Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp6332049rwl; Tue, 4 Apr 2023 10:58:11 -0700 (PDT) X-Google-Smtp-Source: AKy350aozQAdal8/y2HsIyDweo8lqZ53zUDpXjs9Gxh0rq0LoyNDuJdE/ePHYMQuZkV8IBo5OVM7 X-Received: by 2002:a17:902:fa04:b0:1a0:76e8:a4d with SMTP id la4-20020a170902fa0400b001a076e80a4dmr171539plb.14.1680631091593; Tue, 04 Apr 2023 10:58:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680631091; cv=none; d=google.com; s=arc-20160816; b=B9GLe/zl8776PmYyB1iZyRAElC2LLpW7wlLXQIn7+lQ+nh4j0SEp9cc5jQ8X+Ncd+a Zb9AOND1JjCBM7XZF8IB8FgO+mwzJih7FCLWv6JxiRml40Td2BwINdaNeD1zZXM+0ee+ Er3R5vjoRHKr1K3e/Kuq6U+jG9Wd1pZyqtkhJRPBRwt3Z89DzISFhy4uuTU+Y8so6FbE /ieuiVqJP6FSZVAlENmswqaIwtY1guGOYzbrbE4qL9es4z+X1yPWpOHVXhYX7s/rG2EV G2hmhLedETQ/tCNiilh0EuoTgYS7C33xP95qGZp+MBl6Osdj553LfZAiNQM6rkVKf19w xA7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:feedback-id :dkim-signature:dkim-signature; bh=2+mKOd/D+OGq/iB3bIRF165wax6xoNQdOA3L1ENc7Vg=; b=URK+B0vzzGtKUtnlCeqOM7gviuNLQUGCCglTfgiq/2u3F549WeXMLCTz9oTLwGMdMz 6w8MGeG2K2YyxZwW8szDpL5gUBkCjM2ehFnl+SaJ0GlC5QZ1k4x0/5B91HFPzfUctR9x ovQ5miODFJEaQJwvX+Chi+XL092DYWlLH974dT2Kac2e4iwGEAt5kNO5HE/Tjf7+FskC ore/7pAegPpz5MzzX/jUjvwA0CmDZebvvcv0Wdx2ok1oqe48Jxc1eHIlE0zKcZBJz/uN xpK5663iaQ3cEZzg4RBYaBE+MnXCNJ/o/BWcMmK65MktY9WuW06YMys1DL2GB3vpvpEy 08hQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov.name header.s=fm1 header.b=GR5SQwiL; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=oSA9VAWY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 138-20020a630090000000b005141972cc58si1867262pga.280.2023.04.04.10.58.00; Tue, 04 Apr 2023 10:58:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov.name header.s=fm1 header.b=GR5SQwiL; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=oSA9VAWY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234830AbjDDRpS (ORCPT + 99 others); Tue, 4 Apr 2023 13:45:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35226 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231348AbjDDRpR (ORCPT ); Tue, 4 Apr 2023 13:45:17 -0400 Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5E0C6E5 for ; Tue, 4 Apr 2023 10:45:16 -0700 (PDT) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id 204353200A04; Tue, 4 Apr 2023 13:45:11 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Tue, 04 Apr 2023 13:45:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov.name; h=cc:cc:content-type:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm1; t=1680630310; x= 1680716710; bh=2+mKOd/D+OGq/iB3bIRF165wax6xoNQdOA3L1ENc7Vg=; b=G R5SQwiLhvoMF/3kzl4ZZfUdv4+NGH5D+c510pmAmxn3aMNsavOjGAb0d4iGhhAya vQm3HPqYw+g6WlVxQU7nVfzah7eNs7p7YtCM2SwsV35n1x0ajX2rjSYyjCIFHTNh 34sC6vr+8THvQvsaSmHAi4KbPFCcADy4wcY9rtYpdrct7M1ehJzgbi1WPLDRYZJG ecpjjkpwv2A7gW8RucjWEDSP3Sds/FlbN68p/L1qbdaaY/PRKGTRj2l8FfpbCqiY +HIhfW18mcpEHfloY0XDkM490r3XCmuoa2jchdD1KQHHdhtbCXpg3vdtN68vpuaN SIWuYW5RgzSBhYRdnnHmA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; t=1680630310; x=1680716710; bh=2+mKOd/D+OGq/ iB3bIRF165wax6xoNQdOA3L1ENc7Vg=; b=oSA9VAWYV7eDP4vevZajABFjzprAf FbhiJaqOxTFIOwmX8RhcHbPfS85x8xmASoe0969MwKHN2ctH5mJGtfPCdFji5ltP Jgv2tUJqzRKVquqGncYU8W7sMXsw6YwZ8PSS2TuBtLB1scEZEs67qfRu66Bz0E+q Uh/BXIBXFouEv/AD3pQ2rdiyIjdYU9kA+b5YFYvPAiPHBh00LVtyepWpKeajP6T8 gOq7+yXOxCwqVQAoBAmDubXR5Gw/Z7qxPyFgG2yUb4/S0AIGPlIpARajMLFCzeMr WHH/x+8UforfBvugkFOu1930LlQpcZzjzSSk0vKZFEic6mAFbUCquXCKA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrvdeiledguddujecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpeffhffvvefukfhfgggtuggjsehttddttddttddvnecuhfhrohhmpedfmfhi rhhilhhlucetrdcuufhhuhhtvghmohhvfdcuoehkihhrihhllhesshhhuhhtvghmohhvrd hnrghmvgeqnecuggftrfgrthhtvghrnhephfeigefhtdefhedtfedthefghedutddvueeh tedttdehjeeukeejgeeuiedvkedtnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrg hmpehmrghilhhfrhhomhepkhhirhhilhhlsehshhhuthgvmhhovhdrnhgrmhgv X-ME-Proxy: Feedback-ID: ie3994620:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 4 Apr 2023 13:45:09 -0400 (EDT) Received: by box.shutemov.name (Postfix, from userid 1000) id 7330C10C775; Tue, 4 Apr 2023 20:45:06 +0300 (+03) Date: Tue, 4 Apr 2023 20:45:06 +0300 From: "Kirill A. Shutemov" To: Tom Lendacky Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Michael Roth , Joerg Roedel , Dionna Glaze , Andy Lutomirski , Peter Zijlstra , Ard Biescheuvel , "Min M. Xu" , Gerd Hoffmann , James Bottomley , Jiewen Yao , Erdem Aktas , "Kirill A. Shutemov" Subject: Re: [PATCH v7 6/6] x86/efi: Safely enable unaccepted memory in UEFI Message-ID: <20230404174506.pjdikxvk2fsyy4au@box.shutemov.name> References: <20230330114956.20342-1-kirill.shutemov@linux.intel.com> <1d38d28c2731075d66ac65b56b813a138900f638.1680628986.git.thomas.lendacky@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1d38d28c2731075d66ac65b56b813a138900f638.1680628986.git.thomas.lendacky@amd.com> X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 04, 2023 at 12:23:06PM -0500, Tom Lendacky wrote: > From: Dionna Glaze > > The UEFI v2.9 specification includes a new memory type to be used in > environments where the OS must accept memory that is provided from its > host. Before the introduction of this memory type, all memory was > accepted eagerly in the firmware. In order for the firmware to safely > stop accepting memory on the OS's behalf, the OS must affirmatively > indicate support to the firmware. This is only a problem for AMD > SEV-SNP, since Linux has had support for it since 5.19. The other > technology that can make use of unaccepted memory, Intel TDX, does not > yet have Linux support, so it can strictly require unaccepted memory > support as a dependency of CONFIG_TDX and not require communication with > the firmware. > > Enabling unaccepted memory requires calling a 0-argument enablement > protocol before ExitBootServices. This call is only made if the kernel > is compiled with UNACCEPTED_MEMORY=y > > This protocol will be removed after the end of life of the first LTS > that includes it, in order to give firmware implementations an > expiration date for it. When the protocol is removed, firmware will > strictly infer that a SEV-SNP VM is running an OS that supports the > unaccepted memory type. At the earliest convenience, when unaccepted > memory support is added to Linux, SEV-SNP may take strict dependence in > it. After the firmware removes support for the protocol, this patch > should be reverted. > > [tl: address some checkscript warnings] > > Cc: Ard Biescheuvel > Cc: "Min M. Xu" > Cc: Gerd Hoffmann > Cc: James Bottomley > Cc: Tom Lendacky > Cc: Jiewen Yao > Cc: Erdem Aktas > Cc: "Kirill A. Shutemov" > Cc: Dave Hansen > Cc: Borislav Petkov > Signed-off-by: Dionna Glaze > Signed-off-by: Tom Lendacky I still think it is a bad idea. As I asked before, please include my Nacked-by: Kirill A. Shutemov into the patch. -- Kiryl Shutsemau / Kirill A. Shutemov