Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp3052925rdb; Mon, 4 Dec 2023 15:39:19 -0800 (PST) X-Google-Smtp-Source: AGHT+IFxmKCzn5FwzT68vNRct2UQe+Qg/Wd9ruGwkB0derIF1n/0W+5NjRVXTcjwCRYu5ztfmcLT X-Received: by 2002:a05:6808:23d6:b0:3b8:b6f6:4f62 with SMTP id bq22-20020a05680823d600b003b8b6f64f62mr4220761oib.61.1701733159392; Mon, 04 Dec 2023 15:39:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701733159; cv=none; d=google.com; s=arc-20160816; b=S8HgeSHvxsyvSNOsrkUYRpZYW9FdZeWk5CmEsDkhm79hdYfHiht8Cxag+GBo05JaLV CqRgk0e/mZ0Ky8OCoEz8LRK+6/Fyx8ovvvDBbre7eGEPaUrc/Cw9mJLv7Ep/4PVX2uTo K8Yo0USz0tGggdIBGohr5e/T9q706xvOFvSiLZPrbf2M1laAipT6gmax1PeM1xV9BmIb NC3ZdT4IgN8BtwID0qbnguKhNsMYk1H0wMdxOB83m9+WZYtq5oRfBXTrSCsx7+sU2wsG TJKGHQc3O1FCwGDVUKJcI3yH83XNbSPFLjdKvOHoj2/LMU2/3Kzx+3tvAxcxhy9c6tgb jAng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:autocrypt :from:references:cc:to:content-language:subject:user-agent :mime-version:date:message-id:dkim-signature; bh=pFNHh3JGIDq38/tNRGPfpJabWhN1GoD1PClubeyEFhY=; fh=c1IjCgTD4xDaZ1cS4x/57ftxpgYj+JaiuMtYVIJaNP8=; b=RLS0IyRUMjdHwhKTUcvcqaSUqAjIT5xwJlFMQd5b5DN9jHElSpheIFjbVaD0DkDgYS UcQ6DtyZM8IeZqynKy7fki/iLA2+9uRBw10R8dhc5QnUETlIXaBUszrsqAB4TqZnGTzO XT4HUmINOj2g96LQynNyash407sFB/drICAUKu3y/zy6b/hLRexE3d6ekaskiV0BuqXD oWlLGBP6x2uB32UwmNUk1u1mZVkUbVlo1TWtlqgFq49qQ+qwbm3KpgFrGMpQ93a+DPCO eF1OmiPhvvoapjezv1sGjs2PLgCkCpaiLaZ82HxVLCuBQ1CznnBbo7BFTLAFYa3oD2pu y/kQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=DA2tD3wi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from pete.vger.email (pete.vger.email. [2620:137:e000::3:6]) by mx.google.com with ESMTPS id v13-20020a655c4d000000b005be264316d6si8293779pgr.598.2023.12.04.15.39.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Dec 2023 15:39:19 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) client-ip=2620:137:e000::3:6; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=DA2tD3wi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id EDA3B8039DCD; Mon, 4 Dec 2023 15:39:16 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229847AbjLDXjD (ORCPT + 99 others); Mon, 4 Dec 2023 18:39:03 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41566 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229668AbjLDXjB (ORCPT ); Mon, 4 Dec 2023 18:39:01 -0500 Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 45E5DC3; Mon, 4 Dec 2023 15:39:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1701733148; x=1733269148; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=Ng8WuUy2oOVp5gipxCg4vh0wElvDGg5aQyTzHiU/fY0=; b=DA2tD3wiOehpipEsRCSksJu4w1Xh4U/SqgjKHNm1J085H6lOhXBciZN0 Odf7UCJmgdmGFZbCJGq6VZSP3zZ2nQHjxvu5UrzpTjIPr11LGC+8FfjRq izmEhF/Ar5E6jvMYBSZBbl7229Q3zJcspEHkWz2DZbGhpTPeTbQ8pScmU 9FuIUy518RH7S7ika4bXZDhGYRpLT4lM5E1/lmAYjnZxap9yYl96AtCGC HzFxakGFJOI8S1KC19NIVre6NkVn0iSJ+lhtDNP7SHd8N5XCXIc/xtl33 4cLWI8tKEeHeZPWQzsDmik3IHSnbtCF6Fjc4XIF5bou1vbYXuVtNOlxNE g==; X-IronPort-AV: E=McAfee;i="6600,9927,10914"; a="373260563" X-IronPort-AV: E=Sophos;i="6.04,251,1695711600"; d="scan'208";a="373260563" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Dec 2023 15:39:07 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.04,251,1695711600"; d="scan'208";a="17328184" Received: from gauravs1-mobl.amr.corp.intel.com (HELO [10.209.53.199]) ([10.209.53.199]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Dec 2023 15:39:07 -0800 Message-ID: <1a5b18b2-3072-46d9-9d44-38589cb54e40@intel.com> Date: Mon, 4 Dec 2023 15:39:06 -0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v15 22/23] x86/mce: Improve error log of kernel space TDX #MC due to erratum Content-Language: en-US To: "Huang, Kai" , "kvm@vger.kernel.org" , "linux-kernel@vger.kernel.org" Cc: "rafael@kernel.org" , "Gao, Chao" , "Luck, Tony" , "david@redhat.com" , "bagasdotme@gmail.com" , "ak@linux.intel.com" , "kirill.shutemov@linux.intel.com" , "mingo@redhat.com" , "seanjc@google.com" , "pbonzini@redhat.com" , "tglx@linutronix.de" , "Yamahata, Isaku" , "nik.borisov@suse.com" , "hpa@zytor.com" , "sagis@google.com" , "imammedo@redhat.com" , "peterz@infradead.org" , "bp@alien8.de" , "Brown, Len" , "sathyanarayanan.kuppuswamy@linux.intel.com" , "Huang, Ying" , "Williams, Dan J" , "x86@kernel.org" References: <9e80873fac878aa5d697cbcd4d456d01e1009d1f.1699527082.git.kai.huang@intel.com> <9b221937-42df-4381-b79f-05fb41155f7a@intel.com> From: Dave Hansen Autocrypt: addr=dave.hansen@intel.com; keydata= xsFNBE6HMP0BEADIMA3XYkQfF3dwHlj58Yjsc4E5y5G67cfbt8dvaUq2fx1lR0K9h1bOI6fC oAiUXvGAOxPDsB/P6UEOISPpLl5IuYsSwAeZGkdQ5g6m1xq7AlDJQZddhr/1DC/nMVa/2BoY 2UnKuZuSBu7lgOE193+7Uks3416N2hTkyKUSNkduyoZ9F5twiBhxPJwPtn/wnch6n5RsoXsb ygOEDxLEsSk/7eyFycjE+btUtAWZtx+HseyaGfqkZK0Z9bT1lsaHecmB203xShwCPT49Blxz VOab8668QpaEOdLGhtvrVYVK7x4skyT3nGWcgDCl5/Vp3TWA4K+IofwvXzX2ON/Mj7aQwf5W iC+3nWC7q0uxKwwsddJ0Nu+dpA/UORQWa1NiAftEoSpk5+nUUi0WE+5DRm0H+TXKBWMGNCFn c6+EKg5zQaa8KqymHcOrSXNPmzJuXvDQ8uj2J8XuzCZfK4uy1+YdIr0yyEMI7mdh4KX50LO1 pmowEqDh7dLShTOif/7UtQYrzYq9cPnjU2ZW4qd5Qz2joSGTG9eCXLz5PRe5SqHxv6ljk8mb ApNuY7bOXO/A7T2j5RwXIlcmssqIjBcxsRRoIbpCwWWGjkYjzYCjgsNFL6rt4OL11OUF37wL QcTl7fbCGv53KfKPdYD5hcbguLKi/aCccJK18ZwNjFhqr4MliQARAQABzUVEYXZpZCBDaHJp c3RvcGhlciBIYW5zZW4gKEludGVsIFdvcmsgQWRkcmVzcykgPGRhdmUuaGFuc2VuQGludGVs LmNvbT7CwXgEEwECACIFAlQ+9J0CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEGg1 lTBwyZKwLZUP/0dnbhDc229u2u6WtK1s1cSd9WsflGXGagkR6liJ4um3XCfYWDHvIdkHYC1t MNcVHFBwmQkawxsYvgO8kXT3SaFZe4ISfB4K4CL2qp4JO+nJdlFUbZI7cz/Td9z8nHjMcWYF IQuTsWOLs/LBMTs+ANumibtw6UkiGVD3dfHJAOPNApjVr+M0P/lVmTeP8w0uVcd2syiaU5jB aht9CYATn+ytFGWZnBEEQFnqcibIaOrmoBLu2b3fKJEd8Jp7NHDSIdrvrMjYynmc6sZKUqH2 I1qOevaa8jUg7wlLJAWGfIqnu85kkqrVOkbNbk4TPub7VOqA6qG5GCNEIv6ZY7HLYd/vAkVY E8Plzq/NwLAuOWxvGrOl7OPuwVeR4hBDfcrNb990MFPpjGgACzAZyjdmYoMu8j3/MAEW4P0z F5+EYJAOZ+z212y1pchNNauehORXgjrNKsZwxwKpPY9qb84E3O9KYpwfATsqOoQ6tTgr+1BR CCwP712H+E9U5HJ0iibN/CDZFVPL1bRerHziuwuQuvE0qWg0+0SChFe9oq0KAwEkVs6ZDMB2 P16MieEEQ6StQRlvy2YBv80L1TMl3T90Bo1UUn6ARXEpcbFE0/aORH/jEXcRteb+vuik5UGY 5TsyLYdPur3TXm7XDBdmmyQVJjnJKYK9AQxj95KlXLVO38lczsFNBFRjzmoBEACyAxbvUEhd GDGNg0JhDdezyTdN8C9BFsdxyTLnSH31NRiyp1QtuxvcqGZjb2trDVuCbIzRrgMZLVgo3upr MIOx1CXEgmn23Zhh0EpdVHM8IKx9Z7V0r+rrpRWFE8/wQZngKYVi49PGoZj50ZEifEJ5qn/H Nsp2+Y+bTUjDdgWMATg9DiFMyv8fvoqgNsNyrrZTnSgoLzdxr89FGHZCoSoAK8gfgFHuO54B lI8QOfPDG9WDPJ66HCodjTlBEr/Cwq6GruxS5i2Y33YVqxvFvDa1tUtl+iJ2SWKS9kCai2DR 3BwVONJEYSDQaven/EHMlY1q8Vln3lGPsS11vSUK3QcNJjmrgYxH5KsVsf6PNRj9mp8Z1kIG qjRx08+nnyStWC0gZH6NrYyS9rpqH3j+hA2WcI7De51L4Rv9pFwzp161mvtc6eC/GxaiUGuH BNAVP0PY0fqvIC68p3rLIAW3f97uv4ce2RSQ7LbsPsimOeCo/5vgS6YQsj83E+AipPr09Caj 0hloj+hFoqiticNpmsxdWKoOsV0PftcQvBCCYuhKbZV9s5hjt9qn8CE86A5g5KqDf83Fxqm/ vXKgHNFHE5zgXGZnrmaf6resQzbvJHO0Fb0CcIohzrpPaL3YepcLDoCCgElGMGQjdCcSQ+Ci FCRl0Bvyj1YZUql+ZkptgGjikQARAQABwsFfBBgBAgAJBQJUY85qAhsMAAoJEGg1lTBwyZKw l4IQAIKHs/9po4spZDFyfDjunimEhVHqlUt7ggR1Hsl/tkvTSze8pI1P6dGp2XW6AnH1iayn yRcoyT0ZJ+Zmm4xAH1zqKjWplzqdb/dO28qk0bPso8+1oPO8oDhLm1+tY+cOvufXkBTm+whm +AyNTjaCRt6aSMnA/QHVGSJ8grrTJCoACVNhnXg/R0g90g8iV8Q+IBZyDkG0tBThaDdw1B2l asInUTeb9EiVfL/Zjdg5VWiF9LL7iS+9hTeVdR09vThQ/DhVbCNxVk+DtyBHsjOKifrVsYep WpRGBIAu3bK8eXtyvrw1igWTNs2wazJ71+0z2jMzbclKAyRHKU9JdN6Hkkgr2nPb561yjcB8 sIq1pFXKyO+nKy6SZYxOvHxCcjk2fkw6UmPU6/j/nQlj2lfOAgNVKuDLothIxzi8pndB8Jju KktE5HJqUUMXePkAYIxEQ0mMc8Po7tuXdejgPMwgP7x65xtfEqI0RuzbUioFltsp1jUaRwQZ MTsCeQDdjpgHsj+P2ZDeEKCbma4m6Ez/YWs4+zDm1X8uZDkZcfQlD9NldbKDJEXLIjYWo1PH hYepSffIWPyvBMBTW2W5FRjJ4vLRrJSUoEfJuPQ3vW9Y73foyo/qFoURHO48AinGPZ7PC7TF vUaNOTjKedrqHkaOcqB185ahG2had0xnFsDPlx5y In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Mon, 04 Dec 2023 15:39:17 -0800 (PST) On 12/4/23 15:24, Huang, Kai wrote: > On Mon, 2023-12-04 at 14:04 -0800, Hansen, Dave wrote: ... > In ancient time KVM used to immediately enable VMX when it is loaded, but later > it was changed to only enable VMX when there's active VM because of the above > reason. > > See commit 10474ae8945ce ("KVM: Activate Virtualization On Demand"). Fine. This doesn't need to change ... until you load TDX. Once you initialize the TDX module, no more out-of-tree VMMs for you. That doesn't seem too insane. This is yet *ANOTHER* reason that doing dynamic TDX module initialization is a good idea. >> It's not wrong to say that TDX is a >> KVM user. If KVm wants 'kvm_usage_count' to go back to 0, it can shut >> down the TDX module. Then there's no PAMT to worry about. >> >> The shutdown would be something like: >> >> 1. TDX module shutdown >> 2. Deallocate/Convert PAMT >> 3. vmxoff >> >> Then, no SEAMCALL failure because of vmxoff can cause a PAMT-induced #MC >> to be missed. > > The limitation is once the TDX module is shutdown, it cannot be initialized > again unless it is runtimely updated. > > Long-termly, if we go this design then there might be other problems when other > kernel components are using TDX. For example, the VT-d driver will need to be > changed to support TDX-IO, and it will need to enable TDX module much earlier > than KVM to do some initialization. It might need to some TDX work (e.g., > cleanup) while KVM is unloaded. I am not super familiar with TDX-IO but looks > we might have some problem here if we go with such design. The burden for who does vmxon will simply need to change from KVM itself to some common code that KVM depends on. Probably not dissimilar to those nutty (sorry folks, just calling it as I see 'em) multi-KVM module patches that are floating around.