Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp714122rwl; Wed, 5 Apr 2023 06:52:59 -0700 (PDT) X-Google-Smtp-Source: AKy350aqmImPfpHii1vJC40Wp55vZBM6Hs5+aSSDgWjLmxCz8QnXpqGaZ1yu2t2uPbEbjvcivAoB X-Received: by 2002:a17:903:2850:b0:1a0:6e4:4931 with SMTP id kq16-20020a170903285000b001a006e44931mr6108089plb.31.1680702779071; Wed, 05 Apr 2023 06:52:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680702779; cv=none; d=google.com; s=arc-20160816; b=WsdKRgll/WMiMu3KSpTFOspKQ1K3mHCx9XrfEtnGe2b0z96F44U2V8yFGqy1O1aAkt 7ChnZywE3X7j7XPX1B0p6MWQ7Z2laYoTYa3ngY99Gb7fHbIS+mBAPVc9TpVYu1iaQZye 7VSE16d2WCmGPa+cO6t4HOmWM/CcwYdUWJFM5AluPcFGY17NTfsONeCj4dmVrM4+hzI0 c2jDkvb78S+v0crpvGQRRK5+snEsyxKYpuXpOO5DAzLrZXG744nxGN1PAHHROguUdgRz S+aYVTqAws7VaGb4sdS9nHJx5Kv0f0tsrcWgYtiI/HzJMQbmll8UroiTHjiXzKDNK8uW 4LiQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=AhjWllCnnTB7d3PAzlCQ7/znaNtsQJ5FZ03PlDgucTY=; b=w4DhYagMRr3lhAUa5UfdeOWNgdKWBWt7o6oLZAXYO4Pe3husmBeckjxsB2McT0tOPM je4/sMlR8g67n6D7qb80wQQ3/1TLhOv+5P7qE3TXRowLMwFTXP6dxGJ6dSBRWOd71vqB 6KnkllHu4jSekIAfIdLFAIY0I08QiZniYMwmUrUDIaGPQJgxI0n6xYSV16xoAbyBtQ2z ggvsSTkTrIAfNUEFCbtgiQTtBoJaviv5VmDNktvYoUAixXJ8KYmaa8g4D1f/EaVXamze EwHSMToaXYviyqVRwlti7UNTjxqtsbYxnKiof45QLCpw+YxWadHLKAe/jYeTTb8Aofnp R3Hw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=PgwwztpN; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x11-20020a170902ec8b00b001a280c44238si12988034plg.204.2023.04.05.06.52.41; Wed, 05 Apr 2023 06:52:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=PgwwztpN; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237800AbjDENog (ORCPT + 99 others); Wed, 5 Apr 2023 09:44:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55214 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237184AbjDENoe (ORCPT ); Wed, 5 Apr 2023 09:44:34 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1304261B3 for ; Wed, 5 Apr 2023 06:44:20 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 821D0628B4 for ; Wed, 5 Apr 2023 13:44:19 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id EB38BC433D2 for ; Wed, 5 Apr 2023 13:44:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1680702259; bh=FS+AGi5qUs6DfUvOjsQUAC8iTrpMCMFw7bPCXSd8rcg=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=PgwwztpNsMIU0+xlaOl2RbS12B6Kq63ZTS+YsEPOmpPbUkAnR2bLA6pM7i9lRyC16 eJg5jLiGTb2ClSs4kDM3fCDbTTOyStPaZQBYyjd5U3EBoDXLtdnr7VOgrkNGdCFkfK HAra0vTxAW1tUapyPfKuFS+Z81MUjahZnJMfCdl1c42C9Kg6w3bxRV7jSmai9dM/XJ IqHGnisEpYSPne+aT9BHC0GQu8wY5Ff/o6eDOxS1RAWusprc/+ioZuuwhqg4/y5NVA QYWSVb2Qb1O0E/g4QrqfHxiqTsgrubu2Mi0mbLu082ivGLP3hhfil6HY+ucVssMuRf 9i5fKxNSnmqkg== Received: by mail-lf1-f53.google.com with SMTP id h11so39733231lfu.8 for ; Wed, 05 Apr 2023 06:44:18 -0700 (PDT) X-Gm-Message-State: AAQBX9eQtFMC955Yniqx7hN+ey5LcDV4RnSW1f6uucgj04BcfvmVbTpU qK0facAAiEDvz+uB3oDUZa8x+DQRBdAgp3tgtK4= X-Received: by 2002:ac2:43ce:0:b0:4e9:8c46:32ad with SMTP id u14-20020ac243ce000000b004e98c4632admr1900972lfl.9.1680702256857; Wed, 05 Apr 2023 06:44:16 -0700 (PDT) MIME-Version: 1.0 References: <20230330114956.20342-1-kirill.shutemov@linux.intel.com> <1d38d28c2731075d66ac65b56b813a138900f638.1680628986.git.thomas.lendacky@amd.com> <20230404174506.pjdikxvk2fsyy4au@box.shutemov.name> <20230404180917.4fsgkzcdhqvph6io@box.shutemov.name> <20230404202445.6qkl7hz67qgievqz@box.shutemov.name> <20230404210153.tll2mojlglx4rfsa@box.shutemov.name> In-Reply-To: From: Ard Biesheuvel Date: Wed, 5 Apr 2023 15:44:05 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v7 6/6] x86/efi: Safely enable unaccepted memory in UEFI To: Dave Hansen Cc: "Kirill A. Shutemov" , Tom Lendacky , linux-kernel@vger.kernel.org, x86@kernel.org, Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Michael Roth , Joerg Roedel , Dionna Glaze , Andy Lutomirski , Peter Zijlstra , "Min M. Xu" , Gerd Hoffmann , James Bottomley , Jiewen Yao , Erdem Aktas , "Kirill A. Shutemov" Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.5 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 5 Apr 2023 at 15:00, Dave Hansen wrote: > > On 4/5/23 00:46, Ard Biesheuvel wrote: > > Once the firmware stops exposing this protocol (and ceases to accept > > memory on the OS's behalf), we can phase it out from the kernel as > > well. > > This is a part of the story that I have doubts about. > > How and when do you think this phase-out would happen, realistically? > > The firmware will need the unaccepted memory protocol support as long as > there are guests around that need it, right? > Current firmware will accept all memory on behalf of the OS unless the OS invokes the protocol to prevent it from doing so. Future firmware will simply never accept all memory on behalf of the OS, and not expose the protocol at all. So the difference of opinion mainly comes down to whether or not the intermediate, first step is needed or not. Unenlightened OS kernels will not invoke the protocol, and will therefore need current firmware in order to see all of their memory. Enlightened OS kernels will invoke the protocol unless it does not exist, and so will be able to accept their memory lazily both on current and future firmware. We will be able to move to future firmware once we no longer need to support unenlightened kernels. > People like to keep running old kernels for a _long_ time. Doesn't that > mean _some_ firmware will need to keep doing this dance for a long time? > Yes. > As long as there is firmware out there in the wild that people want to > run new kernels on, the support needs to stay in mainline. It can't be > dropped. The penalty for not calling the protocol on firmware that implements it is a much slower boot, but everything works as it should beyond that. Given that the intent here is to retain compatibility with unenlightened workloads (i.e., which do not upgrade their kernels), I think it is perfectly reasonable to drop this from mainline at some point.