google.com>, Andrew Morton <akpm@linux-foundation.org>, 
	Joerg Roedel <jroedel@suse.de>, Ard Biesheuvel <ardb@kernel.org>, Andi Kleen <ak@linux.intel.com>, 
	Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>, 
	David Rientjes <rientjes@google.com>, Vlastimil Babka <vbabka@suse.cz>, 
	Tom Lendacky <thomas.lendacky@amd.com>, Thomas Gleixner <tglx@linutronix.de>, 
	Peter Zijlstra <peterz@infradead.org>, Paolo Bonzini <pbonzini@redhat.com>, 
	Ingo Molnar <mingo@redhat.com>, Varad Gautam <varad.gautam@suse.com>, 
	Dario Faggioli <dfaggioli@suse.com>, Dave Hansen <dave.hansen@intel.com>, 
	Brijesh Singh <brijesh.singh@amd.com>, Mike Rapoport <rppt@kernel.org>, 
	David Hildenbrand <david@redhat.com>, x86@kernel.org, linux-mm@kvack.org, 
	linux-coco@lists.linux.dev, linux-efi@vger.kernel.org, 
	linux-kernel@vger.kernel.org
Content-Type: multipart/alternative; boundary="00000000000024a3d805deddfca3"
Authentication-Results: imf23.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=mwkhJOS1;
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf23.hostedemail.com: domain of dionnaglaze@google.com designates 209.85.128.182 as permitted sender) smtp.mailfrom=dionnaglaze@google.com
X-Rspamd-Server: rspam06
X-Rspamd-Queue-Id: 5DEC01400AE
X-Rspam-User: 
X-Stat-Signature: bbd3thb7f1f4n14x9dxbt3tin56m6hag
X-HE-Tag: 1652419869-621557
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

--00000000000024a3d805deddfca3
Content-Type: text/plain; charset="UTF-8"

Kirill, I've been tracking these changes to see if we can handle the
unaccepted memory type for SEV-SNP, but testing has been an issue. The
proposed patch in Ovmf to introduce unaccepted memory seems to have stalled
out last September (
https://www.mail-archive.com/devel@edk2.groups.io/msg35842.html) and is
particularly difficult to adapt to SEV-SNP since it doesn't follow the TDVF
way of initializing all memory. Is there a different development I might
have missed so that we might test these cases? Without the UEFI introducing
EFI_UNACCEPTED_MEMORY type, any kernel uses are essentially dead code.

Thanks,
-Dionna

On Tue, May 10, 2022 at 4:04 AM Borislav Petkov <bp@alien8.de> wrote:

> On Fri, May 06, 2022 at 06:30:13PM +0300, Kirill A. Shutemov wrote:
> > I find it harder to follow.
>
> If in doubt, always consider using a helper function:
>
> ---
>
> diff --git a/arch/x86/boot/compressed/efi.h
> b/arch/x86/boot/compressed/efi.h
> index 7db2f41b54cd..cf475243b6d5 100644
> --- a/arch/x86/boot/compressed/efi.h
> +++ b/arch/x86/boot/compressed/efi.h
> @@ -32,6 +32,7 @@ typedef       struct {
>  } efi_table_hdr_t;
>
>  #define EFI_CONVENTIONAL_MEMORY                 7
> +#define EFI_UNACCEPTED_MEMORY          15
>
>  #define EFI_MEMORY_MORE_RELIABLE \
>                                 ((u64)0x0000000000010000ULL)    /* higher
> reliability */
> diff --git a/arch/x86/boot/compressed/kaslr.c
> b/arch/x86/boot/compressed/kaslr.c
> index 28b91df9d31e..39bb4c319dfc 100644
> --- a/arch/x86/boot/compressed/kaslr.c
> +++ b/arch/x86/boot/compressed/kaslr.c
> @@ -671,6 +671,23 @@ static bool process_mem_region(struct mem_vector
> *region,
>  }
>
>  #ifdef CONFIG_EFI
> +
> +/*
> + * Only EFI_CONVENTIONAL_MEMORY and EFI_UNACCEPTED_MEMORY (if supported)
> are guaranteed
> + * to be free.
> + */
> +static inline bool memory_type_is_free(efi_memory_desc_t *md)
> +{
> +       if (md->type == EFI_CONVENTIONAL_MEMORY)
> +               return true;
> +
> +       if (IS_ENABLED(CONFIG_UNACCEPTED_MEMORY))
> +               if (md->type == EFI_UNACCEPTED_MEMORY)
> +                       return true;
> +
> +       return false;
> +}
> +
>  /*
>   * Returns true if we processed the EFI memmap, which we prefer over the
> E820
>   * table if it is available.
> @@ -723,21 +740,9 @@ process_efi_entries(unsigned long minimum, unsigned
> long image_size)
>                  * free memory and thus available to place the kernel
> image into,
>                  * but in practice there's firmware where using that
> memory leads
>                  * to crashes.
> -                *
> -                * Only EFI_CONVENTIONAL_MEMORY and EFI_UNACCEPTED_MEMORY
> (if
> -                * supported) are guaranteed to be free.
>                  */
> -
> -               switch (md->type) {
> -               case EFI_CONVENTIONAL_MEMORY:
> -                       break;
> -               case EFI_UNACCEPTED_MEMORY:
> -                       if (IS_ENABLED(CONFIG_UNACCEPTED_MEMORY))
> -                               break;
> +               if (!memory_type_is_free(md))
>                         continue;
> -               default:
> -                       continue;
> -               }
>
>                 if (efi_soft_reserve_enabled() &&
>                     (md->attribute & EFI_MEMORY_SP))
> --
> Regards/Gruss,
>     Boris.
>
> https://people.kernel.org/tglx/notes-about-netiquette
>


-- 
-Dionna Glaze, PhD (she/her)

--00000000000024a3d805deddfca3
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Kirill, I&#39;ve been tracking these changes to see if we =
can handle the unaccepted memory=C2=A0type for SEV-SNP, but testing has bee=
n an issue. The proposed patch in Ovmf to introduce unaccepted memory seems=
 to have stalled out last September (<a href=3D"https://www.mail-archive.co=
m/devel@edk2.groups.io/msg35842.html">https://www.mail-archive.com/devel@ed=
k2.groups.io/msg35842.html</a>) and is particularly difficult to adapt to S=
EV-SNP since it doesn&#39;t follow the TDVF way of initializing all memory.=
 Is there a different development I might have missed so that we might test=
 these cases? Without the UEFI introducing EFI_UNACCEPTED_MEMORY type, any =
kernel uses are essentially dead code.<div><br></div><div>Thanks,</div><div=
>-Dionna</div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=
=3D"gmail_attr">On Tue, May 10, 2022 at 4:04 AM Borislav Petkov &lt;<a href=
=3D"mailto:bp@alien8.de">bp@alien8.de</a>&gt; wrote:<br></div><blockquote c=
lass=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px soli=
d rgb(204,204,204);padding-left:1ex">On Fri, May 06, 2022 at 06:30:13PM +03=
00, Kirill A. Shutemov wrote:<br>
&gt; I find it harder to follow.<br>
<br>
If in doubt, always consider using a helper function:<br>
<br>
---<br>
<br>
diff --git a/arch/x86/boot/compressed/efi.h b/arch/x86/boot/compressed/efi.=
h<br>
index 7db2f41b54cd..cf475243b6d5 100644<br>
--- a/arch/x86/boot/compressed/efi.h<br>
+++ b/arch/x86/boot/compressed/efi.h<br>
@@ -32,6 +32,7 @@ typedef=C2=A0 =C2=A0 =C2=A0 =C2=A0struct {<br>
=C2=A0} efi_table_hdr_t;<br>
<br>
=C2=A0#define EFI_CONVENTIONAL_MEMORY=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A07<br>
+#define EFI_UNACCEPTED_MEMORY=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 15<br>
<br>
=C2=A0#define EFI_MEMORY_MORE_RELIABLE \<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 ((u64)0x0000000000010000ULL)=C2=A0 =
=C2=A0 /* higher reliability */<br>
diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/ka=
slr.c<br>
index 28b91df9d31e..39bb4c319dfc 100644<br>
--- a/arch/x86/boot/compressed/kaslr.c<br>
+++ b/arch/x86/boot/compressed/kaslr.c<br>
@@ -671,6 +671,23 @@ static bool process_mem_region(struct mem_vector *regi=
on,<br>
=C2=A0}<br>
<br>
=C2=A0#ifdef CONFIG_EFI<br>
+<br>
+/*<br>
+ * Only EFI_CONVENTIONAL_MEMORY and EFI_UNACCEPTED_MEMORY (if supported) a=
re guaranteed<br>
+ * to be free.<br>
+ */<br>
+static inline bool memory_type_is_free(efi_memory_desc_t *md)<br>
+{<br>
+=C2=A0 =C2=A0 =C2=A0 =C2=A0if (md-&gt;type =3D=3D EFI_CONVENTIONAL_MEMORY)=
<br>
+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0return true;<br>
+<br>
+=C2=A0 =C2=A0 =C2=A0 =C2=A0if (IS_ENABLED(CONFIG_UNACCEPTED_MEMORY))<br>
+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0if (md-&gt;type =3D=
=3D EFI_UNACCEPTED_MEMORY)<br>
+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0return true;<br>
+<br>
+=C2=A0 =C2=A0 =C2=A0 =C2=A0return false;<br>
+}<br>
+<br>
=C2=A0/*<br>
=C2=A0 * Returns true if we processed the EFI memmap, which we prefer over =
the E820<br>
=C2=A0 * table if it is available.<br>
@@ -723,21 +740,9 @@ process_efi_entries(unsigned long minimum, unsigned lo=
ng image_size)<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0* free memory=
 and thus available to place the kernel image into,<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0* but in prac=
tice there&#39;s firmware where using that memory leads<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0* to crashes.=
<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 *<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 * Only EFI_CONVENT=
IONAL_MEMORY and EFI_UNACCEPTED_MEMORY (if<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 * supported) are g=
uaranteed to be free.<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0*/<br>
-<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0switch (md-&gt;type=
) {<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0case EFI_CONVENTION=
AL_MEMORY:<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0break;<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0case EFI_UNACCEPTED=
_MEMORY:<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0if (IS_ENABLED(CONFIG_UNACCEPTED_MEMORY))<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0break;<br>
+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0if (!memory_type_is=
_free(md))<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 continue;<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0default:<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0continue;<br>
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0}<br>
<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (efi_soft_reserv=
e_enabled() &amp;&amp;<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 (md-&=
gt;attribute &amp; EFI_MEMORY_SP))<br>
-- <br>
Regards/Gruss,<br>
=C2=A0 =C2=A0 Boris.<br>
<br>
<a href=3D"https://people.kernel.org/tglx/notes-about-netiquette" rel=3D"no=
referrer" target=3D"_blank">https://people.kernel.org/tglx/notes-about-neti=
quette</a><br>
</blockquote></div><br clear=3D"all"><div><br></div>-- <br><div dir=3D"ltr"=
 class=3D"gmail_signature"><div dir=3D"ltr">-Dionna Glaze, PhD (she/her)</d=
iv></div>

--00000000000024a3d805deddfca3--