Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp135925ybv; Wed, 19 Feb 2020 17:59:01 -0800 (PST) X-Google-Smtp-Source: APXvYqyZp3UUApcGlZQiQG6+TMO+jTr9ZvzIuu4QoBI2aW+h3hkCU/Fn3a3qk7G646O9SUafiymz X-Received: by 2002:a05:6830:1e86:: with SMTP id n6mr22133337otr.321.1582163940968; Wed, 19 Feb 2020 17:59:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582163940; cv=none; d=google.com; s=arc-20160816; b=kr/mcNekUV2eaDIMo45XJ9r/eyChWpM/T3hrslFtLv0jKv1BJBUWgb1jdoaDawhz50 +hclVZH1QJsGldeZ9M0SPOZssVmbIVM/jsz98I8mP90uKO1IRYgEQ+OwQlKhM1aFWXGH Jkbhv4QBuaa0zSezXJXG66PjA0DEOgiL+t/kAiUAmzwSy2PvXJv/ubQJZmXFW09V6puL j5rgfJhgI4quyyH9Q+K+L6nVxbdPDe7U/mrVF+rkZ3CJojDC742l7m1zaGCDoEYAUXw2 GkZxtzIbexTnXTuf9Fg19cmyOvZCP/bRVhgt80XmAxzUFf34m/gaIbmT08W6q3RhJNNz GxnQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=APKRCoSFNxgib98sarPirgAXkcwav8pwl6BIBPHcdbs=; b=xccV6Y8kt9ZEd4sbHhLFdA/h0tckGtM3BgNYGHysTvdJcsSaN0uwe9XtH5qL3wbp/j YsMW2esaHDAqj/4E6x0Di7SuWxXDqf5Rl1JkKZqrsEFYrkCnldhdRi48Xp05sB9Z8Lr8 OWvk2UOGYXG9/rX4/at+S2tCG+5j5CDysHWrcA0V4X96ieCebjz/15DeLxM35f5tLct8 Rxxp1Zl65fMgvEtS0RrrIMxeH0wyQVBZXaLNixNwOVSNeqVXCSK776shzu9nHeoCnZd2 X/TdMnLwmEWOVJwhaGFc7FNKMO/siQOkj9FephWy6PvjMlJW0PJiw8dVt3Lqq9mcuaN0 Poig== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=NKdThx0b; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i5si10859145oif.211.2020.02.19.17.58.49; Wed, 19 Feb 2020 17:59:00 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=NKdThx0b; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727691AbgBTB6k (ORCPT + 99 others); Wed, 19 Feb 2020 20:58:40 -0500 Received: from mail-lf1-f68.google.com ([209.85.167.68]:42997 "EHLO mail-lf1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727211AbgBTB6j (ORCPT ); Wed, 19 Feb 2020 20:58:39 -0500 Received: by mail-lf1-f68.google.com with SMTP id 83so335428lfh.9 for ; Wed, 19 Feb 2020 17:58:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=APKRCoSFNxgib98sarPirgAXkcwav8pwl6BIBPHcdbs=; b=NKdThx0bPVxpHUb69NDgwzZbIykBF1BDDoum+P7X0dNF/aReMWIoaxxfBX+ziIRcbt x69msV8BMwWGab0wDYywrLJLsx/6grxnE3BGe7sgxSI7V+I+zyj+2xzEXqkIis0+TaFk EsjKXVvbxnwgjXISXG8ERjXHmQLzZLqzzdNODf4EhAujT0WmSSn/4BLd3qSjAyREfzzd nSg41EKqK5Jj9FTLdFL+RtPxEG4/PzuP5HVihs61P4gWBTvswmlsPMTVswBUm8i29ctT xXgphN+c00ABnXeMpTFqm4fNETxtJx9E0OEDQiL2ry1pOZm8kd6OOVvuEw5a8uAOzaWd IYcQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=APKRCoSFNxgib98sarPirgAXkcwav8pwl6BIBPHcdbs=; b=NjfaIGLM1D3A6g7n+M9beRnhbWxf7E1mw2SzJWQXE1XfeO1K9cn5oyGZS5EfhAt3Xw lAAktCLACUkdfUBN1HamwytB3qzPXyeGszxxIveBVbYcFTMnELqW6EiTg41K/KFtyeub O74/OqZq6iCenIHUbXSF/qB7+HF1So4SSzYWY+AdREGhRf55n7sSp9zqNEWbPQWK4U0n WpImEQvnvok0yjnpOKFOwUdopj/BIyCjTsfgM2hhBYLWJL31dsOfGhxslvi8bRngPSxN riXb3DLxiLO1EtM5tr2Gnke+DxaYR9V6vjbfGco3hU0UfpUj2SGqz49uPIxLCCBkV8Iv SOjg== X-Gm-Message-State: APjAAAU0X+NIPErpbeRSMz4diTx/13APR04MQ/cVzw0sk5BJbzaHbbKO 1jK3NfMLbF+dYyErw2b+0OGzseD9KQoU/+oGd2i+6w== X-Received: by 2002:a19:dc1e:: with SMTP id t30mr14962222lfg.34.1582163917327; Wed, 19 Feb 2020 17:58:37 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Steve Rutherford Date: Wed, 19 Feb 2020 17:58:00 -0800 Message-ID: Subject: Re: [PATCH 10/12] mm: x86: Invoke hypercall when page encryption status is changed To: Ashish Kalra Cc: Paolo Bonzini , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Joerg Roedel , Borislav Petkov , Tom Lendacky , David Rientjes , x86@kernel.org, KVM list , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Feb 12, 2020 at 5:18 PM Ashish Kalra wrote: > > From: Brijesh Singh > > Invoke a hypercall when a memory region is changed from encrypted -> > decrypted and vice versa. Hypervisor need to know the page encryption > status during the guest migration. One messy aspect, which I think is fine in practice, is that this presumes that pages are either treated as encrypted or decrypted. If also done on SEV, the in-place re-encryption supported by SME would break SEV migration. Linux doesn't do this now on SEV, and I don't have an intuition for why Linux might want this, but we will need to ensure it is never done in order to ensure that migration works down the line. I don't believe the AMD manual promises this will work anyway. Something feels a bit wasteful about having all future kernels universally announce c-bit status when SEV is enabled, even if KVM isn't listening, since it may be too old (or just not want to know). Might be worth eliding the hypercalls if you get ENOSYS back? There might be a better way of passing paravirt config metadata across than just trying and seeing if the hypercall succeeds, but I'm not super familiar with it.