Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3448603pxj; Mon, 24 May 2021 07:03:22 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyX+7u+sdLqpz6ff66uC9+QfwL/4KkLBQCTXBw5d7Ne2knvOYxav8twLHMVKTpCXW4dTceK X-Received: by 2002:a05:6e02:1a07:: with SMTP id s7mr14479570ild.251.1621865002275; Mon, 24 May 2021 07:03:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1621865002; cv=none; d=google.com; s=arc-20160816; b=waN87SXGixd2azpRr/A6rlDRHuQFpk0Gc7g3Hrk910rsror6swhe5/m5rGkkcyk/a7 9m8yEBHyJjnw3+NCwc0NtxhuPOvctq5bzxm7mRvZHaeimoY+bAnFN1B6/Wa8nAdSUyxK ddDrhNHycQGGiTXbD/wnC0/MEnwjEMugdVT2NADDNvFJfUaKaDKVd5jxrSMowyOJskgG 7gfYF6S8LeyIwQXSpew3cuUiaCvKc6lf50AK89HuwbiG/vBLtporlkUIVTLUbns0wCDh QZ6k9nJhLNySd4jT4jmB2fI6VvD7pgivpdOXO1z8Cy+u9no9B1mtyVM22RJ8WgxRQcP8 BDJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-language:content-transfer-encoding :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:ironport-sdr:ironport-sdr; bh=7hm34CcLmGHj8nrzDdMKijokkla8wEA3D7nusHr8kUM=; b=hIzy3Zgyh1Xb6dnqtLF+Kg7xX17+/Qk3RSVYUW6ielgSg7YpbGbQoXwzWQTWY3oKJI PzR5on2NiQO4Y5mJlevriidX9tN7WUIZobVzkW3ZB1qyfscG/FNiTAGHkA2jfkXj2aff SYF/SMNd9fjuSvYDqb0/2F5E8QiydfCLWqRfhFlUO6cUYD6q6p+lpKRUFSyPI++hPQ52 iTGgfqCE7U9f5/gVbYW8C0+ueNrTa0X+SAPZGEOdTCKKD3W7lFxTVudHrrTAatexjXWA sQMsiB9BtUeK6yt4dfmRW6PAEzKT6twRv5oQT9F3UqK+cj2Rf6B/sv3jnbVylS2FIhQ5 mA2A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c11si14122767jaq.7.2021.05.24.07.03.06; Mon, 24 May 2021 07:03:22 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232921AbhEXODz (ORCPT + 99 others); Mon, 24 May 2021 10:03:55 -0400 Received: from mga02.intel.com ([134.134.136.20]:57733 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232685AbhEXODw (ORCPT ); Mon, 24 May 2021 10:03:52 -0400 IronPort-SDR: iPdetV0H2PEBbh00KjiG2xYeGimYoxkODx+Njp+NNPX1iEPwDTiHFmjPX/Ug9BAk6+sK6cHi3j BFLnM1xsijiw== X-IronPort-AV: E=McAfee;i="6200,9189,9993"; a="189062136" X-IronPort-AV: E=Sophos;i="5.82,325,1613462400"; d="scan'208";a="189062136" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 May 2021 07:02:24 -0700 IronPort-SDR: jI7ZS3h/4UbJECht2U+futzaJOpalxKkYo6SM5/TK/275LD5dMWDY1DkD4i7hq/YQRmff+FP6u B6ht9E1LEp+A== X-IronPort-AV: E=Sophos;i="5.82,325,1613462400"; d="scan'208";a="442836126" Received: from imadu-mobl.amr.corp.intel.com (HELO [10.212.195.214]) ([10.212.195.214]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 May 2021 07:02:22 -0700 Subject: Re: [RFC v2-fix 1/1] x86/traps: Add #VE support for TDX guest To: Dan Williams Cc: Dave Hansen , Kuppuswamy Sathyanarayanan , Peter Zijlstra , Andy Lutomirski , Tony Luck , Kirill Shutemov , Kuppuswamy Sathyanarayanan , Raj Ashok , Sean Christopherson , Linux Kernel Mailing List , Sean Christopherson References: <20210518000957.257869-1-sathyanarayanan.kuppuswamy@linux.intel.com> <4fc32900-412d-fa10-520e-afa6caade33e@intel.com> <81c0f447-44b8-c2b6-ce41-a39ec0a1832b@linux.intel.com> From: Andi Kleen Message-ID: <4031ffc2-a442-5da7-e793-ac1053533bb3@linux.intel.com> Date: Mon, 24 May 2021 07:02:21 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org >> Only drivers that are not supported in TDX anyways could do it (mainly >> watchdog drivers) > What about apei_{read,write}() for ACPI error handling? Those are > called in NMI to do MMIO accesses. It's not just watchdog drivers. We expect the APEI stuff to be filtered in the normal case to reduce the attack surface. There's no use case for APEI error reporting in a normally operating TDX guest. But yes that's why I wrote mainly. It should work in any case, we fully support #VE nesting after TDVEREPORT. -Andi