From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C91F3C61DA4 for ; Tue, 14 Feb 2023 17:23:46 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5349E6B007B; Tue, 14 Feb 2023 12:23:46 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 4BDD56B0081; Tue, 14 Feb 2023 12:23:46 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 35E776B0085; Tue, 14 Feb 2023 12:23:46 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 262896B007B for ; Tue, 14 Feb 2023 12:23:46 -0500 (EST) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id F2CCF14093A for ; Tue, 14 Feb 2023 17:23:45 +0000 (UTC) X-FDA: 80466569610.02.6949CC5 Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31]) by imf22.hostedemail.com (Postfix) with ESMTP id CFB37C0025 for ; Tue, 14 Feb 2023 17:23:43 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b="UVC1PMH/"; dmarc=pass (policy=none) header.from=intel.com; spf=pass (imf22.hostedemail.com: domain of dave.hansen@intel.com designates 134.134.136.31 as permitted sender) smtp.mailfrom=dave.hansen@intel.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1676395424; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=RWw8FxogUJGDNUj9512sBeW89d1KgB8813Q+uWgdkdI=; b=WStjLGvDcY63rXmWc545nV+KYvJuQ2P+uFuro+VI6QS9udvSwmS1BoBWLwB3KNZS26fMqm WsibdtQxs3rY2v4iC3Smr3s2q3maP4n28NVWXCpt8qYhb+dM2GgvDhHfua/v3hmcmUvjrd nCFHdJGCeBWmY0VzeW4BHuod4WkRuPo= ARC-Authentication-Results: i=1; imf22.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b="UVC1PMH/"; dmarc=pass (policy=none) header.from=intel.com; spf=pass (imf22.hostedemail.com: domain of dave.hansen@intel.com designates 134.134.136.31 as permitted sender) smtp.mailfrom=dave.hansen@intel.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1676395424; a=rsa-sha256; cv=none; b=g0yF+ERGFDiMiP9Kl4YwtMW9kKzUF4GlY4lGTal9aQdjM6vYmLyHowffnEraBt0ukUxqT9 Qte/St7eFRsieMexCIVt+LvUlVTWKKC4NDqdn7dAIFYtiqVOAWFgO6DNGhc08OEb0bk55X bVB4NivuxAQUtjr956Wk1dp0QHzh1CY= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676395423; x=1707931423; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=BvnSupCLokKbvMF3qV9pvBDIftfya/8td2qfw3msbX8=; b=UVC1PMH/VFHOm9eLeIXCn8SgwHFqVBou8kiazA5XpjgZsahafWK/nu4o q3skbd9IYqIUdJ0y88chiGHX1vXZA2z6ysk1dCPMo34PATkh8Q6bPMeHC hNt9un8gItXg3r1d+rDKMgUOS3F1/v5H2v9tVJgwX1pzQ16I6cnbQJWLF ey1m+/gPXXE7Fqj1KgpQ00hmFnMbSWCqXwKfX7oFaFdRsSRDsatMjLGzl PX3dMFvTd94VpXvzfPVTZPZAkPkp0ZIulIg4pFp+vtLkD8RR/ULZTGY1f 2Mh2ccCewsT5+u9E3w9jNUIR0VP6nPfmTxbgDGE4FMUZu8rJ1f8UDcpzg w==; X-IronPort-AV: E=McAfee;i="6500,9779,10621"; a="393616406" X-IronPort-AV: E=Sophos;i="5.97,297,1669104000"; d="scan'208";a="393616406" Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Feb 2023 09:23:42 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10621"; a="914819406" X-IronPort-AV: E=Sophos;i="5.97,297,1669104000"; d="scan'208";a="914819406" Received: from jklechel-mobl1.amr.corp.intel.com (HELO [10.212.244.208]) ([10.212.244.208]) by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Feb 2023 09:23:41 -0800 Message-ID: Date: Tue, 14 Feb 2023 09:23:40 -0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.6.1 Subject: Re: [PATCH v9 04/18] x86/virt/tdx: Add skeleton to initialize TDX on demand Content-Language: en-US To: Peter Zijlstra , Kai Huang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-mm@kvack.org, tglx@linutronix.de, seanjc@google.com, pbonzini@redhat.com, dan.j.williams@intel.com, rafael.j.wysocki@intel.com, kirill.shutemov@linux.intel.com, ying.huang@intel.com, reinette.chatre@intel.com, len.brown@intel.com, tony.luck@intel.com, ak@linux.intel.com, isaku.yamahata@intel.com, chao.gao@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, david@redhat.com, bagasdotme@gmail.com, sagis@google.com, imammedo@redhat.com References: From: Dave Hansen In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: CFB37C0025 X-Rspamd-Server: rspam09 X-Rspam-User: X-Stat-Signature: i45anyaxngsu8oorkzfkm7994gmd981r X-HE-Tag: 1676395423-195837 X-HE-Meta: U2FsdGVkX19LEAkH3Ka4nhkLaZnzELXsvdBfnTTEGksgsV9tcX+H6hIfQ/Q6gfSlvIm/yIGg4FfMG/bEi4Srv0rPa/rtCRUzug7/sTD15/r0L04ldmvNc2FKkzD7szbCdRr+Ja95rrH4QDazuEC7RCkC6oWQVxUDWkgocFBMX495tMNgThKm8ZkQaVdOw9pGvxO6DqbXA6cR3p82tb5eGL/vxxnZg54bV+83fS/a7J5g3p6agc7taIL/vYf/sqvI5HzuAnmBGgIBAYuNtYp8VrLo49RgRuGJI3j+WtdrBjqqNE4B0vhztRM0QZ6GtPeBDPZKBtefeu6lP0ax1K7etmbwwcqQrvhx4SPhU0YPfIV/SgqRq2zvkKOE54Kw0dPna62M0Ql7lfN5n9k1IpeSrqPFSKCrzB4A8z9cPkgkDaisXrHZxutp72SjJd4VSP6xhaMmQt9a0JAyI8Lk0Kz2fr7cq35ubQWzLERLGwxeHDnSkLjknAUJ+ath4x/wIZvKC4brmAgco9Lqyl4Cl63PU7V2WvbFZjolyziJNT3v85ItYLbhqNxdY+1n6hTnaxhs6oNikgYL9fMmHjZfV3Ocm82JbxvHlj6eAJda2SwPi/g2ePF2g8C3/CFwJqxZrDJ2y5SxnmeQVJIGmlxzHWhIzRc/nPQV+ITs0qKWRqvFrQzhsqO+7WRrzTPT/uCU28C9m69L1foFMRY4Z0hCeDQli5b0/NtIbB1v/XOY6BS6IyWIkgfxFW0R2LrE8yA6P8d5PzA8uSB8C+mL0d4P1mC9Pi7QXcNTzHdswnfhlNWIUIPk+XnBMuxYmFyfYwoBnKLoaHm5bRciZtKk6D53ztfxUN2gNejiF01rlkqHnTKy8G3lMklCAbTj4+depC8ZGA+wbX6iVdGytFNng3zSkCK50IlHptl3c7V57dvCYPVZfORPCOhRFtJIa9u3YZary1da3+89s8NUTccgha082pu MdYqU+VE 7w2wHf4DaxMHW9Fj4cVeUePNeJ2tKS0gqUSOAZj47ePsJt6OA37ZB5xktyofpfcVcmqX4xaANHD5Qk3GhtZtPPUJTmpvUWa3goGDYCYZoDuhm55mrl3AlblnhHKJkN+MSx3s4l3ZvQfB1N8tJILBeecONW3aOF6X3Wu3i X-Bogosity: Ham, tests=bogofilter, spamicity=0.000166, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 2/14/23 04:46, Peter Zijlstra wrote: > On Tue, Feb 14, 2023 at 12:59:11AM +1300, Kai Huang wrote: >> Use a state machine protected by mutex to make sure the initialization >> will only be done once, as tdx_enable() can be called multiple times >> (i.e. KVM module can be reloaded) and be called concurrently by other >> kernel components in the future. > I still object to doing tdx_enable() at kvm module load. > > kvm.ko gets loaded unconditionally on boot, even if I then never use > kvm. > > This stuff needs to be done when an actual VM is created, not before. The actually implementation of this is hidden over in the KVM side of this. But, tdx_enable() and all of this jazz should not be called on kvm.ko load. It'll happen when the KVM tries to start the first TDX VM. I think what Kai was thinking of was *this* sequence: 1. insmod kvm.ko 2. Start a TDX guest, tdx_enable() gets run 3. rmmod kvm 4. insmod kvm.ko (again) 5. Start another TDX guest, run tdx_enable() (again) The rmmod/insmod pair is what triggers the second call of tdx_enable().