Re: [PATCH v2 1/2] x86/sev: Put PSC struct on the stack in prep for unaccepted memory support

From: Tom Lendacky
Date: Fri Aug 12 2022 - 10:11:38 EST

Next message: Jason Gunthorpe: "Re: drivers/vfio/vfio_iommu_type1.c:2147:35: warning: cast to smaller integer type 'enum iommu_cap' from 'void *'"
Previous message: Pali Rohár: "[PATCH v2] PCI: mvebu: Fix endianity when accessing pci emul bridge members"
In reply to: Borislav Petkov: "Re: [PATCH v2 1/2] x86/sev: Put PSC struct on the stack in prep for unaccepted memory support"
Next in thread: Borislav Petkov: "Re: [PATCH v2 1/2] x86/sev: Put PSC struct on the stack in prep for unaccepted memory support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 8/12/22 08:03, Borislav Petkov wrote:

On Mon, Aug 08, 2022 at 12:16:24PM -0500, Tom Lendacky wrote:

In advance of providing support for unaccepted memory, switch from using
kmalloc() for allocating the Page State Change (PSC) structure to using a
local variable that lives on the stack. This is needed to avoid a possible
recursive call into set_pages_state() if the kmalloc() call requires
(more) memory to be accepted, which would result in a hang.

I don't understand: kmalloc() allocates memory which is unaccepted?

In order to satisfy the kmalloc() some memory has to be accepted. So it tries to accept some additional memory, but we're already in the accept memory path... deadlock.

The current size of the PSC struct is 2,032 bytes. To make the struct more
stack friendly, reduce the number of PSC entries from 253 down to 64,
resulting in a size of 520 bytes. This is a nice compromise on struct size
and total PSC requests.

Why can't you simply allocate that one PSC page once at boot, accept the
memory for it and use it throughout? Under locking, ofc, if multiple PSC
calls need to happen in parallel...

Instead of limiting the PSC req size.

There was a whole discussion on this and I would prefer to keep the ability to parallelize PSC without locking.

@@ -1254,6 +1260,8 @@ void setup_ghcb(void)
if (cc_platform_has(CC_ATTR_GUEST_SEV_SNP))
snp_register_per_cpu_ghcb();
+ ghcb_percpu_ready = true;

You know how I can't stand those random boolean vars stating something
has been initialized?

Can't you at least use some field in struct ghcb.reserved_1[] or so
which the spec can provide to OS use so that FW doesn't touch it?

Well when we don't know which GHCB is in use, using that reserved area in the GHCB doesn't help. Also, I don't want to update the GHCB specification for a single bit that is only required because of the way Linux went about establishing the GHCB usage.

Thanks,
Tom

And then stick a "percpu_ready" bit there.

Thx.

Next message: Jason Gunthorpe: "Re: drivers/vfio/vfio_iommu_type1.c:2147:35: warning: cast to smaller integer type 'enum iommu_cap' from 'void *'"
Previous message: Pali Rohár: "[PATCH v2] PCI: mvebu: Fix endianity when accessing pci emul bridge members"
In reply to: Borislav Petkov: "Re: [PATCH v2 1/2] x86/sev: Put PSC struct on the stack in prep for unaccepted memory support"
Next in thread: Borislav Petkov: "Re: [PATCH v2 1/2] x86/sev: Put PSC struct on the stack in prep for unaccepted memory support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]