Received: by 2002:a05:6358:e9c4:b0:b2:91dc:71ab with SMTP id hc4csp6880175rwb; Wed, 10 Aug 2022 02:51:08 -0700 (PDT) X-Google-Smtp-Source: AA6agR4koG43HR6XgfLsz08BUJYSLJdy4iX7Tpq41QRI3CZNV0BJUZ+oFcyolfHoVaANU3yPGbTn X-Received: by 2002:a05:6402:27cf:b0:43f:f6a:3286 with SMTP id c15-20020a05640227cf00b0043f0f6a3286mr23031140ede.1.1660125068227; Wed, 10 Aug 2022 02:51:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1660125068; cv=none; d=google.com; s=arc-20160816; b=u4bM4P3ApNJ18aZ5+8iz+l69OGTAmAYplZcJtFwKAYZoazqqjF8PxlXQ8Zy+BcUNta hnNcz2Dl763DTA1SNEmLJsTjqjOvf+TvKz0HMmjDXfU9/HpGaWjQyHlpiMpVg5HXvgfY 5Rr53wVHeKox2Eq0CyuTBoCyJlSwlRTfEcd7D+ioG81CQm2/uw3aE/IXzyb+ufAZigIC 8xALvwVTBxrEzyvA6Zar9EQhZy1upI002OmLdE3n2g9IW2I4sO0zRVVNUr5J1GcMNAgD KqWwIZYrsvU/oLF0TwTGJ/zgbGIvKcZ5d6dYIZZBAu+4YR/LhONRmYjFRSg7hdKtRmTg +cJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=Lg0bjIUF/mk/gAoLNHDftsiQImL/TihLBQ1unQ3ZWpQ=; b=LBvPT7uaPbSt9KMk30+Gf6XQgyfNMeOV7ua2p6cy6J6pVweWDfB7EGTOjOSowz/jCw Ucw4on+qKvW2ZZHJhYf+WMDXud4Kcs2usjA5Svb3qRhZFVghoDXmQ0VPQlzaVfL/pV40 V72EhBepTGsAYt5/m4EFWM4/7TiplCtXh3gvplZ13Wt4WQa8Dz7mSRrweET/TF3NsN5d Fah0B/stOYTliPucnRU2AoCmg0bqsEwwt+tyVyfQRFVWIXoKb760WG7V9/fAdSTZJrha bP/Mfzt4AurC/mNB0KHZ+fic15DOZkP89+kLiAFVyoKqNZuZl+kPcNGlSEyOXb+HpTcC ljTg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=AIj2iYxV; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o16-20020a056402439000b0043d66ad55c9si11702969edc.101.2022.08.10.02.50.34; Wed, 10 Aug 2022 02:51:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=AIj2iYxV; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229951AbiHJJmh (ORCPT + 99 others); Wed, 10 Aug 2022 05:42:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43002 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231499AbiHJJmP (ORCPT ); Wed, 10 Aug 2022 05:42:15 -0400 Received: from mail.skyhub.de (mail.skyhub.de [5.9.137.197]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CDC072BF1; Wed, 10 Aug 2022 02:42:13 -0700 (PDT) Received: from zn.tnic (p200300ea971b9870329c23fffea6a903.dip0.t-ipconnect.de [IPv6:2003:ea:971b:9870:329c:23ff:fea6:a903]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 243361EC0495; Wed, 10 Aug 2022 11:42:08 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1660124528; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=Lg0bjIUF/mk/gAoLNHDftsiQImL/TihLBQ1unQ3ZWpQ=; b=AIj2iYxVK4108GPMfeeOPesMiFf/otTqH273QTt3qHw2Qen4RGdW80RP4idJ3ahNdb/3tf YgpmBsp1NHmAdSFu5+S+C3ycqyrXzkpWZXzbIGH+8yYmh5e6NTlQKMUiICNKbHL90GCpBi dsubLvV6cbhLbXTbgsBLObOWi8NOT0U= Date: Wed, 10 Aug 2022 11:42:04 +0200 From: Borislav Petkov To: "Kalra, Ashish" Cc: "x86@kernel.org" , "linux-kernel@vger.kernel.org" , "kvm@vger.kernel.org" , "linux-coco@lists.linux.dev" , "linux-mm@kvack.org" , "linux-crypto@vger.kernel.org" , "tglx@linutronix.de" , "mingo@redhat.com" , "jroedel@suse.de" , "Lendacky, Thomas" , "hpa@zytor.com" , "ardb@kernel.org" , "pbonzini@redhat.com" , "seanjc@google.com" , "vkuznets@redhat.com" , "jmattson@google.com" , "luto@kernel.org" , "dave.hansen@linux.intel.com" , "slp@redhat.com" , "pgonda@google.com" , "peterz@infradead.org" , "srinivas.pandruvada@linux.intel.com" , "rientjes@google.com" , "dovmurik@linux.ibm.com" , "tobin@ibm.com" , "Roth, Michael" , "vbabka@suse.cz" , "kirill@shutemov.name" , "ak@linux.intel.com" , "tony.luck@intel.com" , "marcorr@google.com" , "sathyanarayanan.kuppuswamy@linux.intel.com" , "alpergun@google.com" , "dgilbert@redhat.com" , "jarkko@kernel.org" Subject: Re: [PATCH Part2 v6 09/49] x86/fault: Add support to handle the RMP fault for user address Message-ID: References: <0ecb0a4781be933fcadeb56a85070818ef3566e7.1655761627.git.ashish.kalra@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Wed, Aug 10, 2022 at 03:59:34AM +0000, Kalra, Ashish wrote: > Actually SNP feature can be enabled globally, but SNP is activated on a per VM basis. > > From the APM: > The term SNP-enabled indicates that SEV-SNP is globally enabled in the SYSCFG > MSR. The term SNP-active indicates that SEV-SNP is enabled for a specific VM in the > SEV_FEATURES field of its VMSA Aha, and I was wondering whether "globally" meant the RMP needs to cover all physical memory but I guess that isn't the case: "RMP-Covered: Checks that the target page is covered by the RMP. A page is covered by the RMP if its corresponding RMP entry is below RMP_END. Any page not covered by the RMP is considered a Hypervisor-Owned page." > >You need to elaborate more here: a RMP fault can happen and then the > >page can get unmapped? What is the exact scenario here? > > Yes, if the page gets unmapped while the RMP fault was being handled, > will add more explanation here. So what's the logic here to return 1, i.e., retry? Why should a fault for a page that gets unmapped be retried? The fault in that case should be ignored, IMO. It'll have the same effect to return from do_user_addr_fault() there, without splitting but you need to have a separate return value definition so that it is clear what needs to happen. And that return value should be != 0 so that the current check still works. > Actually, the above computes an index into the RMP table. What index in the RMP table? > It is basically an index into the 4K page within the hugepage mapped > in the RMP table or in other words an index into the RMP table entry > for 4K page(s) corresponding to a hugepage. So pte_index(address) and for 1G pages, pmd_index(address). So no reinventing the wheel if we already have helpers for that. > It is mainly a wrapper around__split_huge_pmd() for SNP use case where > the host hugepage is split to be in sync with the RMP table. I see what it is. And I'm saying this looks wrong. You're enforcing page splitting to be a valid thing to do only for SEV machines. Why? Why is if (!IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT)) return VM_FAULT_SIGBUS; there at all? This is generic code you're touching - not arch/x86/. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette