Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp4225148pxb; Mon, 8 Feb 2021 10:48:38 -0800 (PST) X-Google-Smtp-Source: ABdhPJwkfybuMetBVxlJo7uDRD67upMD4PzTlfGyxU26GTpIGMTnvs8rDzer3/pYdsFeZ6b+3O4t X-Received: by 2002:a17:906:2e4f:: with SMTP id r15mr18403744eji.407.1612810117989; Mon, 08 Feb 2021 10:48:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1612810117; cv=none; d=google.com; s=arc-20160816; b=u9gmh49oqmDRWRggHHTr91pLNtnlL/FP30nLUHSvwuImsULCWVG7PDgGds5vOYirIS VKkKiWn5nTz4pix78fBdynYggEuR9Pyz+fc6YqcsveEmmhe0pLRpCO+M2y1WoImKOon0 BERWQLQakP0CQ8kQ82ZxZ6ARUg64D20cbXKr32A8kwmfejcljLGFVvHmgl9quPuuvjk/ lYLjPiwWL5hV+g822lMSoI/5RJ4fcA3KjRWYXMH+7t0GDJ0i1F2bV7cKmMpcZ1AQl8yD oRG7gHSgR6YJ/rxwbi7KtUeygJpcW/WHRCOKKoiF6Kd+PXu7ixjRhzJu9cADrhUpYKHu HLqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:ironport-sdr :ironport-sdr; bh=xmKSoTe500DNsqUVh4Ms0Jh1Vu9dDq3Le7XseGY2ls8=; b=Y0fCiG1xNOjV20DVi2lN4HdzHJK4yzgWIKa7M7aPCHFDQ0fYgOVb3eZfNM/oIvxAKO SumsxyhiLbUBv6Ssc8Slwjw2FPVUGaQoEIPQ8W7BOU1VrII2XSacJtROZI+HMEveBIb4 sJpfjUOfFmzGam+aFkrNT2pL/SffcZH8crUIN8ZpBKC5Ml3MrcXI5T0Z6EvqIHWeGFDy R76NgCd5mnlPp0O1S7k1ocd2qHWWQCOA+xvO73rLxasnJL6/kssNfBZ9FuKwo614ijgv ZbVSsSZXSFGYu+5eVOWSwzIx8gnfTzJXnHYqFIE5nhqNowjlAv3ozneKmJIAc/ytpcCk EUXg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y15si13627814edv.236.2021.02.08.10.48.14; Mon, 08 Feb 2021 10:48:37 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234629AbhBHSos (ORCPT + 99 others); Mon, 8 Feb 2021 13:44:48 -0500 Received: from mga02.intel.com ([134.134.136.20]:32724 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234147AbhBHQs0 (ORCPT ); Mon, 8 Feb 2021 11:48:26 -0500 IronPort-SDR: uLm5SqUfPZeOMgAYg6u3OmU4OSTlLMbnSd1JB6H+3s+1wIQzBzLtVoRxkurOwNNnqXbzd/a1iq VwdDBPA/2X5A== X-IronPort-AV: E=McAfee;i="6000,8403,9889"; a="168865857" X-IronPort-AV: E=Sophos;i="5.81,162,1610438400"; d="scan'208";a="168865857" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Feb 2021 08:46:40 -0800 IronPort-SDR: 0tH8vZ2UDyXUCeWra8Y96TDBdMxjR8G87LfAVI2Q1A7MD5uAf6Y1yA03Dp9YVvseRVpM7J9ttu hyLgSbZIH7BQ== X-IronPort-AV: E=Sophos;i="5.81,162,1610438400"; d="scan'208";a="435687940" Received: from tassilo.jf.intel.com ([10.54.74.11]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Feb 2021 08:46:40 -0800 Date: Mon, 8 Feb 2021 08:46:39 -0800 From: Andi Kleen To: Peter Zijlstra Cc: Kuppuswamy Sathyanarayanan , Andy Lutomirski , Dave Hansen , Kirill Shutemov , Kuppuswamy Sathyanarayanan , Dan Williams , Raj Ashok , Sean Christopherson , linux-kernel@vger.kernel.org, Sean Christopherson Subject: Re: [RFC v1 05/26] x86/traps: Add #VE support for TDX guest Message-ID: <20210208164639.GB365765@tassilo.jf.intel.com> References: <48a702f536ccf953eee5778023ed6d1a452f6dcf.1612563142.git.sathyanarayanan.kuppuswamy@linux.intel.com> <20210208162301.GA365765@tassilo.jf.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > > > So what happens if NMI happens here, and triggers a nested #VE ? > > > > Yes that's a gap. We should probably bail out and reexecute the original > > instruction. The VE handler would need to set a flag for that. > > > > Or alternatively the NMI always gets the VE information and puts > > it on some internal stack, but that would seem clunkier. > > The same is possible with MCE and #DB I imagine. I don't think there are currently any plans to inject #MC into TDX guests. It's doubtful this could be done securely. #DB is trickier because it will happen every time, so simply reexecuting won't work. I guess it would need the ve info stack, or some care in kprobes/kernel debugger that it cannot happen. I think I would prefer the later. -Andi