From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=amiN=HS=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-5.1 required=3.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,NICE_REPLY_A,
	SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 7AA56C433DB
	for <linux-mm@archiver.kernel.org>; Tue, 16 Feb 2021 17:05:58 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 1B1A864DEC
	for <linux-mm@archiver.kernel.org>; Tue, 16 Feb 2021 17:05:58 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1B1A864DEC
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id B02196B006E; Tue, 16 Feb 2021 12:05:57 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id AB3546B0070; Tue, 16 Feb 2021 12:05:57 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 953E66B0071; Tue, 16 Feb 2021 12:05:57 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0107.hostedemail.com [216.40.44.107])
	by kanga.kvack.org (Postfix) with ESMTP id 7FBD46B006E
	for <linux-mm@kvack.org>; Tue, 16 Feb 2021 12:05:57 -0500 (EST)
Received: from smtpin13.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay02.hostedemail.com (Postfix) with ESMTP id 2C4B0348D
	for <linux-mm@kvack.org>; Tue, 16 Feb 2021 17:05:57 +0000 (UTC)
X-FDA: 77824758354.13.air48_540f89827645
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin13.hostedemail.com (Postfix) with ESMTP id 0DD6518141ED8
	for <linux-mm@kvack.org>; Tue, 16 Feb 2021 17:05:57 +0000 (UTC)
X-HE-Tag: air48_540f89827645
X-Filterd-Recvd-Size: 5538
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124])
	by imf01.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Tue, 16 Feb 2021 17:05:56 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1613495156;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=9/cTPPpAqV5XBwkOi0XflfOpMsRakORbGA0MBo0vfEU=;
	b=c0BLdmUG1iMRRkIK6FD8I25ApXc7KmLFAqP4mwkg+vjBPzWQsJu1IUgx6IlmPUmFHXfifP
	86NNZ600wV9tjG/nN3K7cpR3bnNKmvHP/QvGS/dPwhetrhcwypoYYGHPi4dsre5c11tYY1
	oG4dryqX+AjM4qXi8ikKhGVUvnDgAik=
Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com
 [209.85.221.72]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-552-KKvQI-bPMQmNx7XE2go-Kg-1; Tue, 16 Feb 2021 12:05:51 -0500
X-MC-Unique: KKvQI-bPMQmNx7XE2go-Kg-1
Received: by mail-wr1-f72.google.com with SMTP id c9so13679694wrq.18
        for <linux-mm@kvack.org>; Tue, 16 Feb 2021 09:05:51 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:to:cc:references:from:subject:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=9/cTPPpAqV5XBwkOi0XflfOpMsRakORbGA0MBo0vfEU=;
        b=dOOl8HCBsq4UOMyYTwkIy//sRVpJnnloz3VyXfgvJhEvpcaTGqPbB9iJTaH+z80U/n
         Zaj2LxQswHG6UukgDoLuWfw5WSctMTq6kkVXTYRkUTIghVuGPoBPV6EIPgep3YfA5xAI
         0iEvL+nTReqz1uG25QSsXnLXhPwjvL94x+6K8gA59VYZB4d8sKAZpa7TieeSdAxANWzW
         PL9OuNEpzFzQ4jyYuRDQzndA8zuiyjBjYkDqtm6bleY1GeQeWdUClcdms1Yjr/SM2re7
         19YTlytaxmdKfF6GD1yWRrvf/AGMqI0SwTba5J3b/d7rslhuI9/n738mjDtfXtUOwhAp
         v8WA==
X-Gm-Message-State: AOAM532SwXiBDSHfMv2LxtbzO/AOV8+NzCyLPg19f6nRQfslDx9QJWE3
	4jwzQ84iBJcgMbLoCLSmQIIwOWeIBbLGLk1PvUR0j7AqU7rMC85D07voT8LNownWSh2oIZQ9PzJ
	bzn/6RjXp+UqOzRGweCb9KeGYCWL9+58twcBcr6AjLlvronGReKXl1x8jNGQxxi0=
X-Received: by 2002:a1c:dfd6:: with SMTP id w205mr4012481wmg.90.1613495149841;
        Tue, 16 Feb 2021 09:05:49 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxD2fcW8aDO2OLyQd7BGIZ89O2BRIpbg42izByFN+xqqtn38TwR+P3MimorRkvoel8qipq3xg==
X-Received: by 2002:a1c:dfd6:: with SMTP id w205mr4012431wmg.90.1613495149365;
        Tue, 16 Feb 2021 09:05:49 -0800 (PST)
Received: from ?IPv6:2001:b07:6468:f312:c8dd:75d4:99ab:290a? ([2001:b07:6468:f312:c8dd:75d4:99ab:290a])
        by smtp.gmail.com with ESMTPSA id 36sm31801744wrj.97.2021.02.16.09.05.47
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Tue, 16 Feb 2021 09:05:48 -0800 (PST)
To: Andy Lutomirski <luto@amacapital.net>
Cc: Peter Zijlstra <peterz@infradead.org>, Andi Kleen <ak@linux.intel.com>,
 Joerg Roedel <jroedel@suse.de>, David Rientjes <rientjes@google.com>,
 Borislav Petkov <bp@alien8.de>, Andy Lutomirski <luto@kernel.org>,
 Sean Christopherson <seanjc@google.com>,
 Andrew Morton <akpm@linux-foundation.org>,
 "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
 Brijesh Singh <brijesh.singh@amd.com>, Tom Lendacky
 <thomas.lendacky@amd.com>, Jon Grimm <Jon.Grimm@amd.com>,
 Thomas Gleixner <tglx@linutronix.de>, Christoph Hellwig <hch@lst.de>,
 Ingo Molnar <mingo@redhat.com>, x86@kernel.org, linux-mm@kvack.org
References: <5ff9690f-331a-8322-3431-212b14f64fcc@redhat.com>
 <E12DD668-596B-4AEB-86B1-78BD0F60E85C@amacapital.net>
From: Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: AMD SEV-SNP/Intel TDX: validation of memory pages
Message-ID: <c92612ab-96d1-563c-9c70-c42011e8a7fc@redhat.com>
Date: Tue, 16 Feb 2021 18:05:47 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <E12DD668-596B-4AEB-86B1-78BD0F60E85C@amacapital.net>
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=pbonzini@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On 16/02/21 17:57, Andy Lutomirski wrote:
>=20
>=20
>> On Feb 16, 2021, at 7:59 AM, Paolo Bonzini <pbonzini@redhat.com>
>> wrote:
>>=20
>> =EF=BB=BFOn 16/02/21 15:46, Peter Zijlstra wrote:
>>>> On Tue, Feb 16, 2021 at 06:27:41AM -0800, Andi Kleen wrote: I
>>>> think the IST solution should at least be explored before=20
>>>> dismissing it. It might be simpler than anything else (like=20
>>>> using new APIs)
>>> Have you seen the trainwreck bonzini proposed?
>>=20
>> You had been suspiciously silent...
>=20
> Can one of you point me at the original proposal?

https://lkml.org/lkml/2020/5/15/1239

(only pseudocode)

> This sounds suspiciously like the current NMI code.

Yes, it's similar in concept.  The exact circumstances of how nested #VE=20
happens, however, are different from NMI, and the limitation of two=20
nested #VEs simplifies things a bit.

> I want to look at the code. If nothing else, I suspect it=E2=80=99s bus=
ted wrt CET,

Yes, that's the obvious part.  You'd have to add some WRSSP or whatnot.

Paolo

> but the current NMI code definitely has bugs.  For example, if we are
> about to IRET from NMI and we get #VE in the IRET insn itself and
> then get a new NMI inside the #VE, we are toast.