Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp2879841pxb; Tue, 24 Aug 2021 09:43:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyU6bhnwRmCp1gWPCuZ1nZ4Hb1h7cTETMXZ9IcmXynmNXp8kB9qvB2E3MP2Kh/U8UyhxuO/ X-Received: by 2002:a02:860d:: with SMTP id e13mr35772075jai.12.1629823390582; Tue, 24 Aug 2021 09:43:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629823390; cv=none; d=google.com; s=arc-20160816; b=g5KmNwCAk2lBUTGWTaPLI5qjQanHn3eDroApeklNOgl8naKbOgxunDZDOP5QpXmEWe LQl7yaI+hrtUXXzRSOahbz4ykEFSSEjFzy4wIzMisa1qQg43KHRxGhptffCsUMcI1dnC pWSJkdk4kYklsOQsMTumFqWcdWufyZ81MQUNeQWCa+XbPtmKVJ71+Mi4t0Tw30sSw8D1 WHO30nFhmR4DOwJ7gpcEZAPpCeJp1RHTARFyZOXwe29Brcz+YnlyRlZodwklmg2P8qBf ewa4PANrWRYInLDriwlVR2bgyvtJC7tiiSdf+szy+/SDxHS8YZ9AGoZsYBZFZ2W0eheb mgoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature :dkim-signature; bh=isWYk1M9QNpuXO9FuRvRqheKfZRsPlpGtIepCxZVGoc=; b=s3tsfoj3uzAzDvs1WgI3HSppjRTixfPyoxv2ID7/plTsh9sQTYAxiFGc2YJ08pAUxk T5LWNsikvJ3xX58RXI7cZXdF445x4bbWCFMhe9ZKz6xDoCfWT/4dofi/KqSPFV1pgAZp nxtMDC8rZHNTf3SlZNzQP5WyfqtlNvjmdgd+EzmtNO/duCYTjK66NcIi+ZgbpV6Vki5Z xFOEDiWOdDvd7m8cPR/egMoJY0C6KhNS0ZOfVG8y4Luz84EwxUlro+mJEm0/KBUE5q7s 8ERRQNYSVMzTCM7+vJYdYCfDIEFK/lH+QR08h0FILMLxu+o5cTA/XwyNe/44qrorhueU TpFg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b="ojV0qS4/"; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v16si18298596jal.55.2021.08.24.09.42.58; Tue, 24 Aug 2021 09:43:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b="ojV0qS4/"; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229830AbhHXQnc (ORCPT + 99 others); Tue, 24 Aug 2021 12:43:32 -0400 Received: from smtp-out1.suse.de ([195.135.220.28]:43402 "EHLO smtp-out1.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229521AbhHXQnb (ORCPT ); Tue, 24 Aug 2021 12:43:31 -0400 Received: from imap1.suse-dmz.suse.de (imap1.suse-dmz.suse.de [192.168.254.73]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 205B322135; Tue, 24 Aug 2021 16:42:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1629823366; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=isWYk1M9QNpuXO9FuRvRqheKfZRsPlpGtIepCxZVGoc=; b=ojV0qS4/TobfqUQVIHzqulopYKzhfr7YeAuLUlQffqxwVTww6GuHwASrtXltT8+6v3Q0pX QTNQ7O3sCRnuLsoHbOMB8TE9MZ1z3b0YJzG0s6HAaHv1CcduJDAP8p/I35cJHrOA8fYGLD r/1kkgOAJYUeoAGOAJfQ8DeBYi7/QGM= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1629823366; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=isWYk1M9QNpuXO9FuRvRqheKfZRsPlpGtIepCxZVGoc=; b=TSjiA3LU1IdqszN3kR75s+E5wZotvKNo0OTMha2vwKDn84PJgVK827o+24QsOPTan+bn6k KZ45+rhl2dxSssAg== Received: from imap1.suse-dmz.suse.de (imap1.suse-dmz.suse.de [192.168.254.73]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap1.suse-dmz.suse.de (Postfix) with ESMTPS id E5B1213A5B; Tue, 24 Aug 2021 16:42:44 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap1.suse-dmz.suse.de with ESMTPSA id XsHLNYQhJWFeXQAAGKfGzw (envelope-from ); Tue, 24 Aug 2021 16:42:44 +0000 Date: Tue, 24 Aug 2021 18:42:43 +0200 From: Joerg Roedel To: Dave Hansen Cc: Brijesh Singh , x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org, Thomas Gleixner , Ingo Molnar , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com Subject: Re: [PATCH Part2 v5 08/45] x86/fault: Add support to handle the RMP fault for user address Message-ID: References: <20210820155918.7518-1-brijesh.singh@amd.com> <20210820155918.7518-9-brijesh.singh@amd.com> <19599ede-9fc5-25e1-dcb3-98aafd8b7e87@amd.com> <3f426ef8-060e-ccc9-71b9-2448f2582a30@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3f426ef8-060e-ccc9-71b9-2448f2582a30@intel.com> Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Mon, Aug 23, 2021 at 07:50:22AM -0700, Dave Hansen wrote: > It *has* to be done in KVM, IMNHO. > > The core kernel really doesn't know much about SEV. It *really* doesn't > know when its memory is being exposed to a virtualization architecture > that doesn't know how to split TLBs like every single one before it. > > This essentially *must* be done at the time that the KVM code realizes > that it's being asked to shove a non-splittable page mapping into the > SEV hardware structures. > > The only other alternative is raising a signal from the fault handler > when the page can't be split. That's a *LOT* nastier because it's so > much later in the process. > > It's either that, or figure out a way to split hugetlbfs (and DAX) > mappings in a failsafe way. Yes, I agree with that. KVM needs a check to disallow HugeTLB pages in SEV-SNP guests, at least as a temporary workaround. When HugeTLBfs mappings can be split into smaller pages the check can be removed. Regards, Joerg