All of lore.kernel.org
 help / color / mirror / Atom feed
From: Joerg Roedel <jroedel@suse.de>
To: Bo Gan <ganb@vmware.com>
Cc: Mike Stunes <mstunes@vmware.com>, Joerg Roedel <joro@8bytes.org>,
	"x86@kernel.org" <x86@kernel.org>,
	"hpa@zytor.com" <hpa@zytor.com>,
	Andy Lutomirski <luto@kernel.org>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Thomas Hellstrom <thellstrom@vmware.com>,
	Jiri Slaby <jslaby@suse.cz>,
	Dan Williams <dan.j.williams@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Juergen Gross <jgross@suse.com>,
	Kees Cook <keescook@chromium.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
	"virtualization@lists.linux-foundation.org" 
	<virtualization@lists.linux-foundation.org>
Subject: Re: Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler
Date: Thu, 23 Apr 2020 13:30:27 +0200	[thread overview]
Message-ID: <20200423113027.GL30814@suse.de> (raw)
In-Reply-To: <1a164e55-19dd-a20b-6837-9f425cfac100@vmware.com>

On Wed, Apr 22, 2020 at 06:33:13PM -0700, Bo Gan wrote:
> On 4/15/20 8:53 AM, Joerg Roedel wrote:
> > Hi Mike,
> > 
> > On Tue, Apr 14, 2020 at 07:03:44PM +0000, Mike Stunes wrote:
> > > set_memory_decrypted needs to check the return value. I see it
> > > consistently return ENOMEM. I've traced that back to split_large_page
> > > in arch/x86/mm/pat/set_memory.c.
> > 
> > I agree that the return code needs to be checked. But I wonder why this
> > happens. The split_large_page() function returns -ENOMEM when
> > alloc_pages() fails. Do you boot the guest with minal RAM assigned?
> > 
> > Regards,
> > 
> > 	Joerg
> > 
> 
> I just want to add some context around this. The call path that lead to the
> failure is like the following:
> 
> 	__alloc_pages_slowpath
> 	__alloc_pages_nodemask
> 	alloc_pages_current
> 	alloc_pages
> 	split_large_page
> 	__change_page_attr
> 	__change_page_attr_set_clr
> 	__set_memory_enc_dec
> 	set_memory_decrypted
> 	sev_es_init_ghcbs
> 	trap_init   -> before mm_init (in init/main.c)
> 	start_kernel
> 	x86_64_start_reservations
> 	x86_64_start_kernel
> 	secondary_startup_64
> 
> At this time, mem_init hasn't been called yet (which would be called by
> mm_init). Thus, the free pages are still owned by memblock. It's in mem_init
> (x86/mm/init_64.c) that memblock_free_all gets called and free pages are
> released.
> 
> During testing, I've also noticed that debug_pagealloc=1 will make the issue
> disappear. That's because with debug_pagealloc=1, probe_page_size_mask in
> x86/mm/init.c will not allow large pages (2M/1G). Therefore, no
> split_large_page would happen. Similarly, if CPU doesn't have
> X86_FEATURE_PSE, there won't be large pages either.
> 
> Any thoughts? Maybe split_large_page should get pages from memblock at early
> boot?

Thanks for you analysis. I fixed it (verified by Mike) by using
early_set_memory_decrypted() instead of set_memory_decrypted(). I still
wonder why I didn't see that issue on my kernel. It has
DEBUG_PAGEALLOC=y set, but it is not enabled by default and I also
didn't pass the command-line parameter.

Regards,

	Joerg


  reply	other threads:[~2020-04-23 11:30 UTC|newest]

Thread overview: 243+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-03-19  9:12 [RFC PATCH 00/70 v2] x86: SEV-ES Guest Support Joerg Roedel
2020-03-19  9:12 ` [PATCH 01/70] KVM: SVM: Add GHCB definitions Joerg Roedel
2020-03-19  9:12   ` Joerg Roedel
2020-03-23 13:23   ` [PATCH] KVM: SVM: Use __packed shorthard Borislav Petkov
2020-03-24 12:43     ` Joerg Roedel
2020-03-19  9:12 ` [PATCH 02/70] KVM: SVM: Add GHCB Accessor functions Joerg Roedel
2020-03-19  9:12   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 03/70] x86/cpufeatures: Add SEV-ES CPU feature Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 04/70] x86/traps: Move some definitions to <asm/trap_defs.h> Joerg Roedel
2020-03-19  9:13 ` [PATCH 05/70] x86/insn: Make inat-tables.c suitable for pre-decompression code Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-25 15:39   ` Borislav Petkov
2020-03-27  3:02     ` Masami Hiramatsu
2020-03-27  3:02       ` Masami Hiramatsu
2020-04-16 15:24       ` Joerg Roedel
2020-04-16 15:24         ` Joerg Roedel
2020-04-17 12:50         ` Masami Hiramatsu
2020-04-17 13:39           ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 06/70] x86/umip: Factor out instruction fetch Joerg Roedel
2020-03-26 17:21   ` Borislav Petkov
2020-03-19  9:13 ` [PATCH 07/70] x86/umip: Factor out instruction decoding Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-26 17:24   ` Borislav Petkov
2020-03-19  9:13 ` [PATCH 08/70] x86/insn: Add insn_get_modrm_reg_off() Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-27  3:57   ` Masami Hiramatsu
2020-03-19  9:13 ` [PATCH 09/70] x86/insn: Add insn_rep_prefix() helper Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-27  3:56   ` Masami Hiramatsu
2020-03-19  9:13 ` [PATCH 10/70] x86/boot/compressed: Fix debug_puthex() parameter type Joerg Roedel
2020-03-28 11:23   ` [tip: x86/boot] " tip-bot2 for Joerg Roedel
2020-03-19  9:13 ` [PATCH 11/70] x86/boot/compressed/64: Disable red-zone usage Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-31 13:16   ` Borislav Petkov
2020-03-19  9:13 ` [PATCH 12/70] x86/boot/compressed/64: Add IDT Infrastructure Joerg Roedel
2020-04-07  2:21   ` Arvind Sankar
2020-04-16 13:30     ` Joerg Roedel
2020-04-16 13:30       ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 13/70] x86/boot/compressed/64: Rename kaslr_64.c to ident_map_64.c Joerg Roedel
2020-03-19  9:13 ` [PATCH 14/70] x86/boot/compressed/64: Add page-fault handler Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-04-02 11:49   ` Borislav Petkov
2020-03-19  9:13 ` [PATCH 15/70] x86/boot/compressed/64: Always switch to own page-table Joerg Roedel
2020-04-06 11:56   ` Borislav Petkov
2020-03-19  9:13 ` [PATCH 16/70] x86/boot/compressed/64: Don't pre-map memory in KASLR code Joerg Roedel
2020-03-19  9:13 ` [PATCH 17/70] x86/boot/compressed/64: Change add_identity_map() to take start and end Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 18/70] x86/boot/compressed/64: Add stage1 #VC handler Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-20 21:16   ` David Rientjes
2020-03-20 22:19     ` Joerg Roedel
2020-04-06 12:41   ` Borislav Petkov
2020-03-19  9:13 ` [PATCH 19/70] x86/boot/compressed/64: Call set_sev_encryption_mask earlier Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 20/70] x86/boot/compressed/64: Check return value of kernel_ident_mapping_init() Joerg Roedel
2020-03-19  9:13 ` [PATCH 21/70] x86/boot/compressed/64: Add function to map a page unencrypted Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-20 20:53   ` David Rientjes
2020-03-20 21:02     ` Dave Hansen
2020-03-20 22:12       ` Joerg Roedel
2020-03-20 22:26         ` Dave Hansen
2020-03-21 15:40           ` Joerg Roedel
2020-03-21 15:40             ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 22/70] x86/boot/compressed/64: Setup GHCB Based VC Exception handler Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 23/70] x86/sev-es: Add support for handling IOIO exceptions Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-20 21:03   ` David Rientjes
2020-03-20 22:24     ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 24/70] x86/fpu: Move xgetbv()/xsetbv() into separate header Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 25/70] x86/sev-es: Add CPUID handling to #VC handler Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 26/70] x86/idt: Move IDT to data segment Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 27/70] x86/idt: Split idt_data setup out of set_intr_gate() Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 28/70] x86/idt: Move two function from k/idt.c to i/a/desc.h Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 29/70] x86/head/64: Install boot GDT Joerg Roedel
2020-03-19  9:13 ` [PATCH 30/70] x86/head/64: Reload GDT after switch to virtual addresses Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 31/70] x86/head/64: Load segment registers earlier Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 32/70] x86/head/64: Switch to initial stack earlier Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 33/70] x86/head/64: Build k/head64.c with -fno-stack-protector Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 34/70] x86/head/64: Load IDT earlier Joerg Roedel
2020-03-19  9:13 ` [PATCH 35/70] x86/head/64: Move early exception dispatch to C code Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 36/70] x86/sev-es: Add SEV-ES Feature Detection Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 37/70] x86/sev-es: Compile early handler code into kernel image Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 38/70] x86/sev-es: Setup early #VC handler Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 39/70] x86/sev-es: Setup GHCB based boot " Joerg Roedel
2020-03-19  9:13 ` [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler Joerg Roedel
2020-04-14 19:03   ` Mike Stunes
2020-04-14 19:03     ` Mike Stunes
2020-04-14 20:04     ` Tom Lendacky
2020-04-14 20:04       ` Tom Lendacky
2020-04-14 20:12       ` Dave Hansen
2020-04-14 20:12         ` Dave Hansen
2020-04-14 20:16         ` Tom Lendacky
2020-04-14 20:16           ` Tom Lendacky
2020-04-14 20:18           ` Tom Lendacky
2020-04-14 20:18             ` Tom Lendacky
2020-04-15 15:54       ` Joerg Roedel
2020-04-15 15:54         ` Joerg Roedel
2020-04-15 15:53     ` Joerg Roedel
2020-04-15 15:53       ` Joerg Roedel
2020-04-23  1:33       ` Bo Gan
2020-04-23  1:33         ` Bo Gan
2020-04-23 11:30         ` Joerg Roedel [this message]
2020-04-23 11:30           ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 41/70] x86/sev-es: Add Runtime #VC Exception Handler Joerg Roedel
2020-03-19  9:13   ` Joerg Roedel
2020-03-19 15:44   ` Andy Lutomirski
2020-03-19 16:24     ` Joerg Roedel
2020-03-19 18:43       ` Andy Lutomirski
2020-03-19 19:38         ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 42/70] x86/sev-es: Support nested #VC exceptions Joerg Roedel
2020-03-19 15:46   ` Andy Lutomirski
2020-03-19 15:46     ` Andy Lutomirski
2020-03-19 16:12     ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 43/70] x86/sev-es: Wire up existing #VC exit-code handlers Joerg Roedel
2020-03-19  9:13 ` [PATCH 44/70] x86/sev-es: Handle instruction fetches from user-space Joerg Roedel
2020-03-19  9:13 ` [PATCH 45/70] x86/sev-es: Harden runtime #VC handler for exceptions " Joerg Roedel
2020-03-19  9:13 ` [PATCH 46/70] x86/sev-es: Filter exceptions not supported " Joerg Roedel
2020-03-19  9:13 ` [PATCH 47/70] x86/sev-es: Handle MMIO events Joerg Roedel
2020-03-19  9:13 ` [PATCH 48/70] x86/sev-es: Handle MMIO String Instructions Joerg Roedel
2020-03-19  9:13 ` [PATCH 49/70] x86/sev-es: Handle MSR events Joerg Roedel
2020-03-19  9:13 ` [PATCH 50/70] x86/sev-es: Handle DR7 read/write events Joerg Roedel
2020-03-19  9:13 ` [PATCH 51/70] x86/sev-es: Handle WBINVD Events Joerg Roedel
2020-03-19  9:13 ` [PATCH 52/70] x86/sev-es: Handle RDTSC Events Joerg Roedel
2020-03-19  9:13 ` [PATCH 53/70] x86/sev-es: Handle RDPMC Events Joerg Roedel
2020-03-19  9:13 ` [PATCH 54/70] x86/sev-es: Handle INVD Events Joerg Roedel
2020-03-19  9:13 ` [PATCH 55/70] x86/sev-es: Handle RDTSCP Events Joerg Roedel
2020-04-24 21:03   ` [PATCH] Allow RDTSC and RDTSCP from userspace Mike Stunes
2020-04-24 21:03     ` Mike Stunes
2020-04-24 21:24     ` Dave Hansen
2020-04-24 21:27       ` Tom Lendacky
2020-04-24 22:53         ` Dave Hansen
2020-04-25 12:49           ` Joerg Roedel
2020-04-25 18:15             ` Andy Lutomirski
2020-04-25 19:10               ` Joerg Roedel
2020-04-25 19:47                 ` Andy Lutomirski
2020-04-25 20:23                   ` Joerg Roedel
2020-04-25 22:10                     ` Andy Lutomirski
2020-04-27 17:37                       ` Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace) Andy Lutomirski
2020-04-27 18:15                         ` Andrew Cooper
2020-04-27 18:43                         ` Tom Lendacky
2020-04-28  7:55                         ` Joerg Roedel
2020-04-28 16:34                           ` Andrew Cooper
2020-06-23 11:07                           ` Peter Zijlstra
2020-06-23 11:07                             ` Peter Zijlstra
2020-06-23 11:30                             ` Joerg Roedel
2020-06-23 11:48                               ` Peter Zijlstra
2020-06-23 11:48                                 ` Peter Zijlstra
2020-06-23 12:04                                 ` Joerg Roedel
2020-06-23 12:52                                   ` Peter Zijlstra
2020-06-23 12:52                                     ` Peter Zijlstra
2020-06-23 13:40                                     ` Joerg Roedel
2020-06-23 13:40                                       ` Joerg Roedel
2020-06-23 13:59                                       ` Peter Zijlstra
2020-06-23 13:59                                         ` Peter Zijlstra
2020-06-23 14:53                                         ` Peter Zijlstra
2020-06-23 14:53                                           ` Peter Zijlstra
2020-06-23 14:59                                           ` Joerg Roedel
2020-06-23 15:23                                             ` Peter Zijlstra
2020-06-23 15:23                                               ` Peter Zijlstra
2020-06-23 15:38                                               ` Peter Zijlstra
2020-06-23 15:38                                                 ` Peter Zijlstra
2020-06-23 15:38                                               ` Joerg Roedel
2020-06-23 16:02                                                 ` Peter Zijlstra
2020-06-23 16:02                                                   ` Peter Zijlstra
2020-06-23 15:39                                               ` Andrew Cooper
2020-06-23 15:52                                                 ` Peter Zijlstra
2020-06-23 15:52                                                   ` Peter Zijlstra
2020-06-23 16:03                                                   ` Dave Hansen
2020-06-23 16:13                                                     ` Peter Zijlstra
2020-06-23 16:13                                                       ` Peter Zijlstra
2020-06-23 16:13                                                 ` Borislav Petkov
2020-06-23 11:51                               ` Andrew Cooper
2020-06-23 12:47                                 ` Peter Zijlstra
2020-06-23 12:47                                   ` Peter Zijlstra
2020-06-23 13:57                                   ` Andrew Cooper
2020-06-23 13:57                                     ` Andrew Cooper
2020-06-23 15:51                                 ` Borislav Petkov
2020-06-23  9:45                         ` Joerg Roedel
2020-06-23 10:45                           ` Peter Zijlstra
2020-06-23 11:11                             ` Joerg Roedel
2020-06-23 11:14                               ` Peter Zijlstra
2020-06-23 11:14                                 ` Peter Zijlstra
2020-06-23 11:43                                 ` Joerg Roedel
2020-06-23 11:50                                   ` Peter Zijlstra
2020-06-23 11:50                                     ` Peter Zijlstra
2020-06-23 12:12                                     ` Joerg Roedel
2020-06-23 13:03                                       ` Peter Zijlstra
2020-06-23 13:03                                         ` Peter Zijlstra
2020-06-23 14:49                                         ` Joerg Roedel
2020-06-23 15:16                                           ` Peter Zijlstra
2020-06-23 15:16                                             ` Peter Zijlstra
2020-06-23 15:32                                             ` Andrew Cooper
2020-06-23 16:10                                               ` Borislav Petkov
2020-06-23 15:22                                         ` Andrew Cooper
2020-06-23 18:26                                           ` Andy Lutomirski
2020-06-23 18:56                                             ` Andrew Cooper
2020-04-27 18:47             ` [PATCH] Allow RDTSC and RDTSCP from userspace Dave Hansen
2020-04-25 12:28     ` Joerg Roedel
2020-03-19  9:13 ` [PATCH 56/70] x86/sev-es: Handle MONITOR/MONITORX Events Joerg Roedel
2020-03-19  9:13 ` [PATCH 57/70] x86/sev-es: Handle MWAIT/MWAITX Events Joerg Roedel
2020-03-19  9:13 ` [PATCH 58/70] x86/sev-es: Handle VMMCALL Events Joerg Roedel
2020-03-19  9:13 ` [PATCH 59/70] x86/sev-es: Handle #AC Events Joerg Roedel
2020-03-19  9:13 ` [PATCH 60/70] x86/sev-es: Handle #DB Events Joerg Roedel
2020-03-19  9:13 ` [PATCH 61/70] x86/paravirt: Allow hypervisor specific VMMCALL handling under SEV-ES Joerg Roedel
2020-03-19  9:13 ` [PATCH 62/70] x86/kvm: Add KVM " Joerg Roedel
2020-03-20 21:23   ` David Rientjes
2020-03-20 22:21     ` Joerg Roedel
2020-03-19  9:14 ` [PATCH 63/70] x86/vmware: Add VMware specific handling for VMMCALL " Joerg Roedel
2020-03-19 10:18   ` Thomas Hellstrom
2020-03-19 10:18     ` Thomas Hellstrom
2020-03-19  9:14 ` [PATCH 64/70] x86/realmode: Add SEV-ES specific trampoline entry point Joerg Roedel
2020-03-19  9:14 ` [PATCH 65/70] x86/realmode: Setup AP jump table Joerg Roedel
2020-03-19  9:14 ` [PATCH 66/70] x86/head/64: Don't call verify_cpu() on starting APs Joerg Roedel
2020-03-19  9:14 ` [PATCH 67/70] x86/head/64: Rename start_cpu0 Joerg Roedel
2020-03-19  9:14 ` [PATCH 68/70] x86/sev-es: Support CPU offline/online Joerg Roedel
2020-03-19  9:14 ` [PATCH 69/70] x86/cpufeature: Add SEV_ES_GUEST CPU Feature Joerg Roedel
2020-03-19  9:14 ` [PATCH 70/70] x86/sev-es: Add NMI state tracking Joerg Roedel
2020-03-19 15:35   ` Andy Lutomirski
2020-03-19 16:07     ` Joerg Roedel
2020-03-19 18:40       ` Andy Lutomirski
2020-03-19 19:26         ` Joerg Roedel
2020-03-19 21:27           ` Andy Lutomirski
2020-03-20 19:48             ` Joerg Roedel
2020-03-20 13:17     ` [RFC PATCH v2.1] x86/sev-es: Handle NMI State Joerg Roedel
2020-03-20 14:42       ` Dave Hansen
2020-03-20 19:42         ` Joerg Roedel
2020-03-19 16:53   ` [PATCH 70/70] x86/sev-es: Add NMI state tracking Mika Penttilä
2020-03-19 19:41     ` Joerg Roedel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200423113027.GL30814@suse.de \
    --to=jroedel@suse.de \
    --cc=dan.j.williams@intel.com \
    --cc=dave.hansen@linux.intel.com \
    --cc=ganb@vmware.com \
    --cc=hpa@zytor.com \
    --cc=jgross@suse.com \
    --cc=joro@8bytes.org \
    --cc=jslaby@suse.cz \
    --cc=keescook@chromium.org \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=mstunes@vmware.com \
    --cc=peterz@infradead.org \
    --cc=thellstrom@vmware.com \
    --cc=thomas.lendacky@amd.com \
    --cc=virtualization@lists.linux-foundation.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.