All of lore.kernel.org
 help / color / mirror / Atom feed
From: Sean Christopherson <seanjc@google.com>
To: Brijesh Singh <brijesh.singh@amd.com>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
	David Rientjes <rientjes@google.com>,
	Borislav Petkov <bp@alien8.de>, Andy Lutomirski <luto@kernel.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Andi Kleen <ak@linux.intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Jon Grimm <jon.grimm@amd.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Christoph Hellwig <hch@lst.de>,
	Peter Zijlstra <peterz@infradead.org>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Ingo Molnar <mingo@redhat.com>, Joerg Roedel <jroedel@suse.de>,
	x86@kernel.org, linux-mm@kvack.org
Subject: Re: AMD SEV-SNP/Intel TDX: validation of memory pages
Date: Thu, 11 Feb 2021 09:46:21 -0800	[thread overview]
Message-ID: <YCVtbXUUNqN5KAjK@google.com> (raw)
In-Reply-To: <961a2736-9bc9-43e1-1e75-6d373fe9590b@amd.com>

On Tue, Feb 02, 2021, Brijesh Singh wrote:
> 
> On 2/2/21 10:02 AM, Kirill A. Shutemov wrote:
> > On Mon, Feb 01, 2021 at 05:51:09PM -0800, David Rientjes wrote:
> >> One possibility for minimal disruption to the boot entry code is to
> >> require the guest BIOS to validate 4GB and below, and then leave 4GB and
> >> above to be done lazily (the true amount of memory will actually be less
> >> due to the MMIO hole).
> > [ As I didn't looked into actual code, I may say total garbage below... ]
> >
> > Pre-validating 4GB would indeed be easiest way to go, but it's going to be
> > too slow.
> >
> > The more realistic is for BIOS to pre-validate memory where kernel and
> > initrd are placed, plus few dozen megs for runtime. It means decompression
> > code would need to be aware about the validation.
> 
> I was thinking that BIOS validating the lower 4GB will simplify the
> changes to the kernel entry code path as well provide a clean approach
> to support kexec. 
> 
> My initial thought is
> 
> - BIOS or VMM validate lower 4GB memory.

I think we need to treat this as a "plan for the worst, hope for the best"
scenario.  I agree that validating all of memory below 4gb would be simpler, but
there's no guarantee that that approach will be fast enough.  Even if it's
sufficient for traditional VMs, inevitably someone will come up with a use case
that wants/needs even shorter boot times.


  reply	other threads:[~2021-02-11 17:46 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-02  1:51 AMD SEV-SNP/Intel TDX: validation of memory pages David Rientjes
2021-02-02 13:17 ` Matthew Wilcox
2021-02-02 16:02 ` Kirill A. Shutemov
2021-02-03  0:16   ` Brijesh Singh
2021-02-11 17:46     ` Sean Christopherson [this message]
2021-02-02 22:37 ` Andi Kleen
2021-02-11 20:46 ` Peter Zijlstra
2021-02-12 13:19 ` Joerg Roedel
2021-02-12 14:17   ` Peter Zijlstra
2021-02-12 14:53     ` Joerg Roedel
2021-02-12 15:19       ` Peter Zijlstra
2021-02-12 15:28         ` Joerg Roedel
2021-02-12 16:12           ` Peter Zijlstra
2021-02-12 16:18             ` Joerg Roedel
2021-02-12 16:45               ` Peter Zijlstra
2021-02-12 17:48                 ` Dave Hansen
2021-02-12 18:22                   ` Sean Christopherson
2021-02-12 18:38                     ` Andy Lutomirski
2021-02-12 18:43                       ` Sean Christopherson
2021-02-12 18:46                     ` Dave Hansen
2021-02-12 19:24                       ` Sean Christopherson
2021-02-16 10:00                 ` Joerg Roedel
2021-02-16 14:27                   ` Andi Kleen
2021-02-16 14:46                     ` Peter Zijlstra
2021-02-16 15:59                       ` Paolo Bonzini
2021-02-16 16:25                         ` Joerg Roedel
2021-02-16 16:48                           ` Paolo Bonzini
2021-02-16 18:26                             ` Joerg Roedel
2021-02-16 18:33                               ` Paolo Bonzini
2021-02-16 16:47                         ` Peter Zijlstra
2021-02-16 16:57                         ` Andy Lutomirski
2021-02-16 17:05                           ` Paolo Bonzini
2021-02-16 16:55                       ` Andi Kleen
2021-02-12 21:42             ` Andi Kleen
2021-02-12 21:58               ` Peter Zijlstra
2021-02-12 22:39                 ` Andi Kleen
2021-02-12 22:46                   ` Andy Lutomirski
2021-02-13  9:38                   ` Peter Zijlstra
2021-02-12 23:51                 ` Paolo Bonzini
2021-03-23  9:33 ` Joerg Roedel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YCVtbXUUNqN5KAjK@google.com \
    --to=seanjc@google.com \
    --cc=ak@linux.intel.com \
    --cc=akpm@linux-foundation.org \
    --cc=bp@alien8.de \
    --cc=brijesh.singh@amd.com \
    --cc=hch@lst.de \
    --cc=jon.grimm@amd.com \
    --cc=jroedel@suse.de \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=linux-mm@kvack.org \
    --cc=luto@kernel.org \
    --cc=mingo@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=peterz@infradead.org \
    --cc=rientjes@google.com \
    --cc=tglx@linutronix.de \
    --cc=thomas.lendacky@amd.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.