Received: by 2002:a05:6358:e9c4:b0:b2:91dc:71ab with SMTP id hc4csp6377977rwb; Tue, 9 Aug 2022 14:18:37 -0700 (PDT) X-Google-Smtp-Source: AA6agR44oPXJH9QTNjIGJ8Kb+dpEoEU8/q4EeqL0rb9gsJ0VlD1PnbpWZ+4icP3VCRfqyPKHXYt2 X-Received: by 2002:a17:902:db0f:b0:16f:24e4:15ff with SMTP id m15-20020a170902db0f00b0016f24e415ffmr25104656plx.10.1660079917677; Tue, 09 Aug 2022 14:18:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1660079917; cv=none; d=google.com; s=arc-20160816; b=lhgyJEs8m3U/qYZWclqY+qQQYVvPCtv5zAzNxopOH+NomK5x2oRze0vFIRFJ/2JXVr IFLvndMBUHMlj6zqJiXs7REO1DJ+NjiJ292z4/qJeadteHxoZOrS/5EIENZn43dxQQwk hdS5IzGXWVZiVqJmzJjV8XwZhGFjM/3WPAYDczJu0iEJvtgsTkOr2qjSV/VyTUpvzc2t zp8ZuWBQDnd53tmsO5m0Qf5XVQ2KiB/aSmz2B1R0Njk1t8nvYFVU864yC5lLoVWlZqXr hpgA9MBm46fh1fSWMNxz69PpHAKKcoJ4kBzQzNWMtl+z7JH0BA0VOWY+BJjlaTumQ/3G +87w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=4AnOLC3meWulFDlunnxqr8ro1/97TD7nuiX27zsgi3w=; b=iGNfFhqorY0wgBizyIpJl/57nP6fcZlL2l3utGtxyWl3Nw5sc24KArJgjSQc9xIBHX 1rGPl4cpVIMxhUqBBH29ERqTJ41MTeDLKjsfzX/szAIZjykqgZ1nkJVu8SIVEIAf7Rad 2Bc2L04NqA6CWIP8wwQGVqNECSSonowZ+ip2tuygcV8+ZrAZ2MLmm2aBvLNk0czC7QcU Xo5TM6t2oremJNehacPqZQFygwMjTTWJBtUnRCLA+FpbK9y45Pp+LtADWsRtC5Air9py z+0tXolscmGswHsogLFpvciz5lSFZvbs1mPxDxouwjGhRKGGJdzB0Oal+9vUCf+WftAO C6LQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=NsJ2BZTY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y6-20020a17090aa40600b001f4f88c7f01si117731pjp.84.2022.08.09.14.18.24; Tue, 09 Aug 2022 14:18:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=NsJ2BZTY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229482AbiHIVJs (ORCPT + 99 others); Tue, 9 Aug 2022 17:09:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55434 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229546AbiHIVJ3 (ORCPT ); Tue, 9 Aug 2022 17:09:29 -0400 Received: from mail-yb1-xb32.google.com (mail-yb1-xb32.google.com [IPv6:2607:f8b0:4864:20::b32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6E46056BAF for ; Tue, 9 Aug 2022 14:09:25 -0700 (PDT) Received: by mail-yb1-xb32.google.com with SMTP id 204so20348759yba.1 for ; Tue, 09 Aug 2022 14:09:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=4AnOLC3meWulFDlunnxqr8ro1/97TD7nuiX27zsgi3w=; b=NsJ2BZTYrfxq6UgoEZX7cFaurvwf57FlPR++8OifPr2sNTUZQ5ptP/BMu38FsOwGjw lRPwqjEF2FELM29RAO6PCR2PGj9SE2siJGQvqUMCV1ySeEEnMmbMX9X95vPwVEMns8ea fCE3B7DkUIaaLPQlhs7KKL9mAxtsRgr2K21uJuNxiI6N3R+vgxM9mRXchkJiSToKafDO /X8fwRmEqel5qz/q/ln06VGZZLzsUCiFAC7rFg94E+7DM0VUc6Odfcy/QHblavevj7Bz Rf4ForjNKA2m3+Y2uIa+2Knapldn44WxYqdaRYAb6JNt1ETCRs7LKorphFBb+FbGIGHq 0O/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=4AnOLC3meWulFDlunnxqr8ro1/97TD7nuiX27zsgi3w=; b=VhZgVgZJgEmbqoVk8ipRRFQTVT7xyqRZbGn6GwHjJstehqPasX8Qm2V55PFwV20EZ3 EoKLZ/cwIExkfKdNYqgIqZKxdyGP3r8Cgp8JUoXqbO2idpTj2n22nhb4ygkjv3ylHzkh K8SjYnm/Kt5TYRgBwHP0JYK5fqyLD+IMHUsmpazK8eu4exd86TmgEB5qE6e6tV7l6/f3 JC8X2tLntpvBYl2mJ+sV0vBtUTR2Bb5ORN4md7eJUPM35JPc4+ZtBU+8SyyMUnq6gl3Y yDWhEPxNrL5J8YjucR09nUI+UDh7ybqbkp+GPemA6CZ0C3rwGK9qE8YvzxmfcOEJgz6/ ZCTA== X-Gm-Message-State: ACgBeo3rEnExsgZHi8fO1X7PyBuEsjenXLALkVVL8eapLmPuX0l7v/sS ylZ64DJJ6Vzcn6mEPlgUwKzulTQWzI5yTJDtdqu8qQ== X-Received: by 2002:a25:fb06:0:b0:677:5a84:9f61 with SMTP id j6-20020a25fb06000000b006775a849f61mr20527053ybe.560.1660079364031; Tue, 09 Aug 2022 14:09:24 -0700 (PDT) MIME-Version: 1.0 References: <22d54786-bc12-ecc5-2b37-cbaa56090aa8@intel.com> <20220809111436.kudwg2nprnnsfvuh@box.shutemov.name> <20220809115427.bmkbap434oupinq2@box.shutemov.name> In-Reply-To: <20220809115427.bmkbap434oupinq2@box.shutemov.name> From: Dionna Amalie Glaze Date: Tue, 9 Aug 2022 14:09:12 -0700 Message-ID: Subject: Re: [PATCHv7 00/14] mm, x86/cc: Implement support for unaccepted memory To: "Kirill A. Shutemov" Cc: Ard Biesheuvel , Dave Hansen , Marc Orr , Borislav Petkov , Peter Gonda , Andy Lutomirski , Sean Christopherson , Andrew Morton , Joerg Roedel , Andi Kleen , Kuppuswamy Sathyanarayanan , David Rientjes , Vlastimil Babka , Tom Lendacky , Thomas Gleixner , Peter Zijlstra , Paolo Bonzini , Ingo Molnar , Varad Gautam , Dario Faggioli , Mike Rapoport , David Hildenbrand , Marcelo Cerri , tim.gardner@canonical.com, Khalid ElMously , philip.cox@canonical.com, "the arch/x86 maintainers" , Linux Memory Management List , linux-coco@lists.linux.dev, linux-efi , LKML , "Yao, Jiewen" Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > > > > EFI is basically our existing embodiment of this fw/kernel negotiation > > > > thing, and iff we need it, I have no objection to using it for this > > > > purpose, i.e., to allow the firmware to infer whether or not it should > > > > accept all available memory on behalf of the OS before exiting boot > > > > services. But if we don't need this, even better. > > > > > > FW/kernel negotiation does not work if there's a boot loader in the middle > > > that does ExitBootServices(). By the time kernel can announce if it > > > supports unaccepted memory there's nobody to announce to. > > > > > > > Why would you want to support such bootloaders for TDX anyway? TDX > > heavily relies on measured boot abstractions and other things that are > > heavily tied to firmware. > > I don't understand it either. And, yet, there's demand for it. > I think there's no good solution for this bad upgrade path that the UEFI spec stuck us with, so I think I'm going to stick to what many folks have suggested: just have the host require external information. What this means is that at VM creation time, the user has to specify an extra flag that all memory has to be accepted in firmware before booting the guest OS. Failure to provide the flag leads to the unfortunate outcome that the VM only has access to the lower 4GB of RAM. We can only hope that the VM OOMs shortly after they start up the machine and the user reads an FAQ that they should add this flag. I'll do a round of appeals to distributions to include this patch set and AMD's follow-up that defines accept_memory for SEV-SNP to reduce the time that people need to know about this flag. -- -Dionna Glaze, PhD (she/her)