Received: by 2002:a05:7412:1e0b:b0:fc:a2b0:25d7 with SMTP id kr11csp603491rdb; Thu, 15 Feb 2024 09:28:49 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCUGUKQIe2u51OFJ08OvX04KhW37btDtHGdjkT+bmkCiAo2AB4qS205SRGFNgrD2RmGkSF6lAxFNqsB84XEQzPUXPu6Yh9USoNfR9XXd2w== X-Google-Smtp-Source: AGHT+IFoJA/bsrP/Fae5rKB05DwcEuTbH+i8szAkWj19GYV21FNQbmEbdD1WIsf3wpuulcDpE0tx X-Received: by 2002:a05:6402:290d:b0:563:c869:bf13 with SMTP id ee13-20020a056402290d00b00563c869bf13mr803812edb.24.1708018128951; Thu, 15 Feb 2024 09:28:48 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708018128; cv=pass; d=google.com; s=arc-20160816; b=XfO4X0Ui1NMV1niF6usxtk9bZymNhrxcIEirS2M1I8z92VT8zUwtaR4SG0nfJ+29rk LBYDmrQCkq2xRz5xDAUrE5o0sK29RcvJTV1c12b8laArhSNCqNzNZOfmPTXqDFKI0Ct6 bUIwxmke1TxZ4vgcvkGZwZLy+b83bx5LPdj2xxahvNptp9azCyiiEyGcing/pEBPwRmB GvZPKTbR5oTCg40/ltI+Hv4T5pl9RTh+18cDOTwE715gHIeXtNVTOKkXCQ64Zm2pqHbX bljUuBN7U7sno4dZ6GiZay11c7HiD13q9A9tZftvn6RA2oxLxVRbjiQROTCW/NAyRVUG 1vHg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=dHZd5Ku4cKnaQTeuYbLj3B5g+jqGKkqQ49mVjgl6HnE=; fh=WciJwFsIF97rVAUyPc3qvXTozdlfueXg/KogfrJZwhI=; b=YcBD5sriNP8J9fIl0AI7BlFCoAbqCQOh6130UDJfCW1rnbkDYM9kmAsX0l14vceC8s 4l1dwLvGEzbN6Lf3QTM1wC7rsh6KoHExuSmvkIUUoeimU90d911e+gJPwzQndKQTW/ET waRaxiL7czXuWONlfxSAUfTEXMODYAKLibdptpjY2A+dKuCZsZl/QWNhNxZ8muhJNzny gE/YX2SsLNi86xOcq2vO93g2MnLueCWty2rOK/BAldaNIWVTsfXtWjD3pC2aLEgL0EZL xkBMfWDKKI4DpHr/88eFs3VQODoKFHNvpDB4gaDGTE+WNNi8P/tfd3bsyfb+bVbtO0ZE VYqw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=UGTeqnfO; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-67407-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-67407-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id l25-20020a056402345900b00561cb3c8c20si786637edc.246.2024.02.15.09.28.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Feb 2024 09:28:48 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-67407-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=UGTeqnfO; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-67407-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-67407-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id B01AE1F25ACB for ; Thu, 15 Feb 2024 17:28:48 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 78EBA1369A8; Thu, 15 Feb 2024 17:28:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="UGTeqnfO" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DE218132491 for ; Thu, 15 Feb 2024 17:28:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708018116; cv=none; b=NF4zGvfkOrWnP27zpeVd/0Wur5C5sv5rqj2oDzHjUlHivwCatOAa9iEkjxinZg2R/R4hBmCV8qcAxnKq0lhZLxfvJGMySTZW2+g2dZGX+Fzov5lSCTHl519j3DSgCpc5e12ynIcVDh8MW66HAj+2EDXqUlwEd43B2WWdJfnM2AE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708018116; c=relaxed/simple; bh=dHZd5Ku4cKnaQTeuYbLj3B5g+jqGKkqQ49mVjgl6HnE=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=Ae6ghg21wMTkPYdBRZ284ojKxVl8R+ogtI8+Tq5B5ypRXC99sAXPKXNkmyIwjWVwlPkf7e/qSZ/In2LFq9n5liASanmNjmXXSiy0qraXdsqC9mFrh4ZQLGEjP0NQsYVBa0SreQ1LcRP6JMArx30lcL9SbqovYqyxel9nmOVebXQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=UGTeqnfO; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1708018113; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=dHZd5Ku4cKnaQTeuYbLj3B5g+jqGKkqQ49mVjgl6HnE=; b=UGTeqnfOU6UN/QnX6fGbGHtT/Nphp7RmuYSETZrssDJqF67kzTyagCL0XrUHwXJ8Gs4GH/ zyiXiL0jbkLKg4rm0IVJbDRnlUjmeWE8peEGQcX+VAzheyR3oUUUdoAqInJs2o/ZheBjvs +QPAYcYX8KTpWId6TBSQTVb3aG8cbxo= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-621-KI0RZET6PaeJJiZymEt7oA-1; Thu, 15 Feb 2024 12:28:32 -0500 X-MC-Unique: KI0RZET6PaeJJiZymEt7oA-1 Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-410727c32bdso5501665e9.1 for ; Thu, 15 Feb 2024 09:28:32 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708018111; x=1708622911; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dHZd5Ku4cKnaQTeuYbLj3B5g+jqGKkqQ49mVjgl6HnE=; b=ipmpsXw+24Hh4D5mgB+T5PsbTWscLewTRydAqKRFKAiMA6PIv+Ri04VIf0kLEjsH0o zfyAYBbXvjyT526I2jNZwa08Wh5iMlduV0n0wYtLv3gxVKPiSMRg6UUn0dws2mMethME 5vCU934u0mC1efwJU7W0Zw1i/l+taxuVTRW9S5OKaQmJ2byYHsXuIAbcmmJmK2F3qevW MYslcbs696dD0wHTyyCDEfrvxhmjnt87X+s5NM9eBhDRQQjR+Ajz3h8/tNds8a8o4owZ kicGe6+Pu5Ykuwqk9l7/Lva96mPvNQHbwgPVJm9hUJhGwcs7rlKJeVCz2xM9QlTdg0Ra QIEA== X-Gm-Message-State: AOJu0YxhaJhlz+RXttLokItBNqAyIIWpsd+bXeBgxg9Mmpa4VaYZTJF+ cE9G+8dPR9sB/3AJiMHpEo0KgXOwgj7kMbyHT7kjY1Pnk+2K5VbypDhgbz6k4orzv6JkdtxAaEK +PoSstr8XtIrcM8GWuk0KQ4q/g+eCJMINu7dNIKlHi17pdUAuYV2sQRyzfbTxl9CEzn5pfE7G0b uhkN23Q8308TzTH+MxuYKPwSVeF3PgLFWdFBJB X-Received: by 2002:adf:e70a:0:b0:33b:697c:1fc6 with SMTP id c10-20020adfe70a000000b0033b697c1fc6mr1728116wrm.20.1708018111229; Thu, 15 Feb 2024 09:28:31 -0800 (PST) X-Received: by 2002:adf:e70a:0:b0:33b:697c:1fc6 with SMTP id c10-20020adfe70a000000b0033b697c1fc6mr1728104wrm.20.1708018110911; Thu, 15 Feb 2024 09:28:30 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240209183743.22030-1-pbonzini@redhat.com> <20240209183743.22030-10-pbonzini@redhat.com> <20240215013415.bmlsmt7tmebmgtkh@amd.com> <20240215144422.st2md65quv34d4tk@amd.com> In-Reply-To: <20240215144422.st2md65quv34d4tk@amd.com> From: Paolo Bonzini Date: Thu, 15 Feb 2024 18:28:18 +0100 Message-ID: Subject: Re: [PATCH 09/10] KVM: SEV: introduce KVM_SEV_INIT2 operation To: Michael Roth Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, seanjc@google.com, aik@amd.com, isaku.yamahata@intel.com, thomas.lendacky@amd.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, Feb 15, 2024 at 3:44=E2=80=AFPM Michael Roth = wrote: > What I mean is that if userspace is modified for these checks, it's > reasonable to also inform them that only VMSA features present in > those older kernels (i.e. debug-swap) will be available via KVM_SEV_INIT, > and for anything else they will need to use KVM_SEV_INIT. > > That way we can provide clear documentation on what to expect regarding > VMSA features for KVM_SEV_INIT and not have to have the "undefined" > wording: it'll never use anything other than debug-swap depending on the > module param setting. Ah, I agree. > That seems reasonable, but the main thing I was hoping to avoid was > another round of VMSA features changing out from underneath the covers > again. The module param setting is something we've needed to convey > internally/externally a good bit due to the fallout and making this > change would lead to another repeat. Not the end of the world but would > be nice to avoid if possible. The fallout was caused by old kernels not supporting debug-swap and now by failing measurements. As far as I know there is no downside of leaving it disabled by default, and it will fix booting old guest kernels. Paolo