From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 78637C4332F for ; Wed, 23 Nov 2022 16:20:50 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EC3F06B0071; Wed, 23 Nov 2022 11:20:49 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id E4CD06B0073; Wed, 23 Nov 2022 11:20:49 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CC7726B0074; Wed, 23 Nov 2022 11:20:49 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id B4E5C6B0071 for ; Wed, 23 Nov 2022 11:20:49 -0500 (EST) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 8CD041C642D for ; Wed, 23 Nov 2022 16:20:49 +0000 (UTC) X-FDA: 80165220618.12.F7E26DA Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) by imf06.hostedemail.com (Postfix) with ESMTP id 17DD218000E for ; Wed, 23 Nov 2022 16:20:48 +0000 (UTC) Received: by mail-pl1-f177.google.com with SMTP id b21so17073924plc.9 for ; Wed, 23 Nov 2022 08:20:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=biytTCPD12F4npEKT0DfXCiC4jXj2dN/DuTN/IJuM4s=; b=AF3yX36RbTt6w4YEqeeyFdeC+mAm6+7DlXNR5rnZVktMI8K6LdlLOZ6r6wn5ZFj+Tf lQjlmkDJPf4hsgvCsYB37Q4wWjng3xSdxWBgiqcJ/edqBZfWuAtpjFU9ImN5HhLWbYnd 2RIhMM1aMliGLXZyB4bqFeL7TjrWxPVyvYhaKSOZbmhLU6m3U9IIzf0QYr0NS0QayBMr yYUvc/iHV1UhN1a/Lvy/RMDKFZz9yt0t+j2i83TNzA/8YogsvLzOJ1jiMNJnk0vElcPP UtIk4CJybUNrKl3EUJPbl3KTk9Wif7xwTAQhkeEn58zqTeq7pesgEdvT0lUf75PCyqe5 +tHA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=biytTCPD12F4npEKT0DfXCiC4jXj2dN/DuTN/IJuM4s=; b=8PKZqpj3KzOIvRFt+qVdaY3cKgrJJipiZvkEZg+DXWmCfHLdey+P5iWaSIsNGCgaFS cHKdi3b4jMtOvyH7+5pJdBAtVXBfOgdt/yD3dyG57Xtr8Hz7qCnJwCMg9OP1Qza4bg1t XYYQ3e8RrslXhGrNpB3A5E0RDVXDrx837p9vYk60SQvNBvZtq0JXhHQscNsPLmkevkid Lf/mLdT6hyAzzoADKe2gIcAuXCo0dWxFal3a+//lIRLpQOoieKEP3ureCKNklfE6wIUA VScdycduIqIBl90OEtbFiNbc/m8AAnSunEO/2K9N4IrURi3AruLbvDuKuCDOdrIklahN /YSw== X-Gm-Message-State: ANoB5pmtW6ufBkolr2QqmRUX8LeIgTy/dp/UsyKuAfnN3SB+PGdpHw1s tasX6J35dTPJm6tZh4CFv1AUYg== X-Google-Smtp-Source: AA0mqf4LMvmUvNu8vznYJ9wo0VaZW/vEVEFJ6RP2FuHSxjBL2AQ6kZF8XJvOOwNkqFIQHA99DQTkqQ== X-Received: by 2002:a17:902:d711:b0:17f:52af:d035 with SMTP id w17-20020a170902d71100b0017f52afd035mr10178670ply.106.1669220447476; Wed, 23 Nov 2022 08:20:47 -0800 (PST) Received: from google.com (7.104.168.34.bc.googleusercontent.com. [34.168.104.7]) by smtp.gmail.com with ESMTPSA id a22-20020a170902b59600b00177f25f8ab3sm14522037pls.89.2022.11.23.08.20.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Nov 2022 08:20:46 -0800 (PST) Date: Wed, 23 Nov 2022 16:20:43 +0000 From: Sean Christopherson To: "Huang, Kai" Cc: "peterz@infradead.org" , "Hansen, Dave" , "kvm@vger.kernel.org" , "Luck, Tony" , "bagasdotme@gmail.com" , "ak@linux.intel.com" , "Wysocki, Rafael J" , "linux-kernel@vger.kernel.org" , "Chatre, Reinette" , "pbonzini@redhat.com" , "linux-mm@kvack.org" , "Yamahata, Isaku" , "kirill.shutemov@linux.intel.com" , "Shahar, Sagi" , "imammedo@redhat.com" , "Gao, Chao" , "Brown, Len" , "sathyanarayanan.kuppuswamy@linux.intel.com" , "Huang, Ying" , "Williams, Dan J" Subject: Re: [PATCH v7 06/20] x86/virt/tdx: Shut down TDX module in case of error Message-ID: References: <48505089b645019a734d85c2c29f3c8ae2dbd6bd.1668988357.git.kai.huang@intel.com> <52b2be9b-defd-63ce-4cb2-96cd624a95a6@intel.com> <791bf9a2-a079-3cd6-90a3-42dbb332a38c@intel.com> <9f1ea2639839305dd8b82694b3d8c697803f43a1.camel@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <9f1ea2639839305dd8b82694b3d8c697803f43a1.camel@intel.com> ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1669220449; a=rsa-sha256; cv=none; b=Pf+eNX79w9176ZgD+4lZLfRkm5X0I4DtB+ngYuva/SMWLmz8oBfhlJO1DlwMh/2zkxPjdM 7aAL13glwJmTUOZRg0V5MKdGzhISkuxUebaRcVS5Q6uMziK6GLE6CvxoEowYog2Zkmyc/f LZcgp9v70BR9txnCnaqXMzxEtm7Wp8g= ARC-Authentication-Results: i=1; imf06.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=AF3yX36R; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf06.hostedemail.com: domain of seanjc@google.com designates 209.85.214.177 as permitted sender) smtp.mailfrom=seanjc@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1669220449; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=biytTCPD12F4npEKT0DfXCiC4jXj2dN/DuTN/IJuM4s=; b=7VFkSUNJPUPAgGmv+vHfkDEgbZ9CDg0r6pWP6qOPJPJgP4Oq8vdr2UY2iOTfGZGpM5gC/V h8dQsMndOvD2qPFCfCV1NjCyRj3A+D8ZIJ0DSJFfLMQ7r5Le14vy+6b3ec0Lgv1E58FNy8 ZR8Q6xMEvYNQfHY6TGkqBh73RPMJTQ4= X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 17DD218000E X-Rspam-User: Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=AF3yX36R; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf06.hostedemail.com: domain of seanjc@google.com designates 209.85.214.177 as permitted sender) smtp.mailfrom=seanjc@google.com X-Stat-Signature: 1394jidqyzzjixpay96pgwah37yjwmbk X-HE-Tag: 1669220448-271129 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Nov 23, 2022, Huang, Kai wrote: > On Tue, 2022-11-22 at 17:04 -0800, Dave Hansen wrote: > > On 11/22/22 16:58, Huang, Kai wrote: > > > On Tue, 2022-11-22 at 11:24 -0800, Dave Hansen wrote: > > > > > I was expecting TDX to not get initialized until the first TDX using KVM > > > > > instance is created. Am I wrong? > > > > I went looking for it in this series to prove you wrong. I failed. 😄 > > > > > > > > tdx_enable() is buried in here somewhere: > > > > > > > > > https://lore.kernel.org/lkml/CAAhR5DFrwP+5K8MOxz5YK7jYShhaK4A+2h1Pi31U_9+Z+cz-0A@mail.gmail.com/T/ > > > > I don't have the patience to dig it out today, so I guess we'll have Kai > > > > tell us. > > > It will be done when KVM module is loaded, but not when the first TDX guest is > > > created. > > > > Why is it done that way? > > > > Can it be changed to delay TDX initialization until the first TDX guest > > needs to run? > > > > Sean suggested. > > Hi Sean, could you commenet? Waiting until the first TDX guest is created would result in false advertising, as KVM wouldn't know whether or not TDX is actually supported until that first VM is created. If we can guarantee that TDH.SYS.INIT will fail if and only if there is a kernel bug, then I would be ok deferring the "enabling" until the first VM is created.