From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=d3XW=HO=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-5.2 required=3.0 tests=BAYES_00,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,
	USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5C8F3C433E0
	for <linux-mm@archiver.kernel.org>; Fri, 12 Feb 2021 14:53:24 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id C632864DEC
	for <linux-mm@archiver.kernel.org>; Fri, 12 Feb 2021 14:53:23 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C632864DEC
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=suse.de
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 49A9C6B00F9; Fri, 12 Feb 2021 09:53:23 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 470478D0061; Fri, 12 Feb 2021 09:53:23 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 386E38D0060; Fri, 12 Feb 2021 09:53:23 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0249.hostedemail.com [216.40.44.249])
	by kanga.kvack.org (Postfix) with ESMTP id 1E7DF6B00F9
	for <linux-mm@kvack.org>; Fri, 12 Feb 2021 09:53:23 -0500 (EST)
Received: from smtpin27.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay02.hostedemail.com (Postfix) with ESMTP id E20542494
	for <linux-mm@kvack.org>; Fri, 12 Feb 2021 14:53:22 +0000 (UTC)
X-FDA: 77809909044.27.F66556D
Received: from mx2.suse.de (mx2.suse.de [195.135.220.15])
	by imf02.hostedemail.com (Postfix) with ESMTP id B8CC6407F8C4
	for <linux-mm@kvack.org>; Fri, 12 Feb 2021 14:53:18 +0000 (UTC)
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (unknown [195.135.221.27])
	by mx2.suse.de (Postfix) with ESMTP id 03E4DB11F;
	Fri, 12 Feb 2021 14:53:21 +0000 (UTC)
Date: Fri, 12 Feb 2021 15:53:18 +0100
From: Joerg Roedel <jroedel@suse.de>
To: Peter Zijlstra <peterz@infradead.org>
Cc: David Rientjes <rientjes@google.com>, Borislav Petkov <bp@alien8.de>,
	Andy Lutomirski <luto@kernel.org>,
	Sean Christopherson <seanjc@google.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
	Andi Kleen <ak@linux.intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Jon Grimm <jon.grimm@amd.com>, Thomas Gleixner <tglx@linutronix.de>,
	Christoph Hellwig <hch@lst.de>, Paolo Bonzini <pbonzini@redhat.com>,
	Ingo Molnar <mingo@redhat.com>, x86@kernel.org, linux-mm@kvack.org
Subject: Re: AMD SEV-SNP/Intel TDX: validation of memory pages
Message-ID: <20210212145318.GK5453@suse.de>
References: <7515a81a-19e-b063-2081-3f5e79f0f7a8@google.com>
 <20210212131907.GI5453@suse.de>
 <YCaOFeZRlUleMSu2@hirez.programming.kicks-ass.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <YCaOFeZRlUleMSu2@hirez.programming.kicks-ass.net>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Stat-Signature: xg7rz6o9i4mth3qy615f7omsme58brnp
X-Rspamd-Server: rspam05
X-Rspamd-Queue-Id: B8CC6407F8C4
Received-SPF: none (suse.de>: No applicable sender policy available) receiver=imf02; identity=mailfrom; envelope-from="<jroedel@suse.de>"; helo=mx2.suse.de; client-ip=195.135.220.15
X-HE-DKIM-Result: none/none
X-HE-Tag: 1613141598-451712
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Fri, Feb 12, 2021 at 03:17:57PM +0100, Peter Zijlstra wrote:
> On Fri, Feb 12, 2021 at 02:19:07PM +0100, Joerg Roedel wrote:
> > 	- Then we can pass this information up the boot process by
> > 	  extending struct boot_params. The bootloader can pass which
> > 	  E820 usable memory it validated, same for the kernel
> > 	  decompressor. The text+data (but not bss) of the running
> > 	  kernel image is per definition validated by the decompressor
> > 	  and does not need to be added explicitly to boot_params.
> 
> Even if all text+data is prevalidated, we'll probably still need some
> prevalidated bss and certainly some prevalidated percpu data (like the
> various stacks, but also crud like the percpu variable we store the DR7
> shadow in etc..).

The kernel sets up early exception handling in head_64.S, right after
setting MSR_GS_BASE. So per-cpu data can probably be be on-demand. For
bss you might be right.

There is a special .bss.decrypted section for SEV which is shared with
the HV. That section also contains the boot_ghcb used for booting and
AP bringup. That one needs to be set up at this point.

So maybe bss should be prevalidated too by the decompressor and when the
kernel starts it makes the bss.decrypted section shared again.

Regards,

	Joerg