From: Tejun Heo <tj@kernel.org>
To: Vipin Sharma <vipinsh@google.com>
Cc: thomas.lendacky@amd.com, brijesh.singh@amd.com,
jon.grimm@amd.com, eric.vantassell@amd.com, pbonzini@redhat.com,
seanjc@google.com, lizefan@huawei.com, hannes@cmpxchg.org,
frankja@linux.ibm.com, borntraeger@de.ibm.com, corbet@lwn.net,
joro@8bytes.org, vkuznets@redhat.com, wanpengli@tencent.com,
jmattson@google.com, tglx@linutronix.de, mingo@redhat.com,
bp@alien8.de, hpa@zytor.com, gingell@google.com,
rientjes@google.com, dionnaglaze@google.com, kvm@vger.kernel.org,
x86@kernel.org, cgroups@vger.kernel.org,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [Patch v4 1/2] cgroup: svm: Add Encryption ID controller
Date: Tue, 19 Jan 2021 10:51:24 -0500 [thread overview]
Message-ID: <YAb//EYCkZ7wnl6D@mtj.duckdns.org> (raw)
In-Reply-To: <YAJsUyH2zspZxF2S@google.com>
Hello,
On Fri, Jan 15, 2021 at 08:32:19PM -0800, Vipin Sharma wrote:
> SEV-ES has stronger memory encryption gurantees compared to SEV, apart
> from encrypting the application memory it also encrypts register state
> among other things. In a single host ASIDs can be distributed between
> these two types by BIOS settings.
>
> Currently, Google Cloud has Confidential VM machines offering using SEV.
> ASIDs are not compatible between SEV and SEV-ES, so a VM running on SEV
> cannot run on SEV-ES and vice versa
>
> There are use cases for both types of VMs getting used in future.
Can you please elaborate? I skimmed through the amd manual and it seemed to
say that SEV-ES ASIDs are superset of SEV but !SEV-ES ASIDs. What's the use
case for mixing those two?
> > > > > Other ID types can be easily added in the controller in the same way.
> > > >
> > > > I'm not sure this is necessarily a good thing.
> > >
> > > This is to just say that when Intel and PowerPC changes are ready it
> > > won't be difficult for them to add their controller.
> >
> > I'm not really enthused about having per-hardware-type control knobs. None
> > of other controllers behave that way. Unless it can be abstracted into
> > something common, I'm likely to object.
>
> There was a discussion in Patch v1 and consensus was to have individual
> files because it makes kernel implementation extremely simple.
>
> https://lore.kernel.org/lkml/alpine.DEB.2.23.453.2011131615510.333518@chino.kir.corp.google.com/#t
I'm very reluctant to ack vendor specific interfaces for a few reasons but
most importantly because they usually indicate abstraction and/or the
underlying feature not being sufficiently developed and they tend to become
baggages after a while. So, here are my suggestions:
* If there can be a shared abstraction which hopefully makes intuitive
sense, that'd be ideal. It doesn't have to be one knob but it shouldn't be
something arbitrary to specific vendors.
* If we aren't there yet and vendor-specific interface is a must, attach
that part to an interface which is already vendor-aware.
> This information is not available anywhere else in the system. Only
> other way to get this value is to use CPUID instruction (0x8000001F) of
> the processor. Which also has disdvantage if sev module in kernel
> doesn't use all of the available ASIDs for its work (right now it uses
> all) then there will be a mismatch between what user get through their
> code and what is actually getting used in the kernel by sev.
>
> In cgroup v2, I didn't see current files for other cgroups in root
> folder that is why I didn't show that file in root folder.
>
> Will you be fine if I show two files in the root, something like:
>
> encids.sev.capacity
> encids.sev.current
>
> In non root folder, it will be:
> encids.sev.max
> encids.sev.current
>
> I still prefer encids.sev.stat, as it won't repeat same information in
> each cgroup but let me know what you think.
Yeah, this will be a first and I was mostly wondering about the same number
appearing under different files / names on root and !root cgroups. I'm
leaning more towards capacity/current but let me think about it a bit more.
Thank you.
--
tejun
next prev parent reply other threads:[~2021-01-19 15:57 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-08 1:28 [Patch v4 0/2] cgroup: KVM: New Encryption IDs cgroup controller Vipin Sharma
2021-01-08 1:28 ` [Patch v4 1/2] cgroup: svm: Add Encryption ID controller Vipin Sharma
2021-01-08 1:28 ` Vipin Sharma
2021-01-13 15:19 ` Brijesh Singh
2021-01-15 20:59 ` Tejun Heo
2021-01-15 22:18 ` Vipin Sharma
2021-01-16 3:43 ` Tejun Heo
2021-01-16 3:43 ` Tejun Heo
2021-01-16 4:32 ` Vipin Sharma
2021-01-19 15:51 ` Tejun Heo [this message]
2021-01-20 7:13 ` Vipin Sharma
2021-01-20 7:13 ` Vipin Sharma
2021-01-20 16:40 ` Tejun Heo
2021-01-20 23:18 ` Vipin Sharma
2021-01-20 23:32 ` Tejun Heo
2021-01-22 0:09 ` Vipin Sharma
2021-01-21 14:55 ` Tom Lendacky
2021-01-21 14:55 ` Tom Lendacky
2021-01-21 15:55 ` Tejun Heo
2021-01-21 15:55 ` Tejun Heo
2021-01-21 23:12 ` Tom Lendacky
2021-01-21 23:12 ` Tom Lendacky
2021-01-22 1:25 ` Sean Christopherson
2021-01-26 20:49 ` David Rientjes
2021-01-26 20:49 ` David Rientjes
2021-01-26 22:01 ` Tejun Heo
2021-01-26 22:02 ` Tejun Heo
2021-01-27 1:11 ` Vipin Sharma
2021-01-27 1:11 ` Vipin Sharma
2021-01-27 14:10 ` Tejun Heo
2021-01-27 14:10 ` Tejun Heo
2021-01-08 1:28 ` [Patch v4 2/2] cgroup: svm: Encryption IDs cgroup documentation Vipin Sharma
2021-01-15 21:00 ` Tejun Heo
2021-01-15 21:41 ` Vipin Sharma
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YAb//EYCkZ7wnl6D@mtj.duckdns.org \
--to=tj@kernel.org \
--cc=borntraeger@de.ibm.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=cgroups@vger.kernel.org \
--cc=corbet@lwn.net \
--cc=dionnaglaze@google.com \
--cc=eric.vantassell@amd.com \
--cc=frankja@linux.ibm.com \
--cc=gingell@google.com \
--cc=hannes@cmpxchg.org \
--cc=hpa@zytor.com \
--cc=jmattson@google.com \
--cc=jon.grimm@amd.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lizefan@huawei.com \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rientjes@google.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=vipinsh@google.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.