linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Sean Christopherson <seanjc@google.com>
To: Borislav Petkov <bp@alien8.de>
Cc: Dionna Amalie Glaze <dionnaglaze@google.com>,
	x86@kernel.org, linux-kernel@vger.kernel.org,
	Tom Lendacky <Thomas.Lendacky@amd.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Joerg Roedel <jroedel@suse.de>, Peter Gonda <pgonda@google.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
	Venu Busireddy <venu.busireddy@oracle.com>,
	Michael Roth <michael.roth@amd.com>,
	"Kirill A. Shutemov" <kirill@shutemov.name>,
	Michael Sterritt <sterritt@google.com>
Subject: Re: [PATCH v12 2/3] x86/sev: Change snp_guest_issue_request's fw_err
Date: Tue, 24 Jan 2023 16:35:37 +0000	[thread overview]
Message-ID: <Y9AI2eZCCSo3+hYz@google.com> (raw)
In-Reply-To: <Y8/iYyGHiPow20NX@zn.tnic>

On Tue, Jan 24, 2023, Borislav Petkov wrote:
> On Mon, Jan 23, 2023 at 01:22:07PM -0800, Dionna Amalie Glaze wrote:
> > This isn't the primary problem that needs fixing, although it is part
> > of it.
> 
> I'm replying to the 2/3 patch which is addressing this part.
> 
> > The problem is that the host can provide a throttling error and
> > the guest will need to continue trying the exact same request or else
> > end up locking themself out of the vmpck due to the IV reuse patch
> > Peter sent.
> > 
> > I think Sean's request to keep throttling a host problem in user space
> 
> + Sean.

It was not a request, it was a question[*].  In the same paragraph I even asked
if the guest was expected to schedule out the blocked task.

 : Why does throttling just punt back to the guest?  E.g. why not exit to userspace
 : and let userspace stall the vCPU?  Is the guest expected to schedule out the task
 : that's trying to make the request?

[*] https://lore.kernel.org/all/Y8rEFpbMV58yJIKy@google.com

> > is not the right one in this case. That would avoid scheduling the
> > whole vCPU, but the guest code I'm proposing can do other useful work
> > while waiting. There will be no other code that depends on that
> > particular control flow.

Relying on host behavior for this sort of thing is also a bad idea.   There is no
contract between the guest and host beyond the host being able to say "you've been
throttled".

Similar to Boris's comments about splitting this patch to fix bugs, separate the
handling of SNP_GUEST_VMM_ERR_BUSY from the internal ratelimiting.  For all intents
and purpsoses, gracefully handling SNP_GUEST_VMM_ERR_BUSY is mandatory.  Ratelimiting
requests from the guest side is a completely different story.

  reply	other threads:[~2023-01-24 16:36 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-01-20 21:48 [PATCH v12 0/3] Add throttling detection to sev-guest Dionna Glaze
2023-01-20 21:48 ` [PATCH v12 1/3] crypto: ccp - Name -1 return value as SEV_RET_NO_FW_CALL Dionna Glaze
2023-01-20 21:48 ` [PATCH v12 2/3] x86/sev: Change snp_guest_issue_request's fw_err Dionna Glaze
2023-01-21 17:05   ` Borislav Petkov
2023-01-23 20:24   ` Borislav Petkov
2023-01-23 21:22     ` Dionna Amalie Glaze
2023-01-24 13:51       ` Borislav Petkov
2023-01-24 16:35         ` Sean Christopherson [this message]
2023-01-20 21:48 ` [PATCH v12 3/3] virt: sev-guest: interpret VMM errors from guest request Dionna Glaze

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Y9AI2eZCCSo3+hYz@google.com \
    --to=seanjc@google.com \
    --cc=Thomas.Lendacky@amd.com \
    --cc=bp@alien8.de \
    --cc=dave.hansen@linux.intel.com \
    --cc=dionnaglaze@google.com \
    --cc=hpa@zytor.com \
    --cc=jroedel@suse.de \
    --cc=kirill@shutemov.name \
    --cc=linux-kernel@vger.kernel.org \
    --cc=michael.roth@amd.com \
    --cc=mingo@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=pgonda@google.com \
    --cc=sterritt@google.com \
    --cc=tglx@linutronix.de \
    --cc=venu.busireddy@oracle.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).