Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp1851587iob; Fri, 29 Apr 2022 14:32:05 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyVurokrVUJDwr4GlHZI8wuFtLWHgHw9nQ39J+IR5oT6pq44yk5PnnYenGsgTSeS+GooCZW X-Received: by 2002:a17:902:9041:b0:159:e08:5f4b with SMTP id w1-20020a170902904100b001590e085f4bmr1263184plz.33.1651267925357; Fri, 29 Apr 2022 14:32:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1651267925; cv=none; d=google.com; s=arc-20160816; b=Y11586CC2armmkOA1GuU4/GDSi6HNAzDiHbe6iBJPV341zYLkGrClxUc6u1nmX1+3Y ByOUqQDmuo1xTAfcQH0fPV1as/4kfRIqCvfKHLa/ZYVo8ikeqvlx0v6D2RwX5iFmwlpN lpEn9uZQa2r7KZyMpT/zvpkbLrgCP6+2sdjVZF26jXXucfZV3HnyFDPNl3+Ly1gJA1V9 po6FXo4vhUAhheOu3bvx+AxHC+3MPXr2sbPIzFgsdWVlMZZgs7iQHm0vpG5XgX/1R7HM uaB2LcNX9H3hFAIUs5far5dgs4bABSaL6wq3YpIBJ9oouu+3iWESPGUWxZcrmcKHaNp1 kXlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=xSk7VUlXdBjZdOCMukIj9F0Tza954Uc/e0STIAsfUPQ=; b=VykWi7Guq/4m34WBKAyi1S8kYabei4giY9DGmlV6KDpgcLhF/eB1UVlEQrMwPTbmFT x04BSCGDw29FAjUXW3vbFGmEIZUfysIVia7k5Z8PH0reS7wO5JEOvjhvnwyHmI0h/kV7 kTxNTIZ/9R5BrY7zk2GXIjsY6+VfGKlYyLWxNtE0WDr23ZYUYi6MrMH8PIt0TANRY2kw lOyP3KH5fTOWczbdBiOFlP9icv0EKzJ3XMXFuDoVlsNdjLxL4pf+2S3o4h74VJPifo7t zuwefXPQa7zbBzW/vLxDzlbci1503F5GmtYgIx9dLovPFH13NgOjc7nUB7PCPHKBBEay QGLg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel-com.20210112.gappssmtp.com header.s=20210112 header.b=a9RdUW7z; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o3-20020a654583000000b0039cb8fe4bddsi8468349pgq.259.2022.04.29.14.31.49; Fri, 29 Apr 2022 14:32:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel-com.20210112.gappssmtp.com header.s=20210112 header.b=a9RdUW7z; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1378283AbiD2PW2 (ORCPT + 99 others); Fri, 29 Apr 2022 11:22:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50386 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1352753AbiD2PWZ (ORCPT ); Fri, 29 Apr 2022 11:22:25 -0400 Received: from mail-pl1-x636.google.com (mail-pl1-x636.google.com [IPv6:2607:f8b0:4864:20::636]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 41C0BD4CAE for ; Fri, 29 Apr 2022 08:19:06 -0700 (PDT) Received: by mail-pl1-x636.google.com with SMTP id h12so7396069plf.12 for ; Fri, 29 Apr 2022 08:19:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel-com.20210112.gappssmtp.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=xSk7VUlXdBjZdOCMukIj9F0Tza954Uc/e0STIAsfUPQ=; b=a9RdUW7z0muZ9KAQ/OmL0N5vXUXhmwSGWWNfWrF5NuiyyX7lFgwtD6Ycp8E9E9F4zw ncvulfSYWJzM1SyUd/huaBgkFSB2eEUGFjEPprZheO1lXo6l+uOHrQGlfDjATg9XlB8Z hw/R0LQ/w5TJl/x3zDWOcjiNFXfTB6THJr03Lgwehe8H0zbKzbYzBQ1vzsR/vYWhSAE2 rB3V9Fqyez/2VP3VE/JUOZkwo8id0Yq2zCatBtVU5zWJYKq2oIPbgudl1U42KjTeXad8 C5EDomTdHiByuUki3Sfb6pyvQLq1etL58FsTQLwGsk8gihniMAp2bktYrbB11Ue8EdiT 9ocQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=xSk7VUlXdBjZdOCMukIj9F0Tza954Uc/e0STIAsfUPQ=; b=FVJ11UXVqLpTMoTr+hwwoRZUQqS7AO7qMIq7LP57y+H3XC34JGWG8TCITrEPWUu01L Gjq7QY8bQN6Uxv9f+M+Iwo+0DJXXgMPFOosBMaPH+k9suzzZsKJn8vLgfuQ+k7F+bWZG BCOblgfcaFRBESTHCMGu6Po2Q5HRoVvfiOmVaFX/Z/op3SykqUleeIIocPryDWWjOH4E IlkBIZjNW/Mw5ZACSyfloKqRI0JH1BoRf6tqIsMEYwCp9zR6oDcjdTNi/eMJvMixP2MI OTFJEAjXE89DBVmYSVDQ/XT8Kz2zgar6Iai34WLKvARHb3LFjQ725hGZNMP9rUkLEQGm 1KrA== X-Gm-Message-State: AOAM533ZRXrCx/r59wAcukMrFpdI7JRf87Mw0mcLfC3EO/oiS2NIMxTz 52MI1zgio9LjuvxqiP4piWS48sjAECImGONf1wj6LA== X-Received: by 2002:a17:90b:4b01:b0:1d2:abf5:c83f with SMTP id lx1-20020a17090b4b0100b001d2abf5c83fmr4406744pjb.93.1651245545644; Fri, 29 Apr 2022 08:19:05 -0700 (PDT) MIME-Version: 1.0 References: <522e37eb-68fc-35db-44d5-479d0088e43f@intel.com> <92af7b22-fa8a-5d42-ae15-8526abfd2622@intel.com> In-Reply-To: <92af7b22-fa8a-5d42-ae15-8526abfd2622@intel.com> From: Dan Williams Date: Fri, 29 Apr 2022 08:18:54 -0700 Message-ID: Subject: Re: [PATCH v3 00/21] TDX host kernel support To: Dave Hansen Cc: Kai Huang , Linux Kernel Mailing List , KVM list , Sean Christopherson , Paolo Bonzini , "Brown, Len" , "Luck, Tony" , Rafael J Wysocki , Reinette Chatre , Peter Zijlstra , Andi Kleen , "Kirill A. Shutemov" , Kuppuswamy Sathyanarayanan , Isaku Yamahata Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Apr 29, 2022 at 7:39 AM Dave Hansen wrote: > > On 4/28/22 19:58, Dan Williams wrote: > > That only seems possible if the kernel is given a TDX capable physical > > address map at the beginning of time. > > TDX actually brings along its own memory map. The "EAS"[1]. has a lot > of info on it, if you know where to find it. Here's the relevant chunk: > > CMR - Convertible Memory Range - > A range of physical memory configured by BIOS and verified by > MCHECK. MCHECK verificatio n is intended to help ensure that a > CMR may be used to hold TDX memory pages encrypted with a > private HKID. > > So, the BIOS has the platform knowledge to enumerate this range. It > stashes the information off somewhere that the TDX module can find it. > Then, during OS boot, the OS makes a SEAMCALL (TDH.SYS.CONFIG) to the > TDX module and gets the list of CMRs. > > The OS then has to reconcile this CMR "memory map" against the regular > old BIOS-provided memory map, tossing out any memory regions which are > RAM, but not covered by a CMR, or disabling TDX entirely. > > Fun, eh? Yes, I want to challenge the idea that all core-mm memory must be TDX capable. Instead, this feels more like something that wants a hugetlbfs / dax-device like capability to ask the kernel to gather / set-aside the enumerated TDX memory out of all the general purpose memory it knows about and then VMs use that ABI to get access to convertible memory. Trying to ensure that all page allocator memory is TDX capable feels too restrictive with all the different ways pfns can get into the allocator.