Re: [PATCH v12 06/22] x86/virt/tdx: Handle SEAMCALL running out of entropy error
From: Huang, Kai
Date: Wed Jun 28 2023 - 19:30:26 EST
On Wed, 2023-06-28 at 15:02 +0200, Peter Zijlstra wrote:
> On Tue, Jun 27, 2023 at 02:12:36AM +1200, Kai Huang wrote:
>
> > cpu = get_cpu();
> > - sret = __seamcall(fn, rcx, rdx, r8, r9, out);
> > +
> > + /*
> > + * Certain SEAMCALL leaf functions may return error due to
> > + * running out of entropy, in which case the SEAMCALL should
> > + * be retried. Handle this in SEAMCALL common function.
> > + *
> > + * Mimic rdrand_long() retry behavior.
>
> Yeah, except that doesn't have preemption disabled.. you do.
>
Agreed. I'll change to only disable preemption around one SEAMCALL (for error
printing CPU id).
But doing this, it makes more sense to split this wrapper function out as a
separate patch and put it after the skeleton patch since this way we require the
caller to guarantee all online cpus must have been in VMX operation (SEAMCALL
requires CPU must be in VMX operation), which is the assumption that
tdx_enable() has anyway.
Hi Kirill/Dave/David,
Please let me know if you have comments?
> > + */
> > + do {
> > + sret = __seamcall(fn, rcx, rdx, r8, r9, out);
> > + } while (sret == TDX_RND_NO_ENTROPY && --retry);
> > +
> > put_cpu();