From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=d3XW=HO=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.5 required=3.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id EA43EC433E0
	for <linux-mm@archiver.kernel.org>; Fri, 12 Feb 2021 14:18:11 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 8886164E3D
	for <linux-mm@archiver.kernel.org>; Fri, 12 Feb 2021 14:18:11 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8886164E3D
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=infradead.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id C1FCA6B00EB; Fri, 12 Feb 2021 09:18:10 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id BD1596B00EF; Fri, 12 Feb 2021 09:18:10 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id AE7418D0057; Fri, 12 Feb 2021 09:18:10 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0121.hostedemail.com [216.40.44.121])
	by kanga.kvack.org (Postfix) with ESMTP id 990DF6B00EB
	for <linux-mm@kvack.org>; Fri, 12 Feb 2021 09:18:10 -0500 (EST)
Received: from smtpin17.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay02.hostedemail.com (Postfix) with ESMTP id 57D1D362C
	for <linux-mm@kvack.org>; Fri, 12 Feb 2021 14:18:10 +0000 (UTC)
X-FDA: 77809820340.17.5EBCD9E
Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134])
	by imf08.hostedemail.com (Postfix) with ESMTP id 68B5F80192DA
	for <linux-mm@kvack.org>; Fri, 12 Feb 2021 14:18:02 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=infradead.org; s=merlin.20170209; h=In-Reply-To:Content-Type:MIME-Version:
	References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To:
	Content-Transfer-Encoding:Content-ID:Content-Description;
	bh=OuPuqvxfjEFbHimmn09yuXaH2OH8Izm33lbX9wl/OeQ=; b=L397fhocb4H91lBUR5FJNC2tk8
	/wKy5dUQjlG9pQhscTNnYq/py7WORdc5T9lpy2HZ4IiKN/L2Ml7d48HMxeoCbVbuXJNPgr1W7KQ14
	wwk4XXbTr7aoEOLVgTVsuA83CMxuaoIQwuvQRlTfj+SPNi5L4iWtRLXs0jP7sj9NsqG2A8m39w7So
	rcQcJ8stEwT0wHYQFnfrR87JTqF61Xz2raZP9JZoFmiD5m5JceOgEAOZTX5YJCo1QZXydbRoNPkil
	blkTqg/Y15ytmlV2YYXxO/VwrSOmsXLRZvPaEIyCZMb7HGU/B3c1ChLqr3Slvhp/PdtmC83rd9kCP
	wc+uUmfw==;
Received: from j217100.upc-j.chello.nl ([24.132.217.100] helo=noisy.programming.kicks-ass.net)
	by merlin.infradead.org with esmtpsa (Exim 4.92.3 #3 (Red Hat Linux))
	id 1lAZGi-00031m-R2; Fri, 12 Feb 2021 14:18:00 +0000
Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client did not present a certificate)
	by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id CD215306102;
	Fri, 12 Feb 2021 15:17:57 +0100 (CET)
Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000)
	id A4F912C12D781; Fri, 12 Feb 2021 15:17:57 +0100 (CET)
Date: Fri, 12 Feb 2021 15:17:57 +0100
From: Peter Zijlstra <peterz@infradead.org>
To: Joerg Roedel <jroedel@suse.de>
Cc: David Rientjes <rientjes@google.com>, Borislav Petkov <bp@alien8.de>,
	Andy Lutomirski <luto@kernel.org>,
	Sean Christopherson <seanjc@google.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
	Andi Kleen <ak@linux.intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Jon Grimm <jon.grimm@amd.com>, Thomas Gleixner <tglx@linutronix.de>,
	Christoph Hellwig <hch@lst.de>, Paolo Bonzini <pbonzini@redhat.com>,
	Ingo Molnar <mingo@redhat.com>, x86@kernel.org, linux-mm@kvack.org
Subject: Re: AMD SEV-SNP/Intel TDX: validation of memory pages
Message-ID: <YCaOFeZRlUleMSu2@hirez.programming.kicks-ass.net>
References: <7515a81a-19e-b063-2081-3f5e79f0f7a8@google.com>
 <20210212131907.GI5453@suse.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20210212131907.GI5453@suse.de>
X-Stat-Signature: 9gsiyo9ce5af15gtxhzq53tu146drg94
X-Rspamd-Server: rspam02
X-Rspamd-Queue-Id: 68B5F80192DA
Received-SPF: none (infradead.org>: No applicable sender policy available) receiver=imf08; identity=mailfrom; envelope-from="<peterz@infradead.org>"; helo=merlin.infradead.org; client-ip=205.233.59.134
X-HE-DKIM-Result: pass/pass
X-HE-Tag: 1613139482-394153
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Fri, Feb 12, 2021 at 02:19:07PM +0100, Joerg Roedel wrote:
> 	- Then we can pass this information up the boot process by
> 	  extending struct boot_params. The bootloader can pass which
> 	  E820 usable memory it validated, same for the kernel
> 	  decompressor. The text+data (but not bss) of the running
> 	  kernel image is per definition validated by the decompressor
> 	  and does not need to be added explicitly to boot_params.

Even if all text+data is prevalidated, we'll probably still need some
prevalidated bss and certainly some prevalidated percpu data (like the
various stacks, but also crud like the percpu variable we store the DR7
shadow in etc..).